TSCF_EMS
asked on
Microsoft Exchange Server ActiveSync
After some trouble shooting to get OWA and SSL functioning correctly I am now having an issue with Windows Mobile connecting via activesync.
SSL Cert is applies at the "Default Web Site", SSL not forced at this level.
Public - SSL, 128 bit forced.
Exchange - SSL, 128 bit forced.
Exadmin - SSL, 128 bit forced.
OMA - SSL, 128 bit forced.
Microsoft-Server-Activesyn c - SSL, 128 bit forced.
ExchWeb - SSL, 128 bit forced.
Activesync on Windows Mobile throws status result "You have stopped synchronization".
OWA is working fine over HTTPS.
Any ideas why Activesync will not connect?
SSL Cert is applies at the "Default Web Site", SSL not forced at this level.
Public - SSL, 128 bit forced.
Exchange - SSL, 128 bit forced.
Exadmin - SSL, 128 bit forced.
OMA - SSL, 128 bit forced.
Microsoft-Server-Activesyn
ExchWeb - SSL, 128 bit forced.
Activesync on Windows Mobile throws status result "You have stopped synchronization".
OWA is working fine over HTTPS.
Any ideas why Activesync will not connect?
ASKER
I just removed SSL force on OMA and Microsoft-Server-Activesyn c , restarted IIS and I am still having the same issue.
Hi,
First are we trying OMA or ActiveSync these are 2 different features of Exchange.
IF we are using ActiveSync then try to sync the mobile device without SSL i.e. uncheck the require SSL checkbox on the mobile device while creating an ActiveSync profile under server address. Try to browse Microsoft-Server-Activesyn c on the server itself like http://localhost/Microsoft-Server-Activesync and see what it returns. The expected result is http 501/505 - Not Implemented. Are we using Exchange 2003 or 2007. If we are using 2003 then is it a Sinlge server scenario or Front-End and Back-end scenario?
Imran
First are we trying OMA or ActiveSync these are 2 different features of Exchange.
IF we are using ActiveSync then try to sync the mobile device without SSL i.e. uncheck the require SSL checkbox on the mobile device while creating an ActiveSync profile under server address. Try to browse Microsoft-Server-Activesyn
Imran
ASKER
Currently the issue I need resolved is Activesync.
In IIS:
Microsoft-Server-Activesyn c SSL is disabled
On Win Mobile:
SSL is unchecked.
Result:
"You have stopped synchronization"
When I browse "http://localhost/Microsoft-Server-Activesync " from Exchange server I get
HTTP 400 - Bad Request
Internet Explorer
This is a Exchange 03 single server.
In IIS:
Microsoft-Server-Activesyn
On Win Mobile:
SSL is unchecked.
Result:
"You have stopped synchronization"
When I browse "http://localhost/Microsoft-Server-Activesync " from Exchange server I get
HTTP 400 - Bad Request
Internet Explorer
This is a Exchange 03 single server.
hi,
it looks like the "http://localhost/Microsoft-Server-Activesync" is not working properly yu should me getting 501/505 error there
try this http://support.microsoft.com/kb/883380 it will refresh your metabase
and also check KB 817379 Method 2 this should not be implimented on the server (if not using ssl on the server)
note:- if you are using SSI an if you have FBA enabled please follow method 2 of KB 817379
it looks like the "http://localhost/Microsoft-Server-Activesync" is not working properly yu should me getting 501/505 error there
try this http://support.microsoft.com/kb/883380 it will refresh your metabase
and also check KB 817379 Method 2 this should not be implimented on the server (if not using ssl on the server)
note:- if you are using SSI an if you have FBA enabled please follow method 2 of KB 817379
Try following KB article http://support.microsoft.com/kb/883380 and re-create the Exchange VDirs
Do you get any specific error code in the Mobile Device. That can help us
ASKER
After recreating the "Microsoft-Server_Activesy nc" virtual directory I get the following in Activesync on the Win Mobile device.
Support code:0x85010014
Support code:0x85010014
Perfect now it seems like we are on the right track. Check these 3 things.
1. Disable SSL on Exchange VDir
2. Make Sure Integrated and Basic Authentication is selected for Exchange VDir
3. Disabled Forms Based Authentication and restart IIS
After following the above try to sync and I believe we should be able to. If this works and you would want to Enable SSL for Exchange and Forms Based Authentication then follow the KB article http://support.microsoft.com/kb/817379
1. Disable SSL on Exchange VDir
2. Make Sure Integrated and Basic Authentication is selected for Exchange VDir
3. Disabled Forms Based Authentication and restart IIS
After following the above try to sync and I believe we should be able to. If this works and you would want to Enable SSL for Exchange and Forms Based Authentication then follow the KB article http://support.microsoft.com/kb/817379
Follow the Method 2 of the KB http://support.microsoft.com/kb/817379
ASKER
Have completed method 2 of KB 817379 and I am still not able to connect with Active Sync.
So now:
Microsoft-Server-Activesyn
exchange-oma = SSL off
Forms Auth. = is on
Can u browse Exchange-oma and does that bring Up OWA? Is the authentication on the Exchange-oma directory Basic and Integrated Windows? The authentication on Microsoft-Server-Activesyn c should be basic. What is the error code on the Mobile Device?
ASKER
Q. Can u browse Exchange-oma and does that bring Up OWA?
A. No, I get a HTTP 400 - Bad Request
Internet Explorer error.
Q. Is the authentication on the Exchange-oma directory Basic and Integrated Windows?
A.Yes
Q. The authentication on Microsoft-Server-Activesyn c should be basic.
A. Confirmed.
Q. What is the error code on the Mobile Device?
A. Status screen displays, "You have stopped synchronization" with no support code.
A. No, I get a HTTP 400 - Bad Request
Internet Explorer error.
Q. Is the authentication on the Exchange-oma directory Basic and Integrated Windows?
A.Yes
Q. The authentication on Microsoft-Server-Activesyn
A. Confirmed.
Q. What is the error code on the Mobile Device?
A. Status screen displays, "You have stopped synchronization" with no support code.
817379 has some flaws. If you have a bad configuration in place then it brings it across.
What you need to do is remove the require SSL option from the entire site, then reset the virtual directories. Ensure that forms based authentication is DISABLED.
Then complete the steps in 817379 before making any other changes.
Simon.
What you need to do is remove the require SSL option from the entire site, then reset the virtual directories. Ensure that forms based authentication is DISABLED.
Then complete the steps in 817379 before making any other changes.
Simon.
Hi,
your Exchange-OMA VD is the copy of you exchange virtual directory.
1. please remove SSL and FBA
2. Undo the changes you have made while following KB 817379 Method 2
3. Delete the exchange-oma VD
4. Follow the KB http://support.microsoft.com/kb/883380 to recreate the VD
5. Try and brows the Exchange virtual directory and it should be able to open the mailbox
6. Follow KB 817379 (SSL Should not be enabled while you create the Copy of Exchange virtual directory)
after this try and sync you mobile device hope this will help you
Thanks,
Sam
your Exchange-OMA VD is the copy of you exchange virtual directory.
1. please remove SSL and FBA
2. Undo the changes you have made while following KB 817379 Method 2
3. Delete the exchange-oma VD
4. Follow the KB http://support.microsoft.com/kb/883380 to recreate the VD
5. Try and brows the Exchange virtual directory and it should be able to open the mailbox
6. Follow KB 817379 (SSL Should not be enabled while you create the Copy of Exchange virtual directory)
after this try and sync you mobile device hope this will help you
Thanks,
Sam
ASKER
Ok Sam,
I completed your suggestion. and now I am actually getting a support code on the Win Mobile device.
Support code: 0x85010014
Current config:
FBA is disabled
SSL is disabled
I still get an HTTP 400 error when trying to browse http://localhost/exchange-oma from the local exchange box.
I completed your suggestion. and now I am actually getting a support code on the Win Mobile device.
Support code: 0x85010014
Current config:
FBA is disabled
SSL is disabled
I still get an HTTP 400 error when trying to browse http://localhost/exchange-oma from the local exchange box.
please try this
http://support.microsoft.com//kb/330463
http://support.microsoft.com//kb/330463
one more this if you have disabled the FBA and SSL you dont need the Exchange-oma vdir
Please delete the Exchange-oma VD and delete the registery key
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\Mas Sync\Param eters
(ExchangeVDir)
and try to sync the device withought SSL
Thanks,
Sam
Please delete the Exchange-oma VD and delete the registery key
HKEY_LOCAL_MACHINE\SYSTEM\
(ExchangeVDir)
and try to sync the device withought SSL
Thanks,
Sam
ASKER
I will want to enable SSL and FBA in the final configuration of this. If I delete Exchange-oma VD will I still be able to do this?
yeh sure we will be able to do that later
lets make it work on HTTP (80)
then we can configure it for HTTPS (443)
Thanks,
Sam
lets make it work on HTTP (80)
then we can configure it for HTTPS (443)
Thanks,
Sam
ASKER
Sam,
Same result.
Same result.
Assistance off site is against the rules of the site.
Simon.
Simon.
ASKER
Ok, I didnt know that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
that should solve it.
greetings.