Solved

Microsoft Exchange Server ActiveSync

Posted on 2009-05-04
25
1,328 Views
Last Modified: 2013-12-05
After some trouble shooting to get OWA and SSL functioning correctly I am now having an issue with Windows Mobile connecting via activesync.

SSL Cert is applies at the "Default Web Site", SSL not forced at this level.
Public - SSL, 128 bit forced.
Exchange - SSL, 128 bit forced.
Exadmin - SSL, 128 bit forced.
OMA - SSL, 128 bit forced.
Microsoft-Server-Activesync - SSL, 128 bit forced.
ExchWeb - SSL, 128 bit forced.

Activesync on Windows Mobile throws status result "You have stopped synchronization".

OWA is working fine over HTTPS.

Any ideas why Activesync will not connect?
0
Comment
Question by:TSCF_EMS
  • 10
  • 6
  • 5
  • +2
25 Comments
 
LVL 5

Expert Comment

by:RightNL
ID: 24297853
oma shouldn't be forced ssl and neither should Microsoft-Server-Activesync
that should solve it.
greetings.
0
 

Author Comment

by:TSCF_EMS
ID: 24297890
I just removed SSL force on OMA and Microsoft-Server-Activesync , restarted IIS and I am still having the same issue.
0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24297983
Hi,

First are we trying OMA or ActiveSync these are 2 different features of Exchange.
IF we are using ActiveSync then try to sync the mobile device without SSL i.e. uncheck the require SSL checkbox on the mobile device while creating an ActiveSync profile under server address. Try to browse Microsoft-Server-Activesync on the server itself like http://localhost/Microsoft-Server-Activesync and see what it returns. The expected result is http 501/505 - Not Implemented. Are we using Exchange 2003 or 2007. If we are using 2003 then is it a Sinlge server scenario or Front-End and Back-end scenario?

Imran
0
 

Author Comment

by:TSCF_EMS
ID: 24298527
Currently the issue I need resolved is Activesync.

In IIS:
Microsoft-Server-Activesync  SSL is disabled

On Win Mobile:
SSL is unchecked.

Result:
"You have stopped synchronization"

When I browse  "http://localhost/Microsoft-Server-Activesync " from Exchange server I get
 HTTP 400 - Bad Request
Internet Explorer

This is a Exchange 03 single server.
0
 
LVL 2

Expert Comment

by:Debug-Exchange
ID: 24298931
hi,
it looks like the "http://localhost/Microsoft-Server-Activesync" is not working properly yu should me getting 501/505 error there
try this http://support.microsoft.com/kb/883380 it will refresh your metabase

and also check KB 817379 Method 2 this should not be implimented on the server (if not using ssl on the server)

note:- if you are using SSI an if you have FBA enabled please follow method 2 of KB 817379  
0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24298939
Try following KB article http://support.microsoft.com/kb/883380 and re-create the Exchange VDirs
0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24298943
Do you get any specific error code in the Mobile Device. That can help us
0
 

Author Comment

by:TSCF_EMS
ID: 24299093
After recreating the "Microsoft-Server_Activesync" virtual directory I get the following in Activesync on the Win Mobile device.

Support code:0x85010014
0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24299445
Perfect now it seems like we are on the right track. Check these 3 things.
1. Disable SSL on Exchange VDir
2. Make Sure Integrated and Basic Authentication is selected for Exchange VDir
3. Disabled Forms Based Authentication and restart IIS

After following the above try to sync and I believe we should be able to. If this works and you would want to Enable SSL for Exchange and Forms Based Authentication then follow the KB article http://support.microsoft.com/kb/817379
0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24299449
Follow the Method 2 of the KB http://support.microsoft.com/kb/817379
0
 

Author Comment

by:TSCF_EMS
ID: 24299976


Have completed method 2 of KB 817379 and I am still not able to connect with Active Sync.

So now:
Microsoft-Server-Activesync = SSL is on
exchange-oma  = SSL off
Forms Auth. = is on

0
 
LVL 6

Expert Comment

by:ikshf143
ID: 24300247
Can u browse Exchange-oma and does that bring Up OWA? Is the authentication on the Exchange-oma directory Basic and Integrated Windows? The authentication on Microsoft-Server-Activesync should be basic. What is the error code on the Mobile Device?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:TSCF_EMS
ID: 24300283
Q. Can u browse Exchange-oma and does that bring Up OWA?  
A. No,  I get a HTTP 400 - Bad Request
Internet Explorer error.

Q. Is the authentication on the Exchange-oma directory Basic and Integrated Windows?    
A.Yes

Q. The authentication on Microsoft-Server-Activesync should be basic.  
A. Confirmed.

Q. What is the error code on the Mobile Device?  
A. Status screen displays, "You have stopped synchronization" with no support code.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24300426
817379 has some flaws. If you have a bad configuration in place then it brings it across.

What you need to do is remove the require SSL option from the entire site, then reset the virtual directories. Ensure that forms based authentication is DISABLED.
Then complete the steps in 817379 before making any other changes.

Simon.
0
 
LVL 2

Expert Comment

by:Debug-Exchange
ID: 24303066
Hi,
your Exchange-OMA VD is the copy of you exchange virtual directory.
1. please remove SSL and FBA
2. Undo the changes you have made while following KB 817379 Method 2
3. Delete the exchange-oma VD
4. Follow the KB http://support.microsoft.com/kb/883380 to recreate the VD
5. Try and brows the Exchange virtual directory and it should be able to open the mailbox
6. Follow KB 817379 (SSL Should not be enabled while you create the Copy of Exchange virtual directory)

after this try and sync you mobile device hope this will help you

Thanks,
Sam
0
 

Author Comment

by:TSCF_EMS
ID: 24306255
Ok Sam,
 I completed your suggestion. and now I am actually getting a support code on the Win Mobile device.
Support code: 0x85010014

Current config:
FBA is disabled
SSL is disabled

I still get an HTTP 400 error when trying to browse http://localhost/exchange-oma from the local exchange box.
0
 
LVL 2

Expert Comment

by:Debug-Exchange
ID: 24306417
0
 
LVL 2

Expert Comment

by:Debug-Exchange
ID: 24306450
one more this if you have disabled the FBA and SSL you dont need the Exchange-oma vdir

Please delete the Exchange-oma VD and delete the registery key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MasSync\Parameters
(ExchangeVDir)
and try to sync the device withought SSL

Thanks,
Sam
0
 

Author Comment

by:TSCF_EMS
ID: 24306781
I will want to enable SSL and FBA in the final configuration of this. If I delete Exchange-oma VD will I still be able to do this?
0
 
LVL 2

Expert Comment

by:Debug-Exchange
ID: 24306817
yeh sure we will be able to do that later
lets make it work on HTTP (80)
then we can configure it for HTTPS (443)

Thanks,
Sam
0
 

Author Comment

by:TSCF_EMS
ID: 24307016
Sam,
 Same result.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24309424
Assistance off site is against the rules of the site.

Simon.
0
 

Author Comment

by:TSCF_EMS
ID: 24316561
Ok, I didnt know that.
0
 

Accepted Solution

by:
TSCF_EMS earned 0 total points
ID: 24382171
No fix on this yet, it is not on the top of the priority for now so I will close this question.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video discusses moving either the default database or any database to a new volume.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now