Mobile Phone 0x85010014 after running Internet Connection Wizard SBS 2003

Mobile Phone 0x85010014 after running Internet Connection Wizard SBS 2003

For years I never had a problem syncing my Exchange information with the SBS 2003 server with my Verizon mobile phone until I ran the Internet Connection Wizard to fix a problem that the best practices tool said I should fix.  I can still access Outlook from a webpage.  It's just the Active Sync error 0x85010014 on my phone that is keeping it from Syncing.  Any ideas?
ascndAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
What did you change when running the CEICW? Perhaps the certificate?
Rob WilliamsCommented:
If the sertificate changed or any other setting you will need to create a new connection to the Phone

Several suggestions in the following link related to that error, from making sure Outlook is open when you first sync to a test tool at the bottom of the link
http://social.technet.microsoft.com/Forums/en/exchangesvrmobility/thread/f5e9c302-5952-424a-840e-5768ccbb5aaa
Direct access to test tool:
https://store.accessmylan.com/main/diagnostic-tools?pos=nav
or another:
https://www.testexchangeconnectivity.com/Default.aspx
Alan HardistyCo-OwnerCommented:
Please have a read of my FAQ for Activesync with Exchange 2003 problems.  Re-running the wizard may have set your IIS permissions up incorrectly for Activesync and they may need adjusting.
Alternatively, if you created a new SSL certificate, you will need to import the certificate to the phone if you are using the self-signed SSL certificate that SBS uses by default.
http://www.it-eye.co.uk/faqs/readQuestion.php?qid=1 
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

ascndAuthor Commented:
I ran the ActiveSync test from www.testexchangeconnectivity.com and the result is below.  Why would Port 443 be blocked?  It's open on the firewall and properly fowared.  It must have been that darn Internet Connection Wizard.  I had all the boxes checked in the wizard for all the "services".  What do I need to change?

       Testing Exchange ActiveSync
       Exchange ActiveSync test Failed
              Test Steps
              Attempting AutoDiscover and Exchange ActiveSync Test (if requested)
       Failed to test AutoDiscover for Exchange ActiveSync
              Test Steps
              Attempting each method of contacting the AutoDiscover Service
       Failed to contact the AutoDiscover service successfully by any method
              Test Steps
              Attempting to test potential AutoDiscover URL https://xxxxxxx.com/AutoDiscover/AutoDiscover.xml
       Failed testing this potential AutoDiscover URL
              Test Steps
              Attempting to resolve the host name xxxxxxx.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: 99.99.99.99

       Testing TCP Port 443 on host xxxxxxx.com to ensure it is listening and open.
       The specified port is either blocked, not listening, or not producing the expected response.
         Tell me more about this issue and how to resolve it

              Additional Details
       A network error occurred while communicating with remote host
Exception Details:
Message: No connection could be made because the target machine actively refused it 99.99.99.99:443
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()



       Attempting to test potential AutoDiscover URL https://autodiscover.xxxxxxx.com/AutoDiscover/AutoDiscover.xml
       Failed testing this potential AutoDiscover URL
              Test Steps
              Attempting to resolve the host name autodiscover.xxxxxxx.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: 99.99.99.99

       Testing TCP Port 443 on host autodiscover.xxxxxxx.com to ensure it is listening and open.
       The specified port is either blocked, not listening, or not producing the expected response.
         Tell me more about this issue and how to resolve it

              Additional Details
       A network error occurred while communicating with remote host
Exception Details:
Message: No connection could be made because the target machine actively refused it 99.99.99.99:443
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()



       Attempting to contact the AutoDiscover service using the HTTP redirect method.
       Failed to contact AutoDiscover using the HTTP Redirect method
              Test Steps
              Attempting to resolve the host name autodiscover.xxxxxxx.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: 99.99.99.99

       Testing TCP Port 80 on host autodiscover.xxxxxxx.com to ensure it is listening and open.
       The specified port is either blocked, not listening, or not producing the expected response.
         Tell me more about this issue and how to resolve it

              Additional Details
       A network error occurred while communicating with remote host
Exception Details:
Message: No connection could be made because the target machine actively refused it 99.99.99.99:80
Type: System.Net.Sockets.SocketException
Stack Trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()



       Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
       Failed to contact AutoDiscover using the DNS SRV redirect method.
              Test Steps
              Attempting to locate SRV record _autodiscover._tcp.xxxxxxx.com in DNS.
       Failed to find AutoDiscover SRV record in DNS.
         Tell me more about this issue and how to resolve it
Rob WilliamsCommented:
You have the right domain name and it resolves to the right IP? i.e. is 99.99.99.99  (I understand you changed this) correct? It could be checking port 443 on the wrong site.

I would also verify that is correct by going to the following site and testing for port 443 from the SBS
http://www.canyouseeme.org

If it is closed, on your router make sure "UPnP" is disabled, assuming present (usually in the firewall section), manually set forward or verify port 443 is forwarded, and re-run the CEICW again making sure the following are checked:
-Outlook Web Access
-Outlook Mobile Access
-Outlook via the Internet (shouldn't be necessary but won't hurt)

Keep in mind software firewalls like McAfee, TrendMicro, etc. can block the port too.
ascndAuthor Commented:
I tried the website and 443 is open (see below) it has to be something the CEICW changed.  I have run and rerun the CEICW four times with no joy.  I have even changed the cert and reinstalled it on my mobile and still no joy.  I can use Outlook Web Access from any terminal and check my email just fine.  It's just that bloody phone.  This is driving me nuts.  Thanks for sticking with me this far.

Success: I can see your service on 99.99.99.99 on port (443)
Your ISP is not blocking port 443
Rob WilliamsCommented:
If you access OWA or better still RWW from off site do you get a certificate error?
ascndAuthor Commented:
It's a Self-Signed Cert which is what I always used so when ever I access my OWA I always get prompted with the "There is a problem with this website's security certificate." message and I just click through via the "Continue to this website (not recommended). " link.
Rob WilliamsCommented:
OWA does work from offsite though does it? That will confirm it is not a port 443 issue.

You did remove the old self signed cert from the phone, and install the new?

Other than that the only things I can think of is Exchange SP2 is not installed, but you say it was working before so that is not the case. and then possibly look at the suggestions in the link I posted earlier.
ascndAuthor Commented:
Yes, OWA does work offsite.  Yes, I installed the new cert on the phone, but I didn't do anything with the old one.

I checked and Exchange SP2 is installed.  I'll go through your posts again, but if you come up with any other ideas then please let me know.  Thanks for your all your help so far.
Rob WilliamsCommented:
You should remove the old cert as there may be a conflict  with old and new cert and same FQDN.

No other ideas right now but I will "stay tuned in".
ascndAuthor Commented:
Admin - don't close yet, still working on this.
Alan HardistyCo-OwnerCommented:
If you open up IIS and expand your default website, are the properties for the default website set to use port 80 and 443 and IP as All Unassigned?
ascndAuthor Commented:
Yes, the default website is set to use port 80 and 443 and the IP is All Unassigned.
Alan HardistyCo-OwnerCommented:
Can you please run the Exchange Activesync test at https://testexchangeconnectivity.com.
DO NOT select the autodiscover test and please enter your details in manually then run the test and post the results.
ascndAuthor Commented:
Here is the result:

 Testing Exchange ActiveSync  
  Exchange ActiveSync test Failed
   Test Steps
   Attempting to resolve the host name neohdc01.xxxxxxx.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 99.99.99.99  
 
 Testing TCP Port 443 on host neohdc01.xxxxxxx.com to ensure it is listening and open.
  The port was opened successfully.
 Testing SSL Certificate for validity.
  The SSL Certificate failed one or more certificate validation checks.
   Test Steps
   Validating certificate name
  Successfully validated the certificate name
   Additional Details
  Found hostname neohdc01.xxxxxxx.com in Certificate Subject Common name  
 
 Validating certificate trust for Windows Mobile Devices
  Certificate trust validation failed
   Tell me more about this issue and how to resolve it
   Additional Details
  The certificate chain did not end in a trusted root. Root = CN=neohdc01.xxxxxxx.com, CN=companyweb, CN=neohdc01, CN=localhost, CN=neohdc01.xxxxxxx.local  
Alan HardistyCo-OwnerCommented:
As you have a self-certified certificate, can you please select the Ignore Trust for SSL and re-run the test and re-post the results.
ascndAuthor Commented:
Sorry the above was because I didn't have the "Trust Cert" thing checked.  Here is the real test:

 Testing Exchange ActiveSync  
  Exchange ActiveSync test Failed
   Test Steps
   Attempting to resolve the host name neohdc01.xxxxxxx.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 99.99.99.99  
 
 Testing TCP Port 443 on host neohdc01.xxxxxxx.com to ensure it is listening and open.
  The port was opened successfully.
 Testing SSL Certificate for validity.
  The certificate passed all validation requirements.
   Test Steps
   Validating certificate name
  Successfully validated the certificate name
   Additional Details
  Found hostname neohdc01.xxxxxxx.com in Certificate Subject Common name  
 
 Testing certificate date to ensure validity
  Date Validation passed. The certificate is not expired.
   Additional Details
  Certificate is valid: NotBefore = 12/9/2009 4:15:43 AM, NotAfter = 12/9/2014 4:15:43 AM"  
 
 
 
 Testing Http Authentication Methods for URL https://neohdc01.xxxxxxx.com/Microsoft-Server-Activesync/ 
  Http Authentication Methods are correct
   Additional Details
  Found all expected authentication methods and no disallowed methods. Methods Found: Basic  
 
 Attempting an ActiveSync session with server
  Errors were encountered while testing the ActiveSync session
   Test Steps
   Attempting to send OPTIONS command to server
  OPTIONS response was successfully received and is valid
   Additional Details
  Headers received: MicrosoftOfficeWebServer: 5.0_Pub
Pragma: no-cache
Public: OPTIONS, POST
Allow: OPTIONS, POST
MS-Server-ActiveSync: 6.5.7638.1
MS-ASProtocolVersions: 1.0,2.0,2.1,2.5
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping
Content-Length: 0
Date: Fri, 18 Dec 2009 21:33:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

 
 
 Attempting FolderSync command on ActiveSync session
  FolderSync command test failed
   Tell me more about this issue and how to resolve it
   Additional Details
  Exchange ActiveSync returned an HTTP 500 response.  
Alan HardistyCo-OwnerCommented:
Okay - time to read my FAQ on Activesync & Exchange 2003.
http://www.it-eye.co.uk/faqs/readQuestion.php?qid=1
Please start with Method 2 of KB883380 - http://support.microsoft.com/kb/883380 and if no joy, please follow the rest of the article.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ascndAuthor Commented:
A million thank you's!!!!  What finally worked was the last part of your article which I have pasted below.  You are a savior!  Thank you so much!!!



" If okay - right-click on the Exchange Virtual Directory and select all Tasks> Save Configuration to a file. Name the file Exchange and save to the desktop
" Run Regedit (and be extremely careful here as you can kill your server very easily) then right-click on My Computer and select Export. Name the file as 'EntireRegistry' and save the backup of the registry to the desktop
" In regedit - locate HKLM \ System \ CurrentControlSet \ Services \ MasSync \ Parameters and delete the ExchangeVDir key from the right-hand pane.
" Close Regedit
" Right-click on the default-website and select New> Virtual Directory fom File. Browse to the desktop and click on the Exchange.xml that you created above, then click on Read file, select Exchange from the 'Select a configuration to import' section and click on OK. Select 'Create a new virtual Directory' and name the directory 'exchange-oma' and click OK.
" Right-click on Exchange-OMA virtual directory you just created and click Browse - you should see OWA open up happily
" Open Regedit and add the ExchangeVDir key back that you recently deleted as a String Value and then change the value to read /exchange-oma
" Close regedit
" Enable SSL and require 128-Bit Encryption on the Exchange Virtual Directory
" Enable Forms Based Authentication (if you want to use it) on Exchange> Protocols> HTTP
" Make sure that Integrated Authentication is enabled on the Exchange Virtual Directory
" Check that the Exchweb virtual directory does not have SSL enabled
" Run iisreset
" Test Activesync - should hopefully be working now
ascndAuthor Commented:
Awsome!  Just Awesome!!
Alan HardistyCo-OwnerCommented:
Ah, that part!

Yes, that has been a very useful recent addition to my FAQ .  Glad you are sorted and thanks for points.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.