• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8025
  • Last Modified:

Exchange 2010 Testing the OPTIONS command failed - Activesync

After about a week of diagnostics, i finally have RPC working on my Exchange 2010 system.  Now I just can't seem to sync to Exchange with my droid using activesync.   Here's from the connectivity test...

User is a domain admin.

 Testing Exchange ActiveSync  
  Exchange ActiveSync test Failed
   Test Steps
   Attempting to resolve the host name mail.tomtcscomputers.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 65.78.53.166  
 
 Testing TCP Port 443 on host mail.tomtcscomputers.com to ensure it is listening and open.
  The port was opened successfully.
 Testing SSL Certificate for validity.
  The certificate passed all validation requirements.
   Test Steps
   Validating certificate name
  Successfully validated the certificate name
   Additional Details
  Found hostname mail.tomtcscomputers.com in Certificate Subject Common name  
 
 Validating certificate trust for Windows Mobile Devices
  The test passed with some warnings encountered. Please expand additional details.
   Additional Details
  Certificate is only trusted on Windows Mobile 6.0 and later. Windows Mobile 5.0 and 5.0 + MSFP devices will not be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US  
 
 Testing certificate date to ensure validity
  Date Validation passed. The certificate is not expired.
   Additional Details
  Certificate is valid: NotBefore = 4/22/2010 1:52:42 AM, NotAfter = 4/6/2013 5:12:43 PM"  
 
 
 
 Testing Http Authentication Methods for URL https://mail.tomtcscomputers.com/Microsoft-Server-Activesync/ 
  Http Authentication Methods are correct
   Additional Details
  Found all expected authentication methods and no disallowed methods. Methods Found: Basic  
 
 Attempting an ActiveSync session with server
  Errors were encountered while testing the ActiveSync session
   Test Steps
   Attempting to send OPTIONS command to server
  Testing the OPTIONS command failed. See Additional Details for more info
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from IIS7
0
tomtcs
Asked:
tomtcs
  • 6
  • 5
  • 4
1 Solution
 
BusbarSolutions ArchitectCommented:
do you use a commercial certificate. if yes then does the test user belongs to domain admin group if yes can you try using a regular user
0
 
tomtcsAuthor Commented:
Has a certificate from Godaddy.  Haven't tried it with a test user since the user that the device is for is a domain admin and the user already has mail in his inbox.  Hopefully there is a work around for this.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
This problem is for sure related with the inheritable permissions in the AD for that user. Go to AD users and computers, check the advanced options, go to the properties of the user, security tab->advanced .. and check the inheritable permissions for that user.. it should solve.. normally it happens on users migrated from exchange 2003 or 2007 and users that are domain admins and dont have inheritable permissions enabled on the user object.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
BusbarSolutions ArchitectCommented:
we have seen issues in this part, so if you can try with a test user and see how it works this will enlighted us where to go
0
 
tomtcsAuthor Commented:
tried it with a user "test" that was just newly created, and still fails at the same point on the testing.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
have you checked the user permissions on the AD?
0
 
tomtcsAuthor Commented:
what should typically be there on a 2008 AD server for the user?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
on the security tab-> advanced options you should have inheritable permissions checked for the user.
0
 
BusbarSolutions ArchitectCommented:
normally allow enheritance of security permissions on the users but this will be set by default double check it it won't harm
0
 
tomtcsAuthor Commented:
its checked on the user now and still tests fail at the same point.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
Do you have any user that works? this must be a permissions probkem (of the user object in AD) and therefore you need to compare permissions with a working user.. if you have one..
0
 
tomtcsAuthor Commented:
no users at this time working since this is a brand new server install...
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
error 401 is one authentication error. are you putting domain\username? and the password is correct right?
0
 
BusbarSolutions ArchitectCommented:
did you try to login from www.testexchangeconnectivity.com and see the results
0
 
tomtcsAuthor Commented:
you are fantastic! I was doing it as test@tomtcscomputers.local for authentication rather then tomtcscomputers\test.  After i changed it, passed all tests!  Fantastic, thanks a million!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 6
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now