ActiveSync Stopped Working With iPhones

Posted on 2010-08-27
Last Modified: 2012-06-27
This was working fine until Monday, when I had another problem and had to do a repair on the server. Anyway, OWA quit working (440 Login failed problem), but ActiveSync still worked. So, I reset a bunch of settings in IIS, and got OWA working, but now ActiveSync does not work. I've tried the solution presented here:

In fact, I had already implemented it before, but this time it did not fix the problem.

Server 2003 SP2


ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned:

Testing TCP Port 443 on host to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 Certificate is only trusted on Windows Mobile 6.0 and later. Windows Mobile 5.0 and 5.0 + MSFP devices will not be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US

The certificate date is being confirmed to ensure the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 Certificate is valid: NotBefore = 4/27/2010 8:29:23 PM, NotAfter = 5/2/2012 11:21:26 PM"

The IIS configuration is being checked for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates not configured.

Testing Http Authentication Methods for URL
 The HTTP authentication methods are correct.
 Additional Details
 Found all expected authentication methods and no disallowed methods. Methods Found: Basic

An ActiveSync session is being attempted with the server.
 Errors were encountered while testing the ActiveSync session
 Test Steps
 ExRCA is attempting to send the OPTIONS command to the server.
 OPTIONS response was successfully received and is valid
 Additional Details
 Headers received: Pragma: no-cache
MS-Server-ActiveSync: 6.5.7638.1
MS-ASProtocolVersions: 1.0,2.0,2.1,2.5
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify
Content-Length: 0
Date: Fri, 27 Aug 2010 17:22:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

ExRCA is attempting the FolderSync command on the Exchange ActiveSync session.
 The test of the FolderSync command failed.
 Additional Details
 An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: <body><h2>HTTP/1.1 403 Forbidden</h2></body>

Question by:laurin1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Author Comment

ID: 33544767
I'm about to reset all the directories, per this:
LVL 76

Accepted Solution

Alan Hardisty earned 500 total points
ID: 33544820
That is the recommended KB for a 403 error with Exchange 2003 / Activesync.

Run through my article - which I imagine you have found based on the previous question and if you get stuck or run out of article fixes, please let me know.

Author Comment

ID: 33544849
I had done that, except for the resetting of the directories....and it worked! I need forms-based authenication, and right now, it's turned off. So, before I turn it on, do I need to do the ExchangeVDir thing?
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33544877
If you need FBA enabled, follow KB 817379 and create the exchange-oma virtual directory, set Exchange to require SSL and you should be okay.
LVL 76

Expert Comment

by:Alan Hardisty
ID: 33544995
I will go through your question later on this evening and obscure your domain name / IP address to protect your identity.

Glad you are sorted.

Thanks for the points.


Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question