Solved

exchange 2003 cant sync phones after emergency restore

Posted on 2010-08-28
16
470 Views
Last Modified: 2012-08-13
We had a drive go out in our exchange 2003 server and had to restore it from a backup.  We used backup exec to restore it to a new machine.  Everything seems to work exctly as it did before with one exception.  The phones do not receive push updates from exchange unless there computers are on and outlook is open.  

What I did to verify this:
1) had a user turn off her machine.  
2) had another user send her a couple test messages.
3) waited 30 minutes to verify that the mail was not coming to the phone
4) jumped in my car and drove about two miles down the road to make sure that I was not connected to anything like bluetooth that would other wise sync the phone.
5) verified that the phone was connected to the carriers network (AT&T 3G network) by browsing.
6) called back to the office while I was still two miles down the road and had the owner of the phone startup the machine, but not turn on outlook.  I waited 10 minutes to verify that no messages were coming through
7)had the user startup outlook.  With in 30 seconds of the user starting up outlook the messages started appearing on the phone.
8) drove back to the office scratching my head.

I have verified this with both smartphones (windows mobile 6.1) and iphones.  The blackberries that simply use pop3 seem to work just fine.  These users need there calendar, tasks, etc so I cant just set them up on pop3.  Right now, as a work around, I just have them leaving there computers on and locking there desktops when they leave, but this is not a viable long term solution.

products used:
exchange 2003 on SBS 2003 server
outlook 2003 and 2007
Iphones
windows mobile 6.1

Thank you for your help
0
Comment
Question by:koffea
  • 8
  • 5
  • 3
16 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
Comment Utility
An extract from my Exchange 2003 / Activesync article should resolve this issue for you.  Please add the following registry key and see if all is well:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798.html
If you are getting inconsistent Synchronisation from your :
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\VirusScan
ProactiveScanning      REG_DWORD      1
 
0
 
LVL 24

Expert Comment

by:bryon44035v3
Comment Utility
wow that's a really interesting situation you're in there.

have you reattached the phones to the activesync server, or do you have the same settings as pre-crash?

are you sure the phones are set to activesync and not some 3rd party desktop redirector software?

with outlook closed on related machines, what do you get from www.testexchangeconnectivity.com when testing for activesync?

is the server the same name, how about your SSL certificate if any?

0
 

Author Comment

by:koffea
Comment Utility
this is what I changed

Exchange Virtual Directory
• Authentication = Integrated & Basic || was Basic only
• Default Domain = junk || was \
• Realm = junk.local || was just blank

Microsoft-Server-Activesync Virtual Directory
• Realm = junk || was blank

OMA Virtual Directory
• Realm = junk || was just blank

Exchange-oma Virtual Directory
• Default Domain = junk || was \
• Realm = junk || was just blank

tested this and seems to be fine. Ill have to wait till monday to see if this fixed it.
0
 

Author Comment

by:koffea
Comment Utility
have you reattached the phones to the activesync server, or do you have the same settings as pre-crash?
we have identical settings

are you sure the phones are set to activesync and not some 3rd party desktop redirector software?
this is why i took the phone out of the office.  i wanted to make sure they were not syncing with third party tools.  the phones are set to active sync

with outlook closed on related machines, what do you get from www.testexchangeconnectivity.com when testing for activesync?
tests fine except for certificate.  they have never had a valid cert from a third party

is the server the same name, how about your SSL certificate if any?
they have never had a valid cert from a third



0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
The Default Domain / Realm are not generally mission critical, but I have seen instances where they were not present and Activesync did not work, but adding them made it work again!
0
 

Author Comment

by:koffea
Comment Utility
as far as I can tell this did not work, but I am taking there word for it.  I have not gone there and visually checked myself.

another newly found piece.  The outlook 2003 clients appear to be defaulting to offline, and randomly switching to offline.
0
 
LVL 24

Expert Comment

by:bryon44035v3
Comment Utility
I've seen the offline happen if the msex system attendant servis is stopped
0
 

Author Comment

by:koffea
Comment Utility
the msex system attendant appears to be doing fine
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Can you re-install Exchange 2003 Service Pack 2 again please.
0
 

Author Comment

by:koffea
Comment Utility
ill see if i can install sp2 again tonight.  

just want to verify one thing.  You do not need an ssl cert besides the default one on exchange 2003 in order to sync phones?
I am asking because i thought you did on exch 2007 and 2010
0
 

Author Comment

by:koffea
Comment Utility
one other update:

someone here called at&t told them that this version of exchange is no longer supporteed by there at&t.  they want to charge about 20/person to enable phone syncing.  sounds like a scam, but i thought i would ask.
0
 
LVL 24

Expert Comment

by:bryon44035v3
Comment Utility
that is for certain a scam, it has been proven time and time again that you DONT need anything special from at+t for activesync.

however, the newest update for iphone (version 4?) does have issues with exchange...  same with the latest android froyo update (2.2)

for the droids, i've made them work by changing the iis ssl cert binding to IGNORE client certificates rather than the default "accept"

some mobile devices simply will NOT accept self-signed certs as they're technically invalid

sometimes you can get around this by installing the self-signed cert to the phone itself (i don't know how to do this tho), other times the phone will let you checkmark "accept all certificates"

this is similar to internet explorer 7+8 how it always shows a red address bar for self-signed certs, and you have to click "connect anyway (not recommended)"

same with firefox - you have to add an exception


(unless you add the self signed cert to your enterprise trust store)
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
With Self-Signed Certificates, the name on the certificate has to be a Fully Qualified Domain Name (e.g., mail.yourdomain.com) and the name must resolve in DNS to the IP Address of your server.
3rd Party SSL certificates can be easier to implement / use and are cheap to buy for Exchange 2003 as only a single name SSL cert is required.
On some mobile phones, if the cert is self-issued, it will have to be installed onto the phone for it to work happily (due to the lack of trust), so this is another reason why 3rd Party SSL certificates can make life easier and save you money in the long run, depending on how many devices you have to install the certificate to.
0
 

Author Comment

by:koffea
Comment Utility
ok - its all working.

went back through this to make sure i was covering everything:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798.html

turns out
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\VirusScan
ProactiveScanning      REG_DWORD      1

recomended by alanhardisty in the first post was getting reset back to 0 by AVG.  So even though i would manually set it, the program would set it back.  I went in avg and selected proactive and background.  Then went back into the registry and told it to reset the av.  Then everyone got there emails.

still have one odd issue but i dont think it is related.  One user on a mobile 6.1 device can only receive phone calls when her computer is on and outlook is loaded.  I have not verified this yet for myself.  Will be seeing her tomorrow hopefully.
0
 

Author Closing Comment

by:koffea
Comment Utility
explained all but about 5% of the issue.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
>>One user on a mobile 6.1 device can only receive phone calls when her computer is on and outlook is loaded<<
Very weird, I have never seen this sort of problem before.  I would suggest resetting the device (removing Activesync profile), then re-adding it. If that fails, Hard Reset the device and set it up again.
Glad that the other issue is resolved and sorry that AVG messed with the setting.  Pesky software : )
Thanks for the points.
Alan
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Resolve DNS query failed errors for Exchange
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now