iPhone connectivity lost after running SBS 2003 Fix my network wizard

If you are not using a DDNS service (most do not for mail servers), and the Server's public IP changed you will need to change your MX record with your domain registrar.

You can test the SBS/Exchange connectivity with:
https://www.testexchangeconnectivity.com/

I'm using AT&T's name servers and my DNS is spot on, it's an Active Sync problem.

What RobWill is trying to say is that if the external public IP address changed and for example your domain used to resolved to say 1.1.1.1 and now the public address is 2.2.2.2 then your DNS settings on the outside on in active directly need to reflect that change. If from the outside you can access http://yourhost.yourdomain.com/exchange without any issues then DNS is not the issue. Internally can you go to your sync virtual directory by http://exchangeservername/OMA?

You may also want run the wizard again and make sure you have Outlook Mobile checked in the wizard.

Let me be more specific.  AT&T gave me a subnet mask of 255.255.255.252 and it was actually a .224.  Everytime I added one of my public IPs past .196 to the 1:1 NAT internet routing stopped.  I assumed I had an issue with my SBS 2003 server, so I ran the Fix My Network wizard.  I then realized I had the wrong subnet mask and fixed my DNS issues.  Now mail is routing, websites are up at the new public IPs, but my iPhones simply won't connect to Active Sync.  I used the tools at http://www.testexchangeconnectivity.com/ and received an error at:

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name mail.backhauldirect.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 12.200.238.195

Testing TCP Port 443 on host mail.backhauldirect.com to ensure it is listening and open.
 The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 The certificate name is being validated.
 Successfully validated the certificate name
 Additional Details
 Found hostname mail.backhauldirect.com is a Wildcard Certificate match for Common name: *.backhauldirect.com

Validating certificate trust for Windows Mobile Devices
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 Certificate is only trusted on Windows Mobile 5.0 AKU2 (MSFP) and later. Windows Mobile 5.0 devices will not be able to sync. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

The certificate date is being confirmed to ensure the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 Certificate is valid: NotBefore = 8/17/2009 1:39:23 AM, NotAfter = 8/16/2011 6:01:24 PM"



The IIS configuration is being checked for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates not configured.

Testing Http Authentication Methods for URL https://mail.backhauldirect.com/Microsoft-Server-Activesync/
 The HTTP authentication methods are correct.
 Additional Details
 Found all expected authentication methods and no disallowed methods. Methods Found: Basic

An ActiveSync session is being attempted with the server.
 Errors were encountered while testing the ActiveSync session
 Test Steps
 ExRCA is attempting to send the OPTIONS command to the server.
 OPTIONS response was successfully received and is valid
 Additional Details
 Headers received: MicrosoftOfficeWebServer: 5.0_Pub
Pragma: no-cache
Public: OPTIONS, POST
Allow: OPTIONS, POST
MS-Server-ActiveSync: 6.5.7638.1
MS-ASProtocolVersions: 1.0,2.0,2.1,2.5
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping
Content-Length: 0
Date: Sun, 19 Sep 2010 14:43:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET



ExRCA is attempting the FolderSync command on the Exchange ActiveSync session.
 The test of the FolderSync command failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 Exchange ActiveSync returned an HTTP 500 response.

Sorry I have not run ito that before. I would run the SBS BPA as a start to see ir it points out any configuration issues
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=86A1AA32-9814-484E-BD43-3E42AEC7F731&displaylang=en

And you may want to see Alan's troubleshooting guide for similar issues:
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

ps- have you tried rebooting the iPhones? Recently ran into an issue with updated certs that required the iPhone simply to reboot. I appreciate the issue is different but they do not seem to auto-refresh to any changes.

reply to SOSINC3: I can resolve mail.backhauldirect.com/exchange and get into it no problems, internally when I browse to bhdsrv01/oma I get the following error message:

  A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.

I tried the reboot of the iPhones and still no joy.  Just for everyone's verification, the iPhones were previously working on Exchange before I ran the "Fix My Network" wizard.

If you can't get OMA site to come up locally, your iPhones will not work either. Look in the event log to see what errors it is recording when you are trying to access the OMA site. I would run the SBS internet connection wizard again. Make sure all the IP address/subnet/gateway/DNS are correct during the wizard process. Uncheck the Oulook Mobile Access. When it is done, run it again and this time check mark the box for Outlook Mobile Access. Then if possible, reboot the box and see if you still have issues.

The error in the logs for OMA is:

Event Type:      Error
Event Source:      MSExchangeOMA
Event Category:      (1000)
Event ID:      1503
Date:            9/19/2010
Time:            11:02:10 AM
User:            N/A
Computer:      BHDSRV01
Description:
An unknown error occurred while processing the current request:
Message: The remote server returned an error: (403) Forbidden.
Source: Microsoft.Exchange.OMA.ExchangeDataProvider
Stack trace:
   at Microsoft.Exchange.OMA.ExchangeDataProvider.OmaWebRequest.GetRequestStream()
   at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices.GetSpecialFolders()
   at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices..ctor(UserInfo user)

Message: Exception has been thrown by the target of an invocation.
Source: mscorlib
Stack trace:
   at System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean isBinderDefault)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)

Message: Exception of type Microsoft.Exchange.OMA.DataProviderInterface.ProviderException was thrown.
EventMessage:
UserMessage: A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.
Source: Microsoft.Exchange.OMA.UserInterface
Stack trace:
   at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)
   at System.Web.SessionState.SessionStateModule.RaiseOnStart(EventArgs e)
   at System.Web.SessionState.SessionStateModule.CompleteAcquireState()
   at System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData)
   at System.Web.AsyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

SOSINC3: thanks for the help, I think we're on the right track.  I'm following your instructions and I'll report back if that's not it.  If it is I'll close the question with points to you.

I'm still getting the same OMA error message.  More info...I have the NIC in this server multi-homed with 5 LAN IPs.  The main LAN IP is 10.0.3.4 but the 1:1 NAT points remote access to 10.0.3.2.

May I ask why you have it that way? I don't think it matters since at least the two you have listed are part of the same network.

the multi-home situation was an inherited mess.  I just took this opportunity to move some websites I was hosting on this server to a hosted solution elsewhere.  The server now has 1 single LAN IP address, I ran the "Repair Internet and E-mail Settings" wizard, unchecked OMA, completed the wizard, ran the "Repair Internet and E-Mail Settings" wizard again, checked OMA, completed the wizard, rebooted the server.  Now my public website works, mail.backhauldirect.com works, mail.backhauldirect.com/exchange works but mail.backhauldirect.com/oma still gives the same error.  We've ruled out the multi-home situation so now we should be able to tackle the OMA problem.  Any more ideas?

sounds like there has been some customization. By default with SBS 2008
-Https://mail.backhauldirect.com/exchange isn now mail.backhauldirect.com/owa (2003 was exchange)
-mail.backhauldirect.com/remote is now mail.backhauldirect.com
-and I am not familiar with mail.backhauldirect.com/OMA

Where much of your configuration has changed I would run the initial configuration wizards. They will repair any initial configuartions:
connect to the internet wizard
set up my internet address wizard

I would still recomend running the BPA. It is very informative on 2008. If already installed, make sure you click check for updates.

I still seem to be having some issues.  It looked like it was working, but only when the iPhones are connected via WiFi which I believe uses the Outlook Anywhere HTTP protocol and not ActiveSync.  I'm still getting ActiveSync errors like the following:

Event Type:      Error
Event Source:      Server ActiveSync
Event Category:      None
Event ID:      3005
Date:            9/19/2010
Time:            4:31:40 PM
User:            BACKHAULDIRECT\adodd
Computer:      BHDSRV01
Description:
Unexpected Exchange mailbox Server error: Server: [bhdsrv01.backhauldirect.com] User: [adodd@bdmanagedservices.com] HTTP status code: [400]. Verify that the Exchange mailbox Server is working correctly.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Have you run the BPA as of yet?

yes, what am I looking for?

If you just run it it is very good at pointing out configuration issues such as IIS, certifcates, Network, Exchange and much more. With 2008 it is very intuitive. It will produce a list of issues.

I only got 4 issues on my scan, none of them seem to pertain to this issue.  

1. NIC driver more than a year old
2. Free Disk Space is Low
3. Registry Key Exists - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft Small Business
4. Version of samsrv.dll is not current - SBS2008 migration

When I attempt to browse to https://servername/oma I get two messages in the logs

Event Type:      Information
Event Source:      MSExchangeOMA
Event Category:      (1000)
Event ID:      1001
Date:            9/19/2010
Time:            5:13:29 PM
User:            N/A
Computer:      BHDSRV01
Description:
Outlook(R) Mobile Access Browse Application started successfully.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Then I get this message

Event Type:      Error
Event Source:      MSExchangeOMA
Event Category:      (1000)
Event ID:      1503
Date:            9/19/2010
Time:            5:13:30 PM
User:            N/A
Computer:      BHDSRV01
Description:
An unknown error occurred while processing the current request:
Message: The remote server returned an error: (400) Bad Request.
Source: Microsoft.Exchange.OMA.ExchangeDataProvider
Stack trace:
   at Microsoft.Exchange.OMA.ExchangeDataProvider.OmaWebRequest.GetRequestStream()
   at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices.GetSpecialFolders()
   at Microsoft.Exchange.OMA.ExchangeDataProvider.ExchangeServices..ctor(UserInfo user)

Message: Exception has been thrown by the target of an invocation.
Source: mscorlib
Stack trace:
   at System.Reflection.RuntimeConstructorInfo.InternalInvoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean isBinderDefault)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)

Message: Exception of type Microsoft.Exchange.OMA.DataProviderInterface.ProviderException was thrown.
EventMessage:
UserMessage: A System error has occurred while processing your request. Please try again. If the problem persists, contact your administrator.
Source: Microsoft.Exchange.OMA.UserInterface
Stack trace:
   at Microsoft.Exchange.OMA.UserInterface.Global.Session_Start(Object sender, EventArgs e)
   at System.Web.SessionState.SessionStateModule.RaiseOnStart(EventArgs e)
   at System.Web.SessionState.SessionStateModule.CompleteAcquireState()
   at System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData)
   at System.Web.AsyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Sorry I was out of town and left after your last post to return home.

I am stumped. If it were me I would run the "connect to the internet wizard" and the "set up my internet address wizard". These should reset all defaults for the service.

Have you seen the following similar problem and solution:
https://www.experts-exchange.com/questions/22937751/Exchange-2003-OMA-400-Bad-Request.html

So, which answer are you accepting? It seems like what I told you to do in the beginning is what you ended up doing.

I was trying to split the points between you and RobWill

Ok do what ever you think is right.

Not questioning the point allocation at all. Points don't buy much :-)
However for those that follow: it seems to me sosinc3 that after your first suggestion the reply was ; "I'm still getting the same OMA error message." Seems removing the multi-homed was the more correct solution then the wizards were able to resolve/repair. You did however comment on the multi-homed; "May I ask why you have it that way? I don't think it matters since at least the two you have listed are part of the same network".

Glad to hear you have it working BDManagedServices.
Cheers!
--Rob

There is no issue with having multiple IP addresses on the same network card or for that matter having multiple cards. It just all has to be configured properly. Since he had not explained why he had multi-home, I had asked for further explanation. It was reading as if things were all fine and that this multi-home situation existed before the public IP address change and the multi home (multi IP) were all internal (non-public) addresses and hence nothing should have been really needed to be done on the server in the first place. I do these IP address changes curently at least three times a week as Comcast and AT&T are both pushing hard in our area with some very aggressive pricing. All I ever usually do is change the settings in the client's firewall (various ones) and then change DNS forwarders if one is being used and of course make any necessary changes on the outside DNS host (MX, etc). Anyway, I am glad things are working.

>>"There is no issue with having multiple IP addresses on the same network card or for that matter having multiple cards. It just all has to be configured properly."
I disagree. That's true of server std, but not SBS. SBS 2003 is designed to function in two very specific configurations, 1 NIC or two, the later being a gateway. SBS 2008 will only function with a single NIC.