exchange 2010 activesync not proxying to 2003. "TiSyncStateLocked_Mbx:"

will001
will001 used Ask the Experts™
on
I can connect to my 2010 mailboxes with activesync, but, when i try to connect to 2003 accounts through the 2010 server, i get an error on my device saying "unable to find server" and then this shows up in the http logs "LdapC1_LdapL16_Error:TiSyncStateLocked_Mbx:2003server".
how does exchange 2010 proxy the connection? does it use rpc over http on the backend?
would it be sensitive to the 2003 servers ssl certificate, or will it just communicate as a hostname?

any help would be appriciated...
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Shreedhar EtteTechnical Manager
Top Expert 2010

Commented:

Author

Commented:
Hi already seen that, have carried out the suggestions with no positive outcome...

Author

Commented:
On the 2003 server, there is no logs showing attempted access to the server. I am thinking that there is something wrong with the ssl certificate of the 2003 server? can anyone explain how 2010 proxies 2003 activesync?
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Author

Commented:
I have sniffed the traffic between the two servers and the 2010 server is trying to access this URL it seems. The 2003 server sends this http 302 object moved error code, with the url:
https://2003server.intdomain.internal/exchange/ex.test1@extdomain.com/NON_IPM_SUBTREE

I know that the certificate on the 2003 server is for the external.com url and not the intdomain.internal url, is this what is causing the problems? Is there a way to bypass the certificate, or circumvent it, so that i dont need a ucc san?

Author

Commented:
i installed a UCC certificate with all the internal and external FQDNs on both servers, but still no joy. has anyone got any ideas?
Commented:
I fixed this issue by doing the following:
disabled ssl + redirect on the 2003 server.
then received an error about ntlm not being enabled.
enabled integrated auth on the exchange and activesync folder.

Looking at the logs helped a great deal here. i cannot emphasise how much you should pay attention to the logs, and disable ssl, redirects, and doublecheck your authentication methods on all directories.

Author

Commented:
the solution above worked.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial