Activesync issues

Posted on 2011-02-12
Medium Priority
Last Modified: 2012-08-13
I am stuck trying to get Activesync working on my SBS2003 server with Exchange 2003.  Client is getting an Iphone, so...I have been following alanhardisty post on Activesync Connection Problems.  Got through all steps, made changes as needed to virtual directories, ran the test and get an HTTP500 error.  Followed kb883380 to delete and recreate directories.  Upon completion of kb883380, I reran the test and now got an HTTP403 error and my OWA was no longer working (not authorized message).

I redid beginning steps in alanhardisty post to again update virtual directory settings.  Reran test - back to the HTTP 500 error and my OWA still getting Not Authorized.   I tried disabling Forms based authentication and turning off SSL on Exchange virtual directory - same failure.  I do not have EventID 9667 in the logs.  I checked the ExchWeb virtual directory settings.  Even ran Isinteg - found and fixed one error on mailbox store, and a couple on public.  Still same results.

So, basically tried everything in the document.  TestExchangeConnectivity results are attached.

The only error I ever see in the logs is eventID 3031 'The mailbox server does not allow "negotiate" authentication to its [/exchange-oma] virtual directory.  I checked the kbs referenced in the eventID text - all ok.

Any other ideas or am I now down to calling Microsoft?

Thanks! TestExchangeConnectivity-results.pdf
Question by:lbit
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34880030
Have you recreated the exchange-oma virtual directory following kb817379?

If you have, re-run the Connect to the Internet Wizard from Server Manager> To Do List.

Re-run check the iOS settings after running the wizard then re-run the test.

If you exhaust the HTTP 500 error section then it's a call to Microsoft I am afraid.


Author Comment

ID: 34880217
Yes, I had done that.  After rebuilding the virtual directories and getting the 403 error, I did kb817379 and the other steps in your article.  Still same error and OWA broken.  So that's when I updated the other IIS settings per the first steps in your article (they were changed after the rebuild) and got the 500 again.

I did not re-run the connect wizard - might as well try that as a last effort before calling Microsoft!

I will post back - thanks for trying!
LVL 76

Accepted Solution

Alan Hardisty earned 2000 total points
ID: 34880675
No problems.  The 500 errors can be a real pain to resolve and I am itching to be able to call MS with another 500 error so that I can continue to update my article and add more troubleshooting steps to it, so that it can hopefully resolve 100% of issues!

Hope the wizard works for you - if not - please keep me posted if you call MS as to what you had to do.


Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Author Closing Comment

ID: 34907366
Well, I did have to call Microsoft and good news - they found the problem.  I use Symantec for anti-virus and the SAV Reporting website was set up on port 80.  As soon as I stopped that website, the Microsoft support agent was able to sync using the test account I set up for him, and the Testexchangeconnectivity results were all green!

I never even thought to look at the other websites.  You may want to add that piece of info in your doc!

And thank you for your excellent document!  WIthout it, I would not have gotten it set up.  I am awarding points here for your quick response and help, as well as for the invaluable info in your Exchange 2003 - Activesync Connection Problems FAQ.
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34908002
Hi lbit - glad the problem is solved and sorry that you missed the section in my article (section 8) that advises to use port 80 on the default website:

>> 8. Ensure that the IP for the Default Website is set to All Unassigned and using port 80 (open up IIS manager, Right-Click the Default Website and choose properties, then on the Advanced button). <<

Author Comment

ID: 34908944
Just to clarify - I did have port 80 on the default website, per your article.  What I did not see is that there was another website in IIS (not under Default Website) that was from an old version of Symantec Antivirus (which I no longer use - have upgraded) called SAV Reporting that was also using port 80.  I just had to delete that unused website and all was good.

LVL 76

Expert Comment

by:Alan Hardisty
ID: 34908979
Ah - sorry - that's slightly different.

I'll tweak my article!

Thanks for the points and glad you are sorted - it's much easier to resolve hands-on!

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question