wireme
asked on
Exchange 2010 activesync for only one mobile user; not synching correctly
We have only user with a mobile phone who cannot sync successfully to his exchange mail account. He has tried two different phones (windows mobile 6, Android HTC evo shift) with the same result. I've used the https://www.testexchangeconnectivity.com site for diagnostics. Only on this user will we receive a sync error. all other users i have tested come back fine. I've checked the security settings in active directory for this user, and all seems to be tip top. i wondering if the best way to go now is export his mail, delete the old user, create a new one, then import his mail back. here are the results of the diag. at the very bottom is the only error that consistently arises when i run this individual.
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name webmail.XXXXXXXXX.net in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 173.167.181.65
Testing TCP port 443 on host webmail.XXXXXXXXX.net to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name webmail.XXXXXXXXX.net was found in the Certificate Subject Common name.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Additional Details
The certificate is trusted for Windows Mobile 5.0 and later versions. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/5/2010 12:00:00 AM, NotAfter = 8/9/2011 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://webmail.XXXXXXXXXX.net/Microsoft-Server-Activesync/.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0
MS-ASProtocolCommands: Sync,SendMail,SmartForward
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Thu, 24 Feb 2011 18:10:54 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 45
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1
Attempting to test the GetItemEstimate command for the Inbox folder.
ExRCA received an error in response to the GetItemEstimate command.
Additional Details
An HTTP 500 response was returned from IIS7.
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name webmail.XXXXXXXXX.net in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 173.167.181.65
Testing TCP port 443 on host webmail.XXXXXXXXX.net to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name webmail.XXXXXXXXX.net was found in the Certificate Subject Common name.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Additional Details
The certificate is trusted for Windows Mobile 5.0 and later versions. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/5/2010 12:00:00 AM, NotAfter = 8/9/2011 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://webmail.XXXXXXXXXX.net/Microsoft-Server-Activesync/.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0
MS-ASProtocolCommands: Sync,SendMail,SmartForward
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Thu, 24 Feb 2011 18:10:54 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 45
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1
Attempting to test the GetItemEstimate command for the Inbox folder.
ExRCA received an error in response to the GetItemEstimate command.
Additional Details
An HTTP 500 response was returned from IIS7.
Does the user have manage mobile device in the actions box on the right in Exchange management console? If not click on start run type in adsiedit.msc click ok. navigate to the user right click and properties. Scroll down until you find "msExchMobileMailboxFlags"
ASKER
thanks for the article, but i tried the inherited permissions route. this user is a recently migrated user from a 2003 box.
ASKER
the user does have manage mobile device available. i have removed previous records of his sync attempts and retried. same result.
Is there anything special about this user?
Are they a member of any groups that other users are not?
Are there any users that are a member of the same groups that do work?
Are they a member of any groups that other users are not?
Are there any users that are a member of the same groups that do work?
ASKER
i've checked against other users and membership and security parameters are the same.
Is this the only mailbox that has been migrated?
ASKER
about 30 others were migrated as well. they are working correctly.
ASKER
it is looking more an more like a corrupted mailbox. i am receiving folder access issues. what would be the best way to run a repair for this mailbox?
here is the result when i try to move his mailbox to a new mailbox database:
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
Eric
Failed
Error:
Failed to communicate with the mailbox database.
MapiExceptionLogonFailed: Unable to open message store. (hr=0x80040111, ec=-2147221231)
Diagnostic context:
Lid: 55847 EMSMDBPOOL.EcPoolSessionDo
Lid: 43559 EMSMDBPOOL.EcPoolSessionDo
Lid: 23226 --- ROP Parse Start ---
Lid: 27962 ROP: ropLogon [254]
Lid: 17082 ROP Error: 0x80040111
Lid: 26937
Lid: 21921 StoreEc: 0x80040111
Lid: 27962 ROP: ropExtendedError [250]
Lid: 1494 ---- Remote Context Beg ----
Lid: 26426 ROP: ropLogon [254]
Lid: 44215
Lid: 60049 StoreEc: 0x8004010F
Lid: 49469
Lid: 65341 StoreEc: 0x8004010F
Lid: 56125
Lid: 47933 StoreEc: 0x8004010F
Lid: 32829
Lid: 49213 StoreEc: 0x8004010F
Lid: 48573
Lid: 64957 StoreEc: 0x8004010F
Lid: 59409
Lid: 45073
Lid: 11173 StoreEc: 0x80040111
Lid: 22970
Lid: 8620 StoreEc: 0x80040111
Lid: 1750 ---- Remote Context End ----
Lid: 26849
Lid: 21817 ROP Failure: 0x80040111
Lid: 26297
Lid: 16585 StoreEc: 0x80040111
Lid: 32441
Lid: 1706 StoreEc: 0x80040111
Lid: 24761
Lid: 20665 StoreEc: 0x80040111
Lid: 25785
Lid: 29881 StoreEc: 0x80040111
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.267.0&t=exchgf1&e=ms.exch.err.ExD5D911
Warning:
When an item can't be read from the source database or it can't be written to the destination database, it will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting Exchange not copy such items to the destination mailbox. At move completion, these corrupted items will not be available at the destination mailbox.
Exchange Management Shell command attempted:
'Domain.local/Users/Eric Kurth' | New-MoveRequest -TargetDatabase 'Mailbox Database _GAH-022411' -BadItemLimit '10'
Elapsed Time: 00:00:00
here is the result when i try to move his mailbox to a new mailbox database:
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
Eric
Failed
Error:
Failed to communicate with the mailbox database.
MapiExceptionLogonFailed: Unable to open message store. (hr=0x80040111, ec=-2147221231)
Diagnostic context:
Lid: 55847 EMSMDBPOOL.EcPoolSessionDo
Lid: 43559 EMSMDBPOOL.EcPoolSessionDo
Lid: 23226 --- ROP Parse Start ---
Lid: 27962 ROP: ropLogon [254]
Lid: 17082 ROP Error: 0x80040111
Lid: 26937
Lid: 21921 StoreEc: 0x80040111
Lid: 27962 ROP: ropExtendedError [250]
Lid: 1494 ---- Remote Context Beg ----
Lid: 26426 ROP: ropLogon [254]
Lid: 44215
Lid: 60049 StoreEc: 0x8004010F
Lid: 49469
Lid: 65341 StoreEc: 0x8004010F
Lid: 56125
Lid: 47933 StoreEc: 0x8004010F
Lid: 32829
Lid: 49213 StoreEc: 0x8004010F
Lid: 48573
Lid: 64957 StoreEc: 0x8004010F
Lid: 59409
Lid: 45073
Lid: 11173 StoreEc: 0x80040111
Lid: 22970
Lid: 8620 StoreEc: 0x80040111
Lid: 1750 ---- Remote Context End ----
Lid: 26849
Lid: 21817 ROP Failure: 0x80040111
Lid: 26297
Lid: 16585 StoreEc: 0x80040111
Lid: 32441
Lid: 1706 StoreEc: 0x80040111
Lid: 24761
Lid: 20665 StoreEc: 0x80040111
Lid: 25785
Lid: 29881 StoreEc: 0x80040111
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.267.0&t=exchgf1&e=ms.exch.err.ExD5D911
Warning:
When an item can't be read from the source database or it can't be written to the destination database, it will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting Exchange not copy such items to the destination mailbox. At move completion, these corrupted items will not be available at the destination mailbox.
Exchange Management Shell command attempted:
'Domain.local/Users/Eric Kurth' | New-MoveRequest -TargetDatabase 'Mailbox Database _GAH-022411' -BadItemLimit '10'
Elapsed Time: 00:00:00
And this user was working prior to migration?
Is the user still listed in Exchange System Manager on the 2003 server?
Is the user still listed in Exchange System Manager on the 2003 server?
ASKER
yes.
i shut down (manually stopped the exchange services) the old exchange server late last night, to test the new server for functionality tests.
i shut down (manually stopped the exchange services) the old exchange server late last night, to test the new server for functionality tests.
The best option is to export everything from the mailbox, delete it then create a new one and import the data again.
ASKER
that would be a new one for me. what would be the best way to do that in 2010?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i have to head out to another job at the moment. i'll be back to work on this in couple of hours. thanks for your patience.
ASKER
GOOD ADVICE. THANK YOU!
See here for a possible resolution: https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html