davidelee
asked on
DNS Server Change Now iPhones not Receiving Emails
Hello Everyone,
We have a primary and secondary DNS server on our network (both are Windows 2000 Adv - the remaining servers on the network are all Windows 2003). As of yesterday, we brought the Secondary one down and all seems to be working fine EXCEPT that the iPhone/Droid users who connect to the Exchange server are not able to send or receive emails. However, users on the BES work fine. Not sure what it could be and am hoping someone could assist in trying to figure it out.
Much appreciated.
Thanks,
D
We have a primary and secondary DNS server on our network (both are Windows 2000 Adv - the remaining servers on the network are all Windows 2003). As of yesterday, we brought the Secondary one down and all seems to be working fine EXCEPT that the iPhone/Droid users who connect to the Exchange server are not able to send or receive emails. However, users on the BES work fine. Not sure what it could be and am hoping someone could assist in trying to figure it out.
Much appreciated.
Thanks,
D
ASKER
Thanks. The results are below:
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://churchillmanagement.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name churchillmanagement.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 64.209.128.53
Testing TCP port 443 on host churchillmanagement.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Tell me more about this issue and how to resolve it
Additional Details
A network error occurred while communicating with the remote host.
Exception details:
Message: Authentication failed because the remote party has closed the transport stream.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslSta te.StartRe adFrame(By te[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslSta te.StartRe ceiveBlob( Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslSta te.ForceAu thenticati on(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslSta te.Process Authentica tion(LazyA syncResult lazyResult)
at System.Net.Security.SslStr eam.Authen ticateAsCl ient(Strin g targetHost)
at Microsoft.Exchange.Tools.E xRca.Tests .SSLCertif icateTest. PerformTes tReally()
Attempting to test potential Autodiscover URL https://autodiscover.churchillmanagement.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.churchillmana gement.com in DNS.
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.churchillmana gement.com couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE xception
Stack trace:
at System.Net.Dns.GetAddrInfo (String name)
at System.Net.Dns.InternalGet HostByName (String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddr esses(Stri ng hostNameOrAddress)
at Microsoft.Exchange.Tools.E xRca.Tests .ResolveHo stTest.Per formTestRe ally()
.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.churchillmana gement.com in DNS.
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.churchillmana gement.com couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE xception
Stack trace:
at System.Net.Dns.GetAddrInfo (String name)
at System.Net.Dns.InternalGet HostByName (String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddr esses(Stri ng hostNameOrAddress)
at Microsoft.Exchange.Tools.E xRca.Tests .ResolveHo stTest.Per formTestRe ally()
.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.churchi llmanageme nt.com in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://churchillmanagement.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name churchillmanagement.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 64.209.128.53
Testing TCP port 443 on host churchillmanagement.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Tell me more about this issue and how to resolve it
Additional Details
A network error occurred while communicating with the remote host.
Exception details:
Message: Authentication failed because the remote party has closed the transport stream.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslSta
at System.Net.Security.SslSta
at System.Net.Security.SslSta
at System.Net.Security.SslSta
at System.Net.Security.SslStr
at Microsoft.Exchange.Tools.E
Attempting to test potential Autodiscover URL https://autodiscover.churchillmanagement.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.churchillmana
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.churchillmana
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.churchillmana
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host autodiscover.churchillmana
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.churchi
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
Can you bring back up the old DNS serve to make sure the zones were all transferred correctly to the 2nd DNS server? It looks like you might be missing autodiscover records.
ASKER
Sadly, I'm not sure if that's an option anymore. The old DNS server was demoted.
Can you please run the Exchange Activesync Test - not the Exchange Activesync Autodiscover test (I think you have run that by the look of the results).
Specify manual server settings and if you have a self-issued SSL certificate, tick the "Ignore Trust for SSL" check box.
Then post the results again please.
Specify manual server settings and if you have a self-issued SSL certificate, tick the "Ignore Trust for SSL" check box.
Then post the results again please.
ASKER
TEST RESULTS:
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name mail.churchillmanagement.c om in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: xx.xx.xx.xx
Testing TCP port 443 on host cmgmail.churchillmanagemen t.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name cmgmail.churchillmanagemen t.com was found in the Certificate Subject Common name.
Validating certificate trust for Windows Mobile devices.
The test passed with some warnings encountered. Please expand the additional details.
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/27/2010 12:00:00 AM, NotAfter = 8/26/2012 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://mail.churchillmanagement.com/Microsoft-Server-Activesync/.
The HTTP authentication test failed.
Tell me more about this issue and how to resolve it
Additional Details
The Initial Anonymous HTTPS request didn't fail, but Anonymous isn't a supported authentication method for this scenario.
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Test Steps
Attempting to resolve the host name mail.churchillmanagement.c
The host name resolved successfully.
Additional Details
IP addresses returned: xx.xx.xx.xx
Testing TCP port 443 on host cmgmail.churchillmanagemen
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name cmgmail.churchillmanagemen
Validating certificate trust for Windows Mobile devices.
The test passed with some warnings encountered. Please expand the additional details.
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/27/2010 12:00:00 AM, NotAfter = 8/26/2012 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://mail.churchillmanagement.com/Microsoft-Server-Activesync/.
The HTTP authentication test failed.
Tell me more about this issue and how to resolve it
Additional Details
The Initial Anonymous HTTPS request didn't fail, but Anonymous isn't a supported authentication method for this scenario.
ASKER
Performed multiple DNS tools to fix certain issues with the unsuccessful demotion of the Secondary DC(used ADSI, transferred FSMO, seized roles, etc.)
Apparently certain IIS>Exchange settings had changed. Not sure if it was coincidental or how it was changed but we did the following: IIS>Exchange>Right-click, select Properties, Directory Security. Under Authentication and Access Control, click Edit.. be sure there's a check mark where it says Intergrated Windows authentication. Once that setting was back in place all communication with the Smartphones were successful.
Hope this helps others.
Thanks alan and oper for your help in trying to get this fixed.
D
Apparently certain IIS>Exchange settings had changed. Not sure if it was coincidental or how it was changed but we did the following: IIS>Exchange>Right-click, select Properties, Directory Security. Under Authentication and Access Control, click Edit.. be sure there's a check mark where it says Intergrated Windows authentication. Once that setting was back in place all communication with the Smartphones were successful.
Hope this helps others.
Thanks alan and oper for your help in trying to get this fixed.
D
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
https://www.testexchangeconnectivity.com/
Let us know the results.