• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1040
  • Last Modified:

Configure SBS 2003 new install to connect to Droid phone

My Droid (and before that a Windows 6.1 HTC Touchpro 2) sync’d with SBS 2003 Exchange Server just fine.

My SBS2003 server got screwed up.  I completely reinstalled.  I changed the Internal Domain name.  I kept the @myserver.net.  Outlook on my workstations are working properly.

However, when I try to configure Touchdown with the newserver\myname, Droid hangs up on “initializing Activesync”.  

I’m not sure where to start looking.  IIS, Web Site, Default Website, seems to have an Activesync entry.  

I need to be walked thru checking/configuring the server so OMA, IIS, etc. etc. will push and allow the Droid to send thru the server.
 

Thoughts?

 
0
Fritters
Asked:
Fritters
  • 16
  • 10
1 Solution
 
Jian An LimCommented:
try to run through
https://www.testexchangeconnectivity.com/

and see where it goes wrong?

i want to know is this activesync with andriod or activesync general issue
0
 
FrittersAuthor Commented:
I split points.  BTW, I used Kroll OnTrack and was able to pull content from priv.edb and pub.edb (without logs) directly in the Exchange Mailboxes of my users (logged in as them) AND directly into the public folder by copy/paste either OF the subfolders or the content (items) in a top level folder.  Simple to use.
0
 
FrittersAuthor Commented:
OOps, please ignore last post.  Wrong open question.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
FrittersAuthor Commented:
I created a test administrator account.
In the activesync test, I first chose "Use Autodiscover to detect settings".  I tried both MY email address and the Test email address.  Both generated this report.   The IEP address of 216. etc is NOT the IP address of my router.
Second test further below.

I created a test administrator account.
In the activesync test, I first chose "Use Autodiscover to detect settings".  I tried both MY email address and the Test email address.  Both generated this report.   The IEP address of 216. etc is NOT the IP address of my router.
Second test further below.
ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting the Autodiscover and Exchange ActiveSync test (if requested).
 Testing of Autodiscover for Exchange ActiveSync failed.
 Test Steps
 Attempting each method of contacting the Autodiscover service.
 The Autodiscover service couldn't be contacted successfully by any method.
 Test Steps
 Attempting to test potential Autodiscover URL https://XXXXXX.net/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 443 on host XXXXXX.net to ensure it's listening and open.
 The specified port is either blocked, not listening, or not producing the expected response.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with the remote host.
Exception details:
Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.21.239.197:443
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()

Attempting to test potential Autodiscover URL https://autodiscover.XXXXXX.net/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name autodiscover.XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 443 on host autodiscover.XXXXXX.net to ensure it's listening and open.
 The specified port is either blocked, not listening, or not producing the expected response.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with the remote host.
Exception details:
Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.21.239.197:443
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()

Attempting to contact the Autodiscover service using the HTTP redirect method.
 The attempt to contact Autodiscover using the HTTP Redirect method failed.
 Test Steps
 Attempting to resolve the host name autodiscover.XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 80 on host autodiscover.XXXXXX.net to ensure it's listening and open.
 The port was opened successfully.
ExRCA is checking the host autodiscover.XXXXXX.net for an HTTP redirect to the Autodiscover service.
 ExRCA failed to get an HTTP redirect response for Autodiscover.
  Tell me more about this issue and how to resolve it
 Additional Details
 A response other than a redirect was received. HTTP status: OK

Attempting to contact the Autodiscover service using the DNS SRV redirect method.
 ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
 Test Steps
 Attempting to locate SRV record _autodiscover._tcp.XXXXXX.net in DNS.
 The Autodiscover SRV record wasn't found in DNS.


THEN, suspecting that SBS2003 does not have Autodiscover, I tried "Manual".
The only thing that failed was SSL, but I expected that since I don't have a Cert.  However, I have the phone set to "SERVER doesn't use SSL."

 ExRCA is testing Exchange ActiveSync.  
  The Exchange ActiveSync test failed.
   Test Steps
   Attempting to resolve the host name mail.XXXXXX.net in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: 24.249.206.138
 
 Testing TCP port 443 on host mail.XXXXXX.net to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Test Steps
   Validating the certificate name.
  Certificate name validation failed.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host name mail.XXXXXX.net doesn't match any name found on the server certificate CN=XXXXXX.net, CN=companyweb, CN=dell1420, CN=localhost, CN=dell1420.XXXXXX.local.
 
  The outbound SMTP test was successful.
  Inbound SMTP mail flow was verified successfully
  I'm not using Webservice.  

Now that I've matched my internal domain name xxxxxx.local to my external xxxxxx.net, a Godaddy SSL cert is cheap.  I plan on doing that.  Do you think that the missing Cert, even a self cert is the cause?
0
 
Jian An LimCommented:
if 24.249.206.138 is your router IP address, then you are right, you need the certificate.


your mobile need to setup to use SSL.

i know iphone and some phone can ignore the SSL. so you might want to try that before you buy a godaddy cert
0
 
FrittersAuthor Commented:
I bought and installed a Cert for mail.xxxxx.net.  I have tried ignoring and not ignoring SSL on my PDA.  I then try to connect with two PDA apps, Touchdown and Moxier Mail.  Touchdown goes into limbo trying to refresh the Activsync connection (it used to work before I had to completely reinstall SBS2003).  Moxier Mail gives me a message to the Activesync version on the server might be too old.  That doesn't make sense to me at all.

I have run dcdiag and passed all tests.
I checked Mobile in Exchange and Global settings allows all users to use Activesync.  
I have another question open 27036713that MIGHT be related to this.  I thought that the problem was SSL related, but I don't think that's the case so ignore the title.
Overall, there are errors in the event log (27036713).  There's a PDA (activesync?) problem.  If they're related, I can't tell.  Hence, two posts.

0
 
FrittersAuthor Commented:
I just ran testexchangeconnectivity again:

Does this clarify the activesync problem at all and how to fix it

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name mail.XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: iiiiiiiiiiiippppppppppppppp

Testing TCP port 443 on host mail.XXXXXX.net to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 Validating the certificate name.
 The certificate name was validated successfully.
 Additional Details
 Host name mail.XXXXXX.net was found in the Certificate Subject Common name.

Validating certificate trust for Windows Mobile devices.
 The test passed with some warnings encountered. Please expand the additional details.
 Additional Details
 The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.

Testing the certificate date to confirm the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 The certificate is valid. NotBefore = 5/13/2011 10:24:28 PM, NotAfter = 5/13/2012 10:24:28 PM



Checking the IIS configuration for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates isn't configured.

Testing HTTP Authentication Methods for URL https://mail.XXXXXX.net/Microsoft-Server-Activesync/.
 The HTTP authentication test failed.
 Additional Details
 An HTTP 403 forbidden response was received. The response appears to have come from IIS6. Body of the response: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>

<h1>You are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
</ul>
<h2>HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Limiting Access by IP Address</b>, <b>IP Address Access Restrictions</b>, and <b>About Custom Error Messages</b>.</li>
</ul>

</TD></TR></TABLE></BODY></HTML>
0
 
Jian An LimCommented:
you are not authorized to view this page</h1>
The Web server you are attempting to reach has a list of IP addresses that are not allowed to access the Web site, and the IP address of your browsing computer is on this list.

the above means your IIS only listen to specific IP address
REAd the below document, but what you need is to allow ALL ip address.


READ http://www.hosting.com/support/dedicated/iis/blockip
0
 
FrittersAuthor Commented:
Not the case.  Both the Website and the subfolders are all set to Allow Access.  
0
 
Jian An LimCommented:
are you sure?
 can you goto specific to subfolder oma and activesync ( from my memory)

also,

Active Directory Users and Computers> Right Click on User > Properties >
Exchange Features > Mobile Services
0
 
FrittersAuthor Commented:
Default Website and the subfolders Exchange, Exchange-OMA, Microsoft Server Activsync, OMA, Exadmin, Mobile Admine.  All have Access Allowed.

User (me) has all Mobile Services and Protocols enabled.

0
 
Jian An LimCommented:
try to browse http://servername/oma from other machine and see whether it is accessible.

try
Microsoft Windows Small Business Server 2003 Best Practices Analyzer
 and see whether any thing pick up from there.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3874527a-de19-49bb-800f-352f3b6f2922&displaylang=en

another thing i was thinking is the HTTP authentication method,
do you use basic authentication?




I was thinking of repairing IIS as last measure
http://support.microsoft.com/kb/320202
0
 
Jian An LimCommented:
please try not to repair if you don need to, i am aim to resolve this without installation
0
 
FrittersAuthor Commented:
http://servername/oma  brings me to some website, not mine.

http://mail.servername.net/oma takes me to a login dialog.  Logging gets "  Item no longer exists. The item you are attempting to access may have been deleted or moved."

But isn't OMA used when there is a front end/back end?  and Isn't Exchange-OMA what SBS 2003 creates as the virtual directory?

Trying https://mail.servername.net/exchange-oma puts me (without a login name which worries me!!!!) into OWA.  (As does https://mail.servername.net/exchange but that asks for id and password).

#1 How do I configure http://mail.servername.net/exchange-oma so it requires a Login?

Will try the analyzer.
0
 
FrittersAuthor Commented:
I was incorrect in the last post: "Trying https://mail.servername.net/exchange-oma puts me (without a login name which worries me!!!!) into OWA"

I see the folder list in personal folders, but not the items IN the folder.
Whereas I see both the public folders and their contents.

I need a fix for this RIGHT AWAY!!
0
 
Jian An LimCommented:
put http authentication to basic at least.

have you run the analyzer yeT?

worse case is to run the rebuild of IIS if  soo desperate


0
 
FrittersAuthor Commented:
Ran analyzer.  Tells me that SP'S are not installed!  I thought they were done via options during install.  I should run those, yes?
0
 
Jian An LimCommented:
i think you have installed basic first SBS 2003 without SP

run SBS 2003 Sp1, then windows 2003 SP1, then windows 2003 SP2.

(there are 3 separate updates)
0
 
FrittersAuthor Commented:
I have done so.  Still can't connect.  Have passed the fail log to the Nitrodesk support to see what they say.  

0
 
FrittersAuthor Commented:
I have install all the updates that Analyzer suggested.  There were also a XP Client and a Share Point.

I am now able to sync Contacts.  

Touchdown received Calendar entries, but I can't seem to add, edit or delete FROM the TD.  Delete is strange.  It deletes on the Droid, but then has it pushed back onto the Droid rather than deleting from the Server.

Mail got and gets nothing.  But sending from the TD appears in the mailbox on the workstation.  
0
 
FrittersAuthor Commented:
Correction - it is syncing using its Exchange 2003 option, not with Activesync.  Mozier Mail does not have that option and so can't sync at all.
0
 
Jian An LimCommented:
after you install the support pack, testexchangeconnectivity still have the same error message?

i reckon you need to reinstall the IIS again ... something really wrong there...


one question worth asking is how do you rebuild your windows? do you build from scratch or build from previous backup?
0
 
FrittersAuthor Commented:
Formatted drive and used install cds.  Will test upon return.
0
 
Jian An LimCommented:
i cant see why your default installation has sooo much issues...

during installation, when you install exchange, do you select to install outlook rpc over http, and mobile at the same time?
0
 
FrittersAuthor Commented:
My sincere apologies.  Running Analyzer again, I found that certain SP's, etc. had NOT been applied.  I've done all now and, lo and behold, the connection and syncing with ACTIVESYNC seems to be working just fine.  
 
Sorry for the trouble.  Thanks for all the effort.
0
 
FrittersAuthor Commented:
I created a test administrator account.
In the activesync test, I first chose "Use Autodiscover to detect settings".  I tried both MY email address and the Test email address.  Both generated this report.   The IEP address of 216. etc is NOT the IP address of my router.
Second test further below.

I created a test administrator account.
In the activesync test, I first chose "Use Autodiscover to detect settings".  I tried both MY email address and the Test email address.  Both generated this report.   The IEP address of 216. etc is NOT the IP address of my router.
Second test further below.
ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting the Autodiscover and Exchange ActiveSync test (if requested).
 Testing of Autodiscover for Exchange ActiveSync failed.
 Test Steps
 Attempting each method of contacting the Autodiscover service.
 The Autodiscover service couldn't be contacted successfully by any method.
 Test Steps
 Attempting to test potential Autodiscover URL https://XXXXXX.net/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 443 on host XXXXXX.net to ensure it's listening and open.
 The specified port is either blocked, not listening, or not producing the expected response.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with the remote host.
Exception details:
Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.21.239.197:443
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()

Attempting to test potential Autodiscover URL https://autodiscover.XXXXXX.net/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name autodiscover.XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 443 on host autodiscover.XXXXXX.net to ensure it's listening and open.
 The specified port is either blocked, not listening, or not producing the expected response.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with the remote host.
Exception details:
Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.21.239.197:443
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()

Attempting to contact the Autodiscover service using the HTTP redirect method.
 The attempt to contact Autodiscover using the HTTP Redirect method failed.
 Test Steps
 Attempting to resolve the host name autodiscover.XXXXXX.net in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 216.21.239.197

Testing TCP port 80 on host autodiscover.XXXXXX.net to ensure it's listening and open.
 The port was opened successfully.
ExRCA is checking the host autodiscover.XXXXXX.net for an HTTP redirect to the Autodiscover service.
 ExRCA failed to get an HTTP redirect response for Autodiscover.
  Tell me more about this issue and how to resolve it
 Additional Details
 A response other than a redirect was received. HTTP status: OK

Attempting to contact the Autodiscover service using the DNS SRV redirect method.
 ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
 Test Steps
 Attempting to locate SRV record _autodiscover._tcp.XXXXXX.net in DNS.
 The Autodiscover SRV record wasn't found in DNS.


THEN, suspecting that SBS2003 does not have Autodiscover, I tried "Manual".
The only thing that failed was SSL, but I expected that since I don't have a Cert.  However, I have the phone set to "SERVER doesn't use SSL."

 ExRCA is testing Exchange ActiveSync.  
  The Exchange ActiveSync test failed.
   Test Steps
   Attempting to resolve the host name mail.XXXXXX.net in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: xxx.xxx.xxx.xxx
 
 Testing TCP port 443 on host mail.XXXXXX.net to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Test Steps
   Validating the certificate name.
  Certificate name validation failed.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host name mail.XXXXXX.net doesn't match any name found on the server certificate CN=XXXXXX.net, CN=companyweb, CN=dell1420, CN=localhost, CN=dell1420.XXXXXX.local.
 
  The outbound SMTP test was successful.
  Inbound SMTP mail flow was verified successfully
  I'm not using Webservice.  

Now that I've matched my internal domain name xxxxxx.local to my external xxxxxx.net, a Godaddy SSL cert is cheap.  I plan on doing that.  Do you think that the missing Cert, even a self cert is the cause?
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 16
  • 10
Tackle projects and never again get stuck behind a technical roadblock.
Join Now