We help IT Professionals succeed at work.

ActiveSync authentication failed

7,227 Views
Last Modified: 2012-05-11
MS Exchange 2010 stopped accepting Active Synch connections from mobile devices. The reason is bad username/password which is not the case here. In addition OWA does not allow deleting emails, error "Your network connection isn't available. If the problem continues contact your helpdesk with this HTTP Status code:302." (Displayed in Google Chrome). The same error is present in MSIE, however Status code is 0. This is true for internal, external and localhost access.

It may have to do with authentication settings, this is what's currently set up on the server (IIS)
There are 6 authentication methods available:
Anonymous Auth
ASP.NET Impersonation
Basic Auth
Digest Auth
Forms Auth
Windows Auth

I am listing only enabled settings
Default web site: Anonymous
aspnet_client: Anonymous
autodiscover: Anonymous, Basic Auth, Windows Auth
ecp: Basic Auth
ews: Anonymous, Basic, Windows
Microsoft-Server-ActiveSynch: Basic
OAB: Windows
owa: Basic
powershell: Anonymous


Changing passwords, restarting IIS, removing wwwroot\web.config didn't help at all.

Appreciate any help.
Comment
Watch Question

check if there have been any changes made on your activesync policy in exchange (org config-->client access-->active sync policies

Author

Commented:
No changes as far as I can tell
Allow non-provisionable devices: yes

Requie password: no

Allow direct Push when roaming: yes
Allow HTML-formatted email: yes
Allow attachments: yes

Device tab: all checked

Device applications: all checked

Other: nothing added.
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
setasoujiro:
Did that already, didn't help

Author

Commented:
I just run test using https://www.testexchangeconnectivity.com


One failed:

      ExRCA is testing Exchange ActiveSync.
       The Exchange ActiveSync test failed.
       
      Test Steps
       
      Attempting to resolve the host name mail2.example.com in DNS.
       The host name resolved successfully.
       
      Additional Details
       IP addresses returned: 1.2.3.4
      Testing TCP port 443 on host mail2.example.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The certificate passed all validation requirements.
       
      Test Steps
       
      Validating the certificate name.
       The certificate name was validated successfully.
       
      Additional Details
       Host name mail2.example.com was found in the Certificate Subject Alternative Name entry.
      Testing the certificate date to confirm the certificate is valid.
       Date validation passed. The certificate hasn't expired.
       
      Additional Details
       The certificate is valid. NotBefore = 11/18/2010 3:38:37 AM, NotAfter = 11/18/2015 3:38:37 AM
      Checking the IIS configuration for client certificate authentication.
       Client certificate authentication wasn't detected.
       
      Additional Details
       Accept/Require Client Certificates isn't configured.
      Testing HTTP Authentication Methods for URL https://mail2.example.com/Microsoft-Server-Activesync/.
       The HTTP authentication test failed.
       
      Additional Details
       An HTTP 500 response was returned from Unknown.
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
setasoujiro:

I have "Require SSL" checked
and Client Certificates: Ignore selected.

This is in IIS\MS-Server-ActiveSynch
Viral RathodConsultant

Commented:
If you try to go to https://mail.domain.com/Microsoft-Server-ActiveSync  what is the result ?

Author

Commented:
It shows an error:
Server Error in '/Microsoft-Server-ActiveSync' Application.

Could not load file or assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Assembly Load Trace: The following information can be helpful to determine why the assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' could not be loaded.


WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].

Stack Trace:


[FileNotFoundException: Could not load file or assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.]
   Microsoft.Exchange.AirSyncHandler.Global.ExecuteApplicationStart(Object sender, EventArgs e) +0

[HttpException (0x80004005): Could not load file or assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.]
   System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) +4179473
   System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +205
   System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +336
   System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +350
   System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +382

[HttpException (0x80004005): Could not load file or assembly 'Microsoft.Exchange.Net, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.]
   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +11318198
   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +4348404

Version Information: Microsoft .NET Framework Version:2.0.50727.5653; ASP.NET Version:2.0.50727.5053
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
This article refers to Exchange 2003, I did recreate 'owa' VD last night without a success.

Author

Commented:
I was able to track the problem down to web.config in wwwroot foldder. Afrter removing two lines I can connect to localhost\Microsoft-Server-ActiveSynch

Removed lines:
<error statusCode="403" prefixLanguageFilePath="%SystemDrive%\inetpub\custerr\" path="403.htm" responseMode="File" />
<error statusCode="403" subStatusCode="4" path="%SystemDrive%\inetpub\httpsredir.htm" responseMode="File" />

Open in new window




Active SYnch connectivity test came back with one error:
An ActiveSync session is being attempted with the server.
       Errors were encountered while testing the Exchange ActiveSync session.
       
      Test Steps
       
      Attempting to send the OPTIONS command to the server.
       Testing of the OPTIONS command failed. For more information, see Additional Details.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       An unexpected redirect response was received to URL https://mail.example.com/owa/default.eas.


default.eas is a 0bytes file on the server.
i see, i still wonder how this happened for no reason?as do you i'm sure :)

Author

Commented:
setasoujiro:

I really don't know what could have happened, I had one report that out of office reply couldn't be set about 2 weeks ago. Another user did set her out of office reply 6 days ago without any problems. Now out of office reply does not work at all. iPod users able to use exchange synch until about Wednesday afternoon, no errors regarding those issue are present in event log. Everything else works without problems.
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
No wizards in outlook or OWA. Outlook says "Your automatic reply settings cannot be displayed because the server is unavailable"
Clicking "options" in OWA does not bring up menu.

Author

Commented:
when OWA is opened in MSIE clicking on "Options" brings up a dialog box "An unexpected error occurred and your request couldn't be handled."

Author

Commented:
After disabling redirection for IIIS\default web\owa I can get to OOOR drop down menu in OWA,
https://example.com/exchange/ is opened with the following error:

Server Error in '/' Application.
--------------------------------------------------------------------------------

Configuration Error 
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. 

Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level.  This error can be caused by a virtual directory not being configured as an application in IIS.

Source Error: 


Line 35:     <system.web>
Line 36:         <httpRuntime maxRequestLength="35000" />
Line 37:         <authentication mode="Windows" />
Line 38:         <sessionState mode="Off" />
Line 39: 
 

Source File: C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config    Line: 37 

Open in new window


Redirection in \Exchange is currently disabled, when it is enabled and point to "https://example.nnnt.com/owa I am unable to click on the "Options" menu in OWA.

Author

Commented:
Problem solved! there were few out of place redirections in IIS but the real problem was in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\sync\web.config file.
I had to replace it with a fresh copy from another server and everything worked as it did before.
Attached is web.config file I used to get it to work. Thank you all for help.
 web.config

Author

Commented:
Forgot to add, removing redirections helped autodiscovery to work properly, virtual directory was also recreated. Autodiscovery is needed for OORF to work.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.