troubleshooting Question

Exchange 2003 Activesync nightmares!

Avatar of Amaze_IT
Amaze_ITFlag for United Kingdom of Great Britain and Northern Ireland asked on
19 Comments1 Solution283 ViewsLast Modified:
I'm having a torrid time trying to get users syncing using the iPhones.   A couple of months ago we installed a front end server in our DMZ, and repointed all traffic through to this instead of the mailserver on the inside.  Mail still flows through SMTP to the existing server, but ONLY from our 3rd party AV/Spam providers (our default MX hits them, not us).  Previously, we had one exchange server doing everything, successfully!  We installed the hack to enable RPC over HTTP, change password functions through OWA, FBA etc.  Since adding the front end server we're having some weird and wonderful problems - certain users are unable to sync their iPhones with the server.  I myself have a 3GS and i can wipe my account and reset it without any problems.  However, seemingly random users are unable to do so - I can enter the details and it verifies them fine, but the moment i attempt to check the email, I get an error "The server cannot be contacted" on the device.  This happens on some old users, and now brand new users.  I have copied the profile from existing users that work, makes no difference; I have checked i can access them through OWA (Fine).  I have moved their mailboxes to different stores, makes no difference also.  I have run the exchange connectivity tester, and it verifies some users (the ones that sync), and others it reports a "403 Forbidden" error.  I have tried the ActiveSync Tester app on my iphone, and my user works fine, but with a user that doesn't it tells me that Activesync is detected, but access denied [HTTP 403: DIsabled for this user]".  I have checked the permissions on the folder on both front end and back end, and tried changing settings on the IIS folders, but not difference.  One peculiar thing is that if i make changes on virtual folders, and then do an iisreset, the permissions change back to what they were previously?  We are using SSL to connect to the front end server, and all the rules are in palce for the FE to talk to the BE server.  Both running latest updates with Exchange 2003 SP3 and Windows 2003 R2.

Can someone please help - i'm totally out of ideas!
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 19 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 19 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros