Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 601
  • Last Modified:

SBS 2003 HTTP 400 on SUBSCRIBE in IIS Log for ActiveSync User

I'm seeing some odd entries in the IIS log file that I hope someone may be able to identify.  The logs in question are from ActiveSync access by users on Android smartphones to a SBS 2003 Exchange instance.  Here's an example:

2011-10-27 15:05:24 SUBSCRIBE /exchange-oma/hkelly@mydomain.org/Inbox/ 80 - 198.20.240.100 HTTP/1.1 Microsoft-Server-ActiveSync/6.5.7638.1 - 401 1971 369
2011-10-27 15:05:24 SUBSCRIBE /exchange-oma/hkelly@mydomain.org/Inbox/ 80 - 198.20.240.100 HTTP/1.1 Microsoft-Server-ActiveSync/6.5.7638.1 - 401 2151 480
2011-10-27 15:05:24 SUBSCRIBE /exchange-oma/hkelly@mydomain.org/Inbox/ 80 MYDOMAIN\hkelly 198.20.240.100 HTTP/1.1 Microsoft-Server-ActiveSync/6.5.7638.1 - 200 512 492

Note the three SUBSCRIBES, two return a 400 status and the third that has a user_name rather than an IP address seems to work.  SSL is disabled.  I'm wondering why 3 transactions and what the difference is.

Thank you,
Roger

SBS 2003 SP2
Exchange 6.2
0
radionuch
Asked:
radionuch
  • 4
  • 2
  • 2
3 Solutions
 
Alan HardistyCo-OwnerCommented:
Please check your IIS settings / server configuration against my Exchange 2003 Article and then you should hopefully see the errors disappear:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

Alan
0
 
radionuchAuthor Commented:
Alan, thanks for your reply.

I saw this article before, but since I've found ActiveSync on SBS 2003 to be so touchy, I was concerned about changing anything since it was basically working.  I took your advice and followed this article, but without the SSL settings since I want to make sure our users are not disturbed until I have time to notify them first.

After the IIS reset, the error situation I described above did not change.  Here's what I got before and after this change, while testing the MS Connectivity Tester:

An ActiveSync session is being attempted with the server.
       Errors were encountered while testing the Exchange ActiveSync session.
       
      Test Steps
       
      Attempting to send the OPTIONS command to the server.
       Testing of the OPTIONS command failed. For more information, see Additional Details.
       
      Additional Details
       An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).

-Roger
0
 
radionuchAuthor Commented:
I think this example below clearly shows the problem I'm, concerned about.  You can see two requests for a SEARCH.  The first one shows the server IP address for a user name and fails with a 401.  The second with "MYDOMAIN\jweber" for a user name works.

-Roger

2011-10-28 16:36:59 SEARCH /exchange-oma/jweber@mydomain.org/ 80 - 198.20.240.100 HTTP/1.1 Microsoft-Server-ActiveSync/6.5.7638.1 - 401 2151 375
2011-10-28 16:36:59 SEARCH /exchange-oma/jweber@mydomain.org/ 80 MYDOMAIN\jweber 198.31.241.100 HTTP/1.1 Microsoft-Server-ActiveSync/6.5.7638.1 - 207 639 1129
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
Alan HardistyCo-OwnerCommented:
The 401 error is either incorrect username / password or incorrect IIS authentication settings on the virtual directories.
0
 
e_aravindCommented:
SEARCH /exchange-oma/jweber@mydomain.org/ 80 - --> 401 2
SEARCH /exchange-oma/jweber@mydomain.org/ 80 MYDOMAIN\jweber  --> 200

IMO, concentrate after the port 80
If there is - (we are using the anonymous authentication tried against the IIS

In the second line, browser\device provides the creds..so we end-up with http-200

Apart from these logs, if the mobile-devices and users are not facing other issues\difficulties....there is nothing to worry and you can ignore these logs
0
 
radionuchAuthor Commented:
Yes, Its working, and no errors are reported by the Smartphone users, so your advice is well taken, nothing to worry about I guess.

Where is the anonymous auth request coming from?  The Smartphone must try that first?

-Roger
0
 
e_aravindCommented:
IMO, this is by design when the IExplore communicate to IIS resources


The closest ones are:
Internet Explorer May Prompt You for a Password
http://support.microsoft.com/Default.aspx?id=258063

Anonymous authentication is attempted first, followed by Windows Integrated authentication, Digest authentication (if applicable), and finally Basic (clear text) authentication.

0
 
radionuchAuthor Commented:
Good news, thank you all very much.

-Roger
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now