Solved

iPhone Active Sync issues, mailbox syncs for a short time then stops

Posted on 2012-03-26
10
1,860 Views
Last Modified: 2012-05-02
Here is some backstory before I get to the issues.

This client was on hosted exchange, we have installed a new SBS 2011 and imported their email via PSTs into exchange.

They have 4 users with iPhones, 2 of them work with no problem.  The other 2 sync work briefly for a time when it stops working you can go to the mailbox and it spins saying checking for mail.

One user went a week before it stops working the other goes only 1 day before it stops.

I have done the following in an attempt to resolve:

Removed and re added the account
Removed mobile device partnership from exchange and readded to phones
One of the users completely replaced their hardware and the problem persists
Have tried using IP Address instead of server name on the phone settings.
I have reset both their passwords.
Restarted their router when the issue occurs and it does not resolve.

The server does not state their are any errors with their mailboxes or active sync.  Both are iPhone 4 with iOS 5.1.
0
Comment
Question by:jlburgin
  • 5
  • 4
10 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767111
Are you using the self-issued Exchange certificate or a 3rd party certificate?
0
 

Author Comment

by:jlburgin
ID: 37767134
Using third party UCC Cert from GoDaddy
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767148
Good :)

Can you please run the Exchange Activesync test at https://testexchangeconnectivity.com and don't use anything Autodiscover, then post the results.

Thanks

Alan
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37767157
try resetting IIS on the server manually and reconnecting the phone.
0
 

Author Comment

by:jlburgin
ID: 37767210
Here are the results from testexchangeconnectivity.com



ExRCA is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Autodiscover was successfully tested for Exchange ActiveSync.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service was tested successfully.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 184.172.xxx.xxx
Testing TCP port 443 on host domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server domain.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to test potential Autodiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
Testing of the Autodiscover URL was successful.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 216.54.xxx.xxx
Testing TCP port 443 on host autodiscover.domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name autodiscover.domain.com was found in the Certificate Subject Alternative Name entry.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 3/7/2012 9:46:20 PM, NotAfter = 3/7/2015 9:46:20 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
ExRCA successfully retrieved Autodiscover settings by sending an Autodiscover POST.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml for user techs@domain.com.
The Autodiscover XML response was successfully retrieved.
Additional Details
Autodiscover Account Settings
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
 <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
 <Culture>en:us</Culture>
 <User>
 <DisplayName>Techs</DisplayName>
 <EMailAddress>Techs@domain.com</EMailAddress>
 </User>
 <Action>
 <Settings>
 <Server>
 <Type>MobileSync</Type>
 <Url>https://remote.domain.com/Microsoft-Server-ActiveSync</Url>
 <Name>https://remote.domain.com/Microsoft-Server-ActiveSync</Name>
 </Server>
 </Settings>
 </Action>
 </Response>
</Autodiscover>

 Validating Exchange ActiveSync settings.
Exchange ActiveSync URL https://remote.domain.com/Microsoft-Server-ActiveSync was validated successfully.
Attempting to resolve the host name remote.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 216.54.xxx.xxx
Testing TCP port 443 on host remote.domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server remote.domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name remote.domain.com was found in the Certificate Subject Alternative Name entry.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Analyzing the certificate chains for compatability problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
ExRCA is analyzing intermediate certificates that were sent down by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 3/7/2012 9:46:20 PM, NotAfter = 3/7/2015 9:46:20 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://remote.domain.com/Microsoft-Server-ActiveSync.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
An ActiveSync session is being attempted with the server.
Testing of an Exchange ActiveSync session completed successfully.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Mon, 26 Mar 2012 17:05:58 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET

Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 17
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1
Attempting to test the GetItemEstimate command for the Inbox folder.
ExRCA successfully received the GetItemEstimate response from the server.
Additional Details
Estimate: 6 messages
Attempting to test synchronization of the Inbox folder.
The Sync command completed successfully.
Additional Details
Number of items synchronized: 6
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767244
Okay - so all looks good from a server perspective.

Is this an issue with specific users or all users?

Specific devices or all devices?

Have you tried a working user account on a device that doesn't work properly and a now-working account on a known working device?

Trying to narrow down the possibilities and see if it is a device issue or a mailbox issue.

(P.S. - I have hidden your domain name / IP Addresses in your earlier post).
0
 

Author Comment

by:jlburgin
ID: 37767316
Only happens for two users on both their iPhones.  One of the users stated it occurs on their iPad as well.  Everyone else works normally granted this is a small office with a total of 8 users.

I have setup their account on my iPhone and am waiting to see if it starts failing.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37767386
If the test doesn't work, please check the inherited permissions for the users and Group membership as per my article:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
0
 

Accepted Solution

by:
jlburgin earned 0 total points
ID: 37903855
Resolution was to completely wipe the device and install all apps manually on the phones.
0
 

Author Closing Comment

by:jlburgin
ID: 37918463
Resolution came from completely wiping the devices
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question