Solved

iPhone Active Sync issues, mailbox syncs for a short time then stops

Posted on 2012-03-26
10
1,854 Views
Last Modified: 2012-05-02
Here is some backstory before I get to the issues.

This client was on hosted exchange, we have installed a new SBS 2011 and imported their email via PSTs into exchange.

They have 4 users with iPhones, 2 of them work with no problem.  The other 2 sync work briefly for a time when it stops working you can go to the mailbox and it spins saying checking for mail.

One user went a week before it stops working the other goes only 1 day before it stops.

I have done the following in an attempt to resolve:

Removed and re added the account
Removed mobile device partnership from exchange and readded to phones
One of the users completely replaced their hardware and the problem persists
Have tried using IP Address instead of server name on the phone settings.
I have reset both their passwords.
Restarted their router when the issue occurs and it does not resolve.

The server does not state their are any errors with their mailboxes or active sync.  Both are iPhone 4 with iOS 5.1.
0
Comment
Question by:jlburgin
  • 5
  • 4
10 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767111
Are you using the self-issued Exchange certificate or a 3rd party certificate?
0
 

Author Comment

by:jlburgin
ID: 37767134
Using third party UCC Cert from GoDaddy
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767148
Good :)

Can you please run the Exchange Activesync test at https://testexchangeconnectivity.com and don't use anything Autodiscover, then post the results.

Thanks

Alan
0
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37767157
try resetting IIS on the server manually and reconnecting the phone.
0
 

Author Comment

by:jlburgin
ID: 37767210
Here are the results from testexchangeconnectivity.com



ExRCA is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Autodiscover was successfully tested for Exchange ActiveSync.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service was tested successfully.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 184.172.xxx.xxx
Testing TCP port 443 on host domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server domain.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to test potential Autodiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
Testing of the Autodiscover URL was successful.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 216.54.xxx.xxx
Testing TCP port 443 on host autodiscover.domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name autodiscover.domain.com was found in the Certificate Subject Alternative Name entry.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
ExRCA can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 3/7/2012 9:46:20 PM, NotAfter = 3/7/2015 9:46:20 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
ExRCA successfully retrieved Autodiscover settings by sending an Autodiscover POST.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml for user techs@domain.com.
The Autodiscover XML response was successfully retrieved.
Additional Details
Autodiscover Account Settings
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
 <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
 <Culture>en:us</Culture>
 <User>
 <DisplayName>Techs</DisplayName>
 <EMailAddress>Techs@domain.com</EMailAddress>
 </User>
 <Action>
 <Settings>
 <Server>
 <Type>MobileSync</Type>
 <Url>https://remote.domain.com/Microsoft-Server-ActiveSync</Url>
 <Name>https://remote.domain.com/Microsoft-Server-ActiveSync</Name>
 </Server>
 </Settings>
 </Action>
 </Response>
</Autodiscover>

 Validating Exchange ActiveSync settings.
Exchange ActiveSync URL https://remote.domain.com/Microsoft-Server-ActiveSync was validated successfully.
Attempting to resolve the host name remote.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 216.54.xxx.xxx
Testing TCP port 443 on host remote.domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server remote.domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name remote.domain.com was found in the Certificate Subject Alternative Name entry.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.domain.com, OU=Domain Control Validated, O=mail.domain.com.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Analyzing the certificate chains for compatability problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
ExRCA is analyzing intermediate certificates that were sent down by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 3/7/2012 9:46:20 PM, NotAfter = 3/7/2015 9:46:20 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://remote.domain.com/Microsoft-Server-ActiveSync.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
An ActiveSync session is being attempted with the server.
Testing of an Exchange ActiveSync session completed successfully.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Mon, 26 Mar 2012 17:05:58 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET

Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 17
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1
Attempting to test the GetItemEstimate command for the Inbox folder.
ExRCA successfully received the GetItemEstimate response from the server.
Additional Details
Estimate: 6 messages
Attempting to test synchronization of the Inbox folder.
The Sync command completed successfully.
Additional Details
Number of items synchronized: 6
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37767244
Okay - so all looks good from a server perspective.

Is this an issue with specific users or all users?

Specific devices or all devices?

Have you tried a working user account on a device that doesn't work properly and a now-working account on a known working device?

Trying to narrow down the possibilities and see if it is a device issue or a mailbox issue.

(P.S. - I have hidden your domain name / IP Addresses in your earlier post).
0
 

Author Comment

by:jlburgin
ID: 37767316
Only happens for two users on both their iPhones.  One of the users stated it occurs on their iPad as well.  Everyone else works normally granted this is a small office with a total of 8 users.

I have setup their account on my iPhone and am waiting to see if it starts failing.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37767386
If the test doesn't work, please check the inherited permissions for the users and Group membership as per my article:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html
0
 

Accepted Solution

by:
jlburgin earned 0 total points
ID: 37903855
Resolution was to completely wipe the device and install all apps manually on the phones.
0
 

Author Closing Comment

by:jlburgin
ID: 37918463
Resolution came from completely wiping the devices
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now