Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Exchange active sync problem with iphone and ipad

Posted on 2012-04-04
Medium Priority
Last Modified: 2014-04-20
I am having a problem connecting my ipad and iphone to an exchange server 2003.
i get connection to the server failed. already recreated the iss oma directory and verified all settings is as it should be in Exchange virtual directory, microsoft activesync and oma, what else would cause this type of problem?

When i connect using my ipad i can send email. i don't see the emails being sent or in the inbox and like i stated above i get the error connection to server failed. which i find weird.
this is a 500 point question. Thanks

I did a RCA test and this is the results below.

ExRCA is testing Exchange ActiveSync.
 The Exchange ActiveSync test failed.
 Test Steps
 Attempting to resolve the host name in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned:

Testing TCP port 443 on host to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The certificate passed all validation requirements.
 Test Steps
 ExRCA is attempting to obtain the SSL certificate from remote server on port 443.
 ExRCA successfully obtained the remote SSL certificate.
 Additional Details
 Remote Certificate Subject:, OU=Domain Control Validated,, Issuer: SERIALNUMBER=000000, CN=Go Daddy Secure Certification Authority, OU=, O=", Inc.", L=Scottsdale, S=Arizona, C=US.

Validating the certificate name.
 The certificate name was validated successfully.
 Additional Details
 Host name was found in the Certificate Subject Common name.

Validating certificate trust for Windows Mobile devices.
 The certificate is trusted and all certificates are present in the chain.
 Test Steps
 ExRCA is attempting to build certificate chains for certificate, OU=Domain Control Validated,
 One or more certificate chains were constructed successfully.
 Additional Details
 A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.

Analyzing the certificate chains for compatability problems with Windows Phone devices.
 Potential compatibility problems were identified with some versions of Windows Phone.
  Tell me more about this issue and how to resolve it
 Additional Details
 The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.

ExRCA is analyzing intermediate certificates that were sent down by the remote server.
 All intermediate certificates are present and valid.
 Additional Details
 All intermediate certificates were present and valid.

Testing the certificate date to confirm the certificate is valid.
 Date validation passed. The certificate hasn't expired.
 Additional Details
 The certificate is valid. NotBefore = 6/7/2011 5:46:32 PM, NotAfter = 6/7/2016 5:46:32 PM

Checking the IIS configuration for client certificate authentication.
 Client certificate authentication wasn't detected.
 Additional Details
 Accept/Require Client Certificates isn't configured.

Testing HTTP Authentication Methods for URL
 The HTTP authentication methods are correct.
 Additional Details
 ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic

An ActiveSync session is being attempted with the server.
 Errors were encountered while testing the Exchange ActiveSync session.
 Test Steps
 Attempting to send the OPTIONS command to the server.
 The OPTIONS response was successfully received and is valid.
 Additional Details
 Headers received: MicrosoftOfficeWebServer: 5.0_Pub
Pragma: no-cache
MS-Server-ActiveSync: 6.5.7638.1
MS-ASProtocolVersions: 1.0,2.0,2.1,2.5
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,ValidateCert,Provision,Search,Notify,Ping
Content-Length: 0
Date: Wed, 04 Apr 2012 16:05:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

Attempting the FolderSync command on the Exchange ActiveSync session.
 The test of the FolderSync command failed.
 Additional Details
 Exception details:
Message: The operation has timed out
Type: System.Net.WebException
Stack trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Tools.ExRca.Tests.ActiveSync.ActiveSyncFolderSyncTest.PerformTestReally()

thanks Mil...
Question by:mildogz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 76

Accepted Solution

Alan Hardisty earned 2000 total points
ID: 37807257
What is your default website timeout value set to?

Please have a read through my article and check ALL your IIS settings as per my article and if you are still stuck afterwards, please let me know where:


Author Comment

ID: 37807455
Hi Alan,

Thanks for responding, the default website time out value is set to 120,
I have read your article and went through the process. I am using 2003 SBS and followed the setting for SBS. I see there is two exchange-oma directory's what should i do about that? this is the way it is setup for me.

Exchange Virtual Directory
•      Authentication = Integrated & Basic
•      Default Domain = domain
•      Realm = blank
       IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL IS ticked (very important)

Microsoft-Server-Activesync Virtual Directory
•      Authentication = Basic
•      Default Domain = domain name
•      Realm = blank
•      IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

Exchange-oma Virtual Directory
•      Authentication = Integrated & Basic
•      Default Domain = domain name
•      Realm = domain.local
•      IP Address Restrictions = Restricted to IP Address of Server
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

Exchange-oma1 Virtual Directory
•      Authentication = Integrated & Basic
•      Default Domain = \ (backslash in place of domain)
•      Realm = domain.local
•      IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

OMA Virtual Directory
•      Authentication = Basic
•      Default Domain = \ (backslash in place of domain)
•      Realm = blank
•      IP Address Restrictions = Granted Access
•      Secure Communications = Require SSL and Require 128-Bit Encryption NOT ticked

LVL 76

Expert Comment

by:Alan Hardisty
ID: 37808115
As per my article - please set the website timeout to 480.

Not sure why you have 2 Exchange-oma directories - never seen that before.  Might be worth following KB883380 (deleting both exchange-oma directories too) and then re-creating them.

Then follow KB817379 and re-add the exchange-oma virtual directory and see where that leaves you.
What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.


Author Comment

ID: 37808302

ok, i'll try this and update you with the results.

LVL 76

Expert Comment

by:Alan Hardisty
ID: 37808307
No probs - ready and waiting.

Author Closing Comment

ID: 38049047
Alan gets the points.

Author Comment

ID: 38049056
Thanks for your help with this Alan we had to recreate all the Virtual directories.

Expert Comment

ID: 40011966
I have the same problem and was wondering if we delete EVERYTHING under the Default Web Site, or just certain directories.  Thanks


Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question