• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1579
  • Last Modified:

Exchange activesync iphone fails - android OK

I have a SBS2003. Exch 2003 SP2. OWA working fine. Exchange activesync working on my android phone with the program Touchdown (better exchange client than the built in one)

All the same settings fail in a new iphone. It accepts them but when trying to sync it says that it failed.

The event log on the exchange server gets this error everytime the iphone tries to sync:
Event Type:      Error
Event Source:      Server ActiveSync
Event Category:      None
Event ID:      3005
Date:            24/08/2012
Time:            12:51:12 PM
User:            ourdomainname\ittest
Computer:      OURSBS
Description:
Unexpected Exchange mailbox Server error: Server: [OURSBS.ourdomain.local] User: [ittest@ourdomainname.org.au] HTTP status code: [501]. Verify that the Exchange mailbox Server is working correctly.

----

There is alot of info about this error but seemingly quite a few solutions. None have worked for me, the iphone wont sync.

The test at testeschangeconnectivity.com fails, (and also adds an 3005 error to the event log when it fails) see below:


ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.

Test Steps
Attempting to resolve the host name mail.ourdomainname.org.au in DNS.
The host name resolved successfully.
Additional Details
Testing TCP port 443 on host mail.ourdomainname.org.au to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Testing HTTP Authentication Methods for URL https://mail.ourdomainname.org.au/Microsoft-Server-ActiveSync/.
The HTTP authentication methods are correct.
Additional Details
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Tell me more about this issue and how to resolve it
Additional Details
Exchange ActiveSync returned an HTTP 500 response.
-----


As I said, the android phone is syncing perfectly. But the iphone wont. OWA is OK.
I have tried these checklists
http://support.microsoft.com/kb/937635
http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/

among some others as well and our config seems to check out.

I have also created a brand new mailbox for testing. Same problem, fine on android (touchdown) but not on iOS it seems.

Running out of hair, I would appreciate any help I can get.
0
Dr_Snapid
Asked:
Dr_Snapid
  • 13
  • 11
  • 2
2 Solutions
 
Dr_SnapidAuthor Commented:
I have also recreated the virtual folders as per here http://support.microsoft.com/kb/883380
0
 
Exchange_GeekCommented:
You do not require to recreate the virtual directory, if droids are working, iphone should also work. why not work with upgrading the IOS to higher version, sometimes certain version of IOS have issues with sync.

Also, work with a new account on droid and iphone and verify results.

Verify if the inherited permissions aren't the cause of the user in AD.

Regards,
Exchange_Geek
0
 
Svet PaperovIT ManagerCommented:
You need to fix the ActiveSync errors reported by ExRCA test. Follow the links in Test Steps and others from the report to find the reason for the failure. Without fixing it, iPhone won't work.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Dr_SnapidAuthor Commented:
Yeah I followed the steps but so far no joy. Should a new iPhone need an update?
0
 
Exchange_GeekCommented:
You've mentioned that you are able to configure it on Touchdown, how about you use Droid native Active Sync - does it work?

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Great suggestion, and strangely, the built in exchnage app wont even create the account, it accepts the setting and goes to the final screen but whenI press finish it says 'Failed to create the account, try again later.'

So googling around to find the solution to this and many people find the only way is to install touchdown.

So it turns out touchdown must be able to connect to exchange servers even when something is wrong with the server. Frankly that doesnt make sense to me but there ya go.

Using testexchangeconnectivity.com's solutions so far hasnt yielded any solutions, I can follow the instructions, but they dont fix the problem, the test still fails at the same place.
0
 
Exchange_GeekCommented:
Do not fall off laughing when you read this solution that i came across

The universal fix for the "Failed to create the account please try again later" while adding exchange server on phones

1) Add your account in Settings -> Accounts & Sync
2) In the second last step, uncheck all three options (mail, contacts, calendar)
3) Finish the configuration and your account should get created (here is where it would usually fail if you have not unchecked the options)
4) Click on the created account and check back the three options (mail, contacts, calendar)

Hope this help you - I discovered this by chance and it works all the time.

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Yeah I saw that too, didnt work.
0
 
Exchange_GeekCommented:
What's the IOS ver you're working with? I'll need to check the compatibility against E2003.

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Well all I know is it's new. The owner of it isnt at work yet (its 6.45am here now)

I will try and find out though.
0
 
Exchange_GeekCommented:
And you're awake and responding to my posts.....wow ....true IT person :)

cause its 2:27am here.

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Well it looks like i fixed it, is as much as the testexchangeconnectivity.com website now doesnt have the error.

My android phone now works even with the standard client. I have got my fingers crossed that when the staff member comes to work she will say YAY MY EMAIL IS WORKING ON MY IPHONE and I can take the rest of the day off to recover....


These are the insructions that seem to have worked, the exception being that because i hadnt deleted the exchange-oma virtual directory (these instructions didnt tell me to), I had to tell it to overwrite rather than creating a new one when re-importing the config.

http://support.microsoft.com/?kbid=817379

Method 2

Important Method 2 should be used only in an environment that has no Exchange Server 2003 front-end server. The registry changes should be made only on the server on which the mailboxes are located.

 Create a secondary virtual directory for Exchange that does not require SSL, and then add a registry value to point to the new virtual directory.





Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756

 How to back up and restore the registry in Windows




Note These steps affect both Outlook Mobile Access connections and Exchange ActiveSync connections. After you follow these steps, both Outlook Mobile Access and Exchange ActiveSync connections use the new virtual directory that you create.
Disable the forms-based authentication for the Exchange virtual directory
To create a secondary virtual directory for Exchange that is based on steps 1 through 7 of the following procedure, make sure that forms-based authentication is disabled for the Exchange virtual directory before you make the copy. Before you follow these steps, disable forms-based authentication in Exchange System Manager. Then restart Internet Information Services (IIS). To do this, follow these steps: 1.Open Exchange Manager.
2.Expand Administrative Groups, expand the first administrative group, and then expand Servers.
3.Expand the server container for the Exchange Server 2003 server that you will be configuring, expand Protocols, and then expand HTTP.
4.Under the HTTP container, right-click the Exchange Virtual Server container, and then click Properties.
5.Click the Settings tab, clear the Enable Forms Based Authentication check box, and then click OK.
6.Close Exchange Manager.
7.Click Start, click Run, type IISRESET/NOFORCE, and then press Enter to restart Internet Information Services (IIS).

Create a secondary virtual directory for Exchange server
You must use Internet IIS Manager to create this virtual directory for Exchange ActiveSync and Outlook Mobile Access to work. If you are using Windows Server 2003, follow these steps:

Create the virtual directory1.Start Internet Information Services (IIS) Manager.
2.Locate the Exchange virtual directory. The default location is as follows:
Web Sites\Default Web Site\Exchange

3.Right-click the Exchange virtual directory, click All Tasks, and then click Save Configuration to a File.
4.In the File name box, type a name. For example, type ExchangeVDir. Click OK.
5.Right-click the root of this website. Typically, this is Default Web Site. Click New, and then click Virtual Directory (from file).
6.In the Import Configuration dialog box, click Browse, locate the file that you created in step 4, click Open, and then click Read File.
7.Under Select a configuration to import , click Exchange, and then click OK.

 A dialog box will appear that states that the "virtual directory already exists."
8.Select the Create a new virtual directory option. In the Alias box, type a name for the new virtual directory that you want Exchange ActiveSync and Outlook Mobile Access to use. For example, type exchange-oma. Click OK.





Note If the server is Microsoft Windows Small Business Server 2003 (SBS), the name of the Exchange OMA virtual directory must be exchange-oma. The integrated setup of Microsoft Windows Small Business Server 2003 creates the exchange-oma virtual directory in IIS. Additionally, it points the ExchangeVDir registry key to /exchange-oma during the initial installation. Other SBS wizards, such as the Configure E-mail and Internet Connection Wizard (CEICW) also expect the virtual directory name in IIS to be exchange-oma.

Configure the virtual directory1.Right-click the new virtual directory. In this example, click exchange-oma, and then click Properties.
2.Click the Directory Securitytab.
3.Under Authentication and access control, click Edit.
4.Make sure that only the following authentication methods are enabled, and then click OK: ¿Integrated Windows authentication
¿Basic authentication

5.On the Directory Security tab, under IP address and domain name restrictions, click Edit.
6.Click the option for Denied access, click Add, click Single computer, and then type the IP address of the server that you are configuring.
7.lick OK two times.
8.Under Secure communications, click Edit. Make sure that Require secure channel (SSL) is not enabled, and then click OK.
9.Click OK, and then close IIS Manager.
10.Click Start, click Run, type regedit, and then click OK.
11.Locate the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MasSync\Parameters

12.Right-click Parameters, click to New, and then click String Value.
13.Type ExchangeVDir, and then press Enter. Right-click ExchangeVDir, and then click Modify.





Note ExchangeVDir is case-sensitive. If you do not type ExchangeVDir exactly as it appears in this article, ActiveSync does not find the key when it locates the exchange-oma folder.
14.In the Value data box, type the name of the new virtual directory that you created in step 8. For example, type /exchange-oma. Click OK.
15.Exit Registry Editor.
16.Restart the IIS Admin service. To do this, follow these steps: a.Click Start, click Run, type services.msc, and then click OK.
b.In the list of services, right-click IIS Admin service, and then click Restart.
0
 
Dr_SnapidAuthor Commented:
Exchange_Geek it turns out IT guys dont get sleep... did we forget to read the fine print?

No joy, but at least the error in the event logs is different, now i get this when the iphone tries to sync

Unexpected Exchange mailbox Server error: Server: [theuser.domain.local] User: [theuser@thedomain.com.au] HTTP status code: [409]. Verify that the Exchange mailbox Server is working correctly.

So now I can chase this one.
0
 
Svet PaperovIT ManagerCommented:
Good job. Glad you followed my recommendation to fix the ExRCA errors first. iPhone ActiveSync should work too, no worries there.
0
 
Dr_SnapidAuthor Commented:
Do you know what I should have as the values for DEFAULT DOMAIN and REALM under the echange-oma / authentcation methods dialogue box?

Currently I have domain (NOT domain.local) and domain.com.au respectively
0
 
Exchange_GeekCommented:
Jeeeeeeeeeeeeeeeeeeeeez, i thought you already did it - esp when you mentioned you've read and followed Alan's blog

please follow Method 2 in Microsoft Knowledgebase Article KB883380 and this should resolve the issues. This essentially deletes the Exchange Virtual Directories from the IIS Metabase (which can be corrupted) and rebuilds them. When deleting the Exchange virtual Directories, please also delete the Exchange-OMA virtual directory if it exists. Rebuilding those virtual directories often clears up problems that all the other steps above do not resolve.

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Yes I had already done those steps including rebuilding the directories, hence the exchange-oma was already there when i proceeded to the steps I outlined above
0
 
Exchange_GeekCommented:
@spaperov: You've got a good sense of humour, LOL

@Dr_Snapid: Let me check and tell you, don't remember the settings at the back of my mind

Regards,
Exchange_Geek
0
 
Exchange_GeekCommented:
Integrated Windows Authentication +     Basic Authentication

Ref: http://www.tek-tips.com/faqs.cfm?fid=7121

Regards,
Exchange_Geek
0
 
Exchange_GeekCommented:
Default Domain should be \

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Yeah this stuff seems right, i followed the instructions from that blog, thats wht those settings were there. Keep looking i guess
0
 
Dr_SnapidAuthor Commented:
I think it's OK now, restarted server. The events arent appearing in the logs, hoping that means the iphone is syncing without error. User calling me back asap, she's unavailable atm

Will close this today (if the magic smoke doesn't escape from anyone else's gear today)
0
 
Dr_SnapidAuthor Commented:
Well \ is what was in there initially but the blog said he'd fixed it by entering values in some cases.... so I entered values.

If it's working, should I leave it as is or change it back to \ ?
0
 
Exchange_GeekCommented:
I'd say if it is working - hell, leave it there - Exchange is a very sensitive girl, you touch the wrong cord and you're cheeks would get red but not with something sweet rather - ........

Regards,
Exchange_Geek
0
 
Dr_SnapidAuthor Commented:
Points distributed guys. Thanks heaps for your help, these tasks are easier to work through when it seems like there's someone on your side!
0
 
Exchange_GeekCommented:
Glad that the issue is solved, and yes this particular thread goes into my knowledge base too :)

Great team work.

Regards,
Exchange_Geek
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 13
  • 11
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now