CHI-LTD
asked on
Excahneg Active Sync (ok on android, not on IOS)
Ideas?
Native AS client workign fien on my samsung tab 2. Encrypted and PW policy applied.
IOS - ipad 1 and and ipad mini IOS6 and IOS 7.2 respectivly failing. One over wifo and the other 3g.
used a free app to verify and fails on the username section.
IDeas?
thanks
Native AS client workign fien on my samsung tab 2. Encrypted and PW policy applied.
IOS - ipad 1 and and ipad mini IOS6 and IOS 7.2 respectivly failing. One over wifo and the other 3g.
used a free app to verify and fails on the username section.
IDeas?
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
one warning on AS test....
Please post the test results
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
2010 (not latest SP)
yes i have 2x androids which works fine
its my account (admin), but fails on any account for ios
odd, its now failing:
The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Additional Details
Elapsed Time: 22448 ms.
Test Steps
Attempting to resolve the host name mail.church-house.co.uk in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: external1 ip, external2 ip
Elapsed Time: 575 ms.
Testing TCP port 443 on host mail.domain.co.uk to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 310 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 489 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.domain.co.uk on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.co.uk, OU=Domain Control Validated, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 429 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.church-house.co.uk was found in the Certificate Subject Common name.
Elapsed Time: 0 ms.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.domain.co.uk, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 26 ms.
Analyzing the certificate chains for compatibility problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 3 ms.
The Microsoft Connectivity Analyzer is analyzing intermediate certificates sent by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Elapsed Time: 0 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 5/2/2013 2:29:34 PM, NotAfter = 5/1/2016 8:37:28 AM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 542 ms.
Testing HTTP Authentication Methods for URL https://mail.domain.co.uk/Microsoft-Server-ActiveSy nc/.
The HTTP authentication methods are correct.
Additional Details
The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic
Elapsed Time: 316 ms.
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Additional Details
Elapsed Time: 20214 ms.
Test Steps
Attempting to send the OPTIONS command to the server.
Testing of the OPTIONS command failed. For more information, see Additional Details.
Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from IIS7. Body of the response: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7 em;font-fa mily:Verda na, Arial, Helvetica, sans-serif;background:#EEE EEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin: 0;color:#F FF;}
h2{font-size:1.7em;margin: 0;color:#C C0000;}
h3{font-size:1.2em;margin: 10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{backgro und:#FFF;w idth:96%;m argin-top: 8px;paddin g:10px;pos ition:rela tive;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"> <fieldset>
<h2>403 - Forbidden: Access is denied.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
Headers received:
Content-Length: 1233
Cache-Control: private
Content-Type: text/html
Date: Thu, 31 Oct 2013 09:11:55 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 20214 ms.
yes i have 2x androids which works fine
its my account (admin), but fails on any account for ios
odd, its now failing:
The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Additional Details
Elapsed Time: 22448 ms.
Test Steps
Attempting to resolve the host name mail.church-house.co.uk in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: external1 ip, external2 ip
Elapsed Time: 575 ms.
Testing TCP port 443 on host mail.domain.co.uk to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 310 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 489 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.domain.co.uk on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.domain.co.uk, OU=Domain Control Validated, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 429 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.church-house.co.uk was found in the Certificate Subject Common name.
Elapsed Time: 0 ms.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.domain.co.uk, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 26 ms.
Analyzing the certificate chains for compatibility problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 3 ms.
The Microsoft Connectivity Analyzer is analyzing intermediate certificates sent by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Elapsed Time: 0 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 5/2/2013 2:29:34 PM, NotAfter = 5/1/2016 8:37:28 AM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 542 ms.
Testing HTTP Authentication Methods for URL https://mail.domain.co.uk/Microsoft-Server-ActiveSy
The HTTP authentication methods are correct.
Additional Details
The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic
Elapsed Time: 316 ms.
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Additional Details
Elapsed Time: 20214 ms.
Test Steps
Attempting to send the OPTIONS command to the server.
Testing of the OPTIONS command failed. For more information, see Additional Details.
Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from IIS7. Body of the response: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:
h2{font-size:1.7em;margin:
h3{font-size:1.2em;margin:
#header{width:96%;margin:0
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{backgro
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container">
<h2>403 - Forbidden: Access is denied.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
Headers received:
Content-Length: 1233
Cache-Control: private
Content-Type: text/html
Date: Thu, 31 Oct 2013 09:11:55 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 20214 ms.
If you are an Admin, it will fail.
MS Recommend having an Admin account for Admin purposes and a user account for regular stuff, including emails.
Permissions will be reset hourly for anyone with an Admin account and those permissions will stop Activesync working.
There is a workaround discussed in my blog (link to) if you are interested:
http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Alan
MS Recommend having an Admin account for Admin purposes and a user account for regular stuff, including emails.
Permissions will be reset hourly for anyone with an Admin account and those permissions will stop Activesync working.
There is a workaround discussed in my blog (link to) if you are interested:
http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Alan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Those groups are listed in my article :)
ASKER
i have tried ion a normal user account and that fails too!!
Have you checked the inherited permissions as per my article?
Alan
Alan
ASKER
yes, ticked the inherit option, still not working.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry - using a 3rd party SSL cert - ignore that part of the question above.
Alan
Alan
ASKER
Yes, i has worked before on my ipad.
old install of exchange, cert not changed either...
old install of exchange, cert not changed either...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Its on 3g at the moment, but have also tried wifi on another wifi connection...
ASKER
mainly 3g
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Standard domain user (without inherited permissions):
is now working...
The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Additional Details
Elapsed Time: 8528 ms.
Test Steps
Attempting to resolve the host name mail.-.co.uk in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned:
Elapsed Time: 118 ms.
Testing TCP port 443 on host mail.-.co.uk to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 301 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 663 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.-.co.uk on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.-.co.uk, OU=Domain Control Validated, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 617 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.-.co.uk was found in the Certificate Subject Common name.
Elapsed Time: 0 ms.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.-.co.uk, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 20 ms.
Analyzing the certificate chains for compatibility problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 2 ms.
The Microsoft Connectivity Analyzer is analyzing intermediate certificates sent by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Elapsed Time: 0 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 5/2/2013 2:29:34 PM, NotAfter = 5/1/2016 8:37:28 AM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 725 ms.
Testing HTTP Authentication Methods for URL https://mail.-.co.uk/Microsoft-Server-ActiveSync/.
The HTTP authentication methods are correct.
Additional Details
The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic
Elapsed Time: 426 ms.
An ActiveSync session is being attempted with the server.
Testing of an Exchange ActiveSync session completed successfully.
Additional Details
Elapsed Time: 6293 ms.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST MS-Server-ActiveSync: 14.2 MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0 ,14.1 MS-ASProtocolCommands: Sync,SendMail,SmartForward ,SmartRepl y,GetAttac hment,GetH ierarchy,C reateColle ction,Dele teCollecti on,MoveCol lection,Fo lderSync,F olderCreat e,FolderDe lete,Folde rUpdate,Mo veItems,Ge tItemEstim ate,Meetin gResponse, Search,Set tings,Ping ,ItemOpera tions,Prov ision,Reso lveRecipie nts,Valida teCert Public: OPTIONS,POST Content-Length: 0 Cache-Control: private Date: Fri, 01 Nov 2013 15:29:18 GMT Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET
Elapsed Time: 340 ms.
Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 35 Response: <FolderSync xmlns="FolderHierarchy:"> <Status>1</Status> <SyncKey>1</SyncKey> <Changes> <Count>35</Count> <Add> <ServerId>1</ServerId> <ParentId>0</ParentId> <DisplayName>Calendar</Dis playName> <Type>8</Type> </Add> <Add> <ServerId>2</ServerId> <ParentId>0</ParentId> <DisplayName>Contacts</Dis playName> <Type>9</Type> </Add> <Add> <ServerId>3</ServerId> <ParentId>0</ParentId> <DisplayName>Deleted Items</DisplayName> <Type>4</Type> </Add> <Add> <ServerId>4</ServerId> <ParentId>0</ParentId> <DisplayName>Drafts</Displ ayName> <Type>3</Type> </Add> <Add> <ServerId>5</ServerId> <ParentId>0</ParentId> <DisplayName>Inbox</Displa yName> <Type>2</Type> </Add> <Add> <ServerId>6</ServerId> <ParentId>5</ParentId> <DisplayName>Capital Cash Flows</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>7</ServerId> <ParentId>5</ParentId> <DisplayName>Capital Valuations</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>8</ServerId> <ParentId>5</ParentId> <DisplayName>CH Deep Value</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>9</ServerId> <ParentId>5</ParentId> <DisplayName>Directors</Di splayName> <Type>12</Type> </Add> <Add> <ServerId>10</ServerId> <ParentId>9</ParentId> <DisplayName>MBaines</Disp layName> <Type>12</Type> </Add> <Add> <ServerId>11</ServerId> <ParentId>10</ParentId> <DisplayName>Andrew Martin Smith</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>12</ServerId> <ParentId>10</ParentId> <DisplayName>Internal Emails</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>13</ServerId> <ParentId>12</ParentId> <DisplayName>Investment Trust Research</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>14</ServerId> <ParentId>13</ParentId> <DisplayName>Bond & Fixed Interest Data</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>15</ServerId> <ParentId>14</ParentId> <DisplayName>Lombard research</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>16</ServerId> <ParentId>13</ParentId> <DisplayName>S&W Cash Flows</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>17</ServerId> <ParentId>16</ParentId> <DisplayName>Smith & Williamson</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>18</ServerId> <ParentId>12</ParentId> <DisplayName>James - Internal Emails</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>19</ServerId> <ParentId>18</ParentId> <DisplayName>Capital Trades</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>20</ServerId> <ParentId>5</ParentId> <DisplayName>Share Dealing</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>21</ServerId> <ParentId>5</ParentId> <DisplayName>SIPP</Display Name> <Type>12</Type> </Add> <Add> <ServerId>22</ServerId> <ParentId>5</ParentId> <DisplayName>Victoria</Dis playName> <Type>12</Type> </Add> <Add> <ServerId>23</ServerId> <ParentId>22</ParentId> <DisplayName>Private</Disp layName> <Type>12</Type> </Add> <Add> <ServerId>24</ServerId> <ParentId>0</ParentId> <DisplayName>Journal</Disp layName> <Type>11</Type> </Add> <Add> <ServerId>25</ServerId> <ParentId>0</ParentId> <DisplayName>Junk E-mail</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>26</ServerId> <ParentId>0</ParentId> <DisplayName>Notes</Displa yName> <Type>10</Type> </Add> <Add> <ServerId>27</ServerId> <ParentId>0</ParentId> <DisplayName>Outbox</Displ ayName> <Type>6</Type> </Add> <Add> <ServerId>28</ServerId> <ParentId>0</ParentId> <DisplayName>RSS Feeds</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>29</ServerId> <ParentId>0</ParentId> <DisplayName>Sent Items</DisplayName> <Type>5</Type> </Add> <Add> <ServerId>30</ServerId> <ParentId>0</ParentId> <DisplayName>Suggested Contacts</DisplayName> <Type>14</Type> </Add> <Add> <ServerId>31</ServerId> <ParentId>0</ParentId> <DisplayName>Sync Issues</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>32</ServerId> <ParentId>31</ParentId> <DisplayName>Conflicts</Di splayName> <Type>12</Type> </Add> <Add> <ServerId>33</ServerId> <ParentId>31</ParentId> <DisplayName>Local Failures</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>34</ServerId> <ParentId>31</ParentId> <DisplayName>Server Failures</DisplayName> <Type>12</Type> </Add> <Add> <ServerId>35</ServerId> <ParentId>0</ParentId> <DisplayName>Tasks</Displa yName> <Type>7</Type> </Add> </Changes> </FolderSync> Diagnostics:
Elapsed Time: 1369 ms.
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1 Diagnostics:
Elapsed Time: 1032 ms.
Attempting to test the GetItemEstimate command for the Inbox folder.
The Microsoft Connectivity Analyzer successfully received the GetItemEstimate response from the server.
Additional Details
Estimate: 3092 messages Diagnostics:
Elapsed Time: 1100 ms.
Attempting to test synchronization of the Inbox folder.
The Sync command completed successfully.
Additional Details
Number of items synchronized: 100 Diagnostics:
Elapsed Time: 2449 ms.
is now working...
The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Additional Details
Elapsed Time: 8528 ms.
Test Steps
Attempting to resolve the host name mail.-.co.uk in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned:
Elapsed Time: 118 ms.
Testing TCP port 443 on host mail.-.co.uk to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 301 ms.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Elapsed Time: 663 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.-.co.uk on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.-.co.uk, OU=Domain Control Validated, Issuer: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
Elapsed Time: 617 ms.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.-.co.uk was found in the Certificate Subject Common name.
Elapsed Time: 0 ms.
Validating certificate trust for Windows Mobile devices.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.-.co.uk, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 20 ms.
Analyzing the certificate chains for compatibility problems with Windows Phone devices.
Potential compatibility problems were identified with some versions of Windows Phone.
Tell me more about this issue and how to resolve it
Additional Details
The certificate is only trusted on Windows Mobile 6.0 and later versions. Devices running Windows Mobile 5.0 and 5.0 with the Messaging and Security Feature Pack won't be able to sync. Root = OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Elapsed Time: 2 ms.
The Microsoft Connectivity Analyzer is analyzing intermediate certificates sent by the remote server.
All intermediate certificates are present and valid.
Additional Details
All intermediate certificates were present and valid.
Elapsed Time: 0 ms.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 5/2/2013 2:29:34 PM, NotAfter = 5/1/2016 8:37:28 AM
Elapsed Time: 0 ms.
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Elapsed Time: 725 ms.
Testing HTTP Authentication Methods for URL https://mail.-.co.uk/Microsoft-Server-ActiveSync/.
The HTTP authentication methods are correct.
Additional Details
The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic
Elapsed Time: 426 ms.
An ActiveSync session is being attempted with the server.
Testing of an Exchange ActiveSync session completed successfully.
Additional Details
Elapsed Time: 6293 ms.
Test Steps
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Additional Details
Headers received: Allow: OPTIONS,POST MS-Server-ActiveSync: 14.2 MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0
Elapsed Time: 340 ms.
Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Additional Details
Number of folders: 35 Response: <FolderSync xmlns="FolderHierarchy:"> <Status>1</Status> <SyncKey>1</SyncKey> <Changes> <Count>35</Count> <Add> <ServerId>1</ServerId> <ParentId>0</ParentId> <DisplayName>Calendar</Dis
Elapsed Time: 1369 ms.
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
The Sync command completed successfully.
Additional Details
Status: 1 Diagnostics:
Elapsed Time: 1032 ms.
Attempting to test the GetItemEstimate command for the Inbox folder.
The Microsoft Connectivity Analyzer successfully received the GetItemEstimate response from the server.
Additional Details
Estimate: 3092 messages Diagnostics:
Elapsed Time: 1100 ms.
Attempting to test synchronization of the Inbox folder.
The Sync command completed successfully.
Additional Details
Number of items synchronized: 100 Diagnostics:
Elapsed Time: 2449 ms.
And on their phone?
ASKER
ipad mini 'unable to verify account information'.
using the activesync test app - AS Test:
fails on valid user...
using the activesync test app - AS Test:
fails on valid user...
ASKER
should TCP port 5223 be open?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I see that Rollup 7 for SP" is ready...
Not to mention SP3 Rollup 2 as well! You are a bit behind and would be good to get up to date.
ASKER
we will upgrade, but shouldn't cause EAS issues?
It can only help - as the updates fix bugs.
ASKER
true.
ASKER
Applied rollup and rebooted.
The samsung device hasn't synced since Sunday. I now cant setup EAS on the device.
I recall i had to manually run a command in powershell to automatically approve devices when testing with maas360. I assume this command is similar to allowing allow/block lists in the GUI through OWA?
Is it worth adding an allow rule through OWA for all devices?
The samsung device hasn't synced since Sunday. I now cant setup EAS on the device.
I recall i had to manually run a command in powershell to automatically approve devices when testing with maas360. I assume this command is similar to allowing allow/block lists in the GUI through OWA?
Is it worth adding an allow rule through OWA for all devices?
Are you now saying you have MAAS360 installed and configured on your server?
ASKER
We did have. its no not being used.
We are using native EAS client on the devices so bypassing Maas..
We are using native EAS client on the devices so bypassing Maas..
Is it still installed though?
ASKER
not on the device, no.
I have just noticed that one of our other exchange servers at a remote sites, no mailboxes is coming up with warnings. I'm assuming this is the problem...
Event id 1044.
The Client Access server doesn't have the InternalURL value set for the Microsoft-Server-ActiveSyn c virtual directory. This prevents Exchange ServiceDiscovery from finding the MobileSyncService information for user CHI-EXCH.domain.local. At least one Client Access server in the user's mailbox Active Directory site must have the InternalURL value set. The format for the InternalURL value is https://hostname/Microsoft-Server-ActiveSync
Remind me how the clients will know which server to access and how to force our main server to accept the connections..?
Thanks
I have just noticed that one of our other exchange servers at a remote sites, no mailboxes is coming up with warnings. I'm assuming this is the problem...
Event id 1044.
The Client Access server doesn't have the InternalURL value set for the Microsoft-Server-ActiveSyn
Remind me how the clients will know which server to access and how to force our main server to accept the connections..?
Thanks
ASKER
ASKER
DNS setup for point to two servers at different sites..
Removed 2nd box, all ok
Removed 2nd box, all ok
ASKER