Solved

Exchange 2003 transition to Exchange 2010 CAS Setup portion Active Sync has a long Delay

Posted on 2014-12-21
11
166 Views
Last Modified: 2014-12-28
I am in the process of introducing Exchange 2010 to my existing Exchange 2003 environment.
The planned infrastructure is going to be CAS,HT on one server and MB on another.
The Exchange 2003 server is both a Front-end/Back-End configuration.

I have installed both the CAS and HT roles and configured the virtual directories according to the Exchange Server Deployment Assistant  
My internal domain name is xxxx.local.  I have a DNS Zone for xxxx.com.
I have a record for the legacy.xxxx.com Host record point to my 2003 Server and mail.xxxx.com resolving my new CAS/HT 2010 server.
I am able to successfully authenticate to OWA both internal and external.

When I run the test with ExRCA I get a Forbbiden 403 error.
I tried to follow some of  the suggestions, but still no luck.  

I am able to successfully create a active sync connection on my iPhone, but when I try to sync my folders I just see it trying to update.  


EDIT:
Update:
I was able to connect with Outlook over RPC over HTTPS, OWA and Active Sync.
I see normal response time using OWA and Outlook Over RPC, but Active Sync has a long delay between mail arriving in my Outlook inbox and on my phone.  Even when I delete and item from the phone it takes some time to show the change in my Outlook.
MCATestResults-AS-20141221.html
0
Comment
Question by:yo_bee
  • 7
  • 4
11 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40512770
Inbox is the only thing that is real time with ActiveSync. Item deletions occur in the background, so can take a while to replicate to the Outlook client. Similarly deletions in the Outlook client can take a few minutes to (dis)appear on the device. Therefore the behaviour you are seeing is to be expected.

Furthermore, if you are connecting over Wifi rather than a mobile network, then the synchronisation of the items happens on a schedule, rather than push. Push only occurs over a mobile network connection.

Simon.
0
 
LVL 21

Author Comment

by:yo_bee
ID: 40512843
So the issue I am seeing is when I am on the public legacy.xxxx.com the sync between Outlook and my mobile device is seconds.  When I go to the new CAS public address it's minutes (up to 10).  

Something is wrong here.  I looked at the IIS logs and I see my connection established, but no errors that jump out.

I am trying to get the CAS part working before I move any further.
0
 
LVL 21

Author Comment

by:yo_bee
ID: 40512849
I also put Legacy, Autodiscover, Mail  Host Records for my domain in my Public DNS name server as well as the xxxx.com zone in my internal DNS Server.  I am able to resolve both internally and externally without any issues.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40512889
Where is your mailbox located?
What was the reason for splitting CAS/HT from the mailbox role? I haven't split the roles in any deployment of Exchange 2010 (and I have done a lot of them, including for UK household names). All roles on all servers is considered the best practise.
If you aren't planning for an extended co-existence period, this isn't really something I would worry too much about. Test it with a mailbox that is on the Exchange 2010 platform.

Simon.
0
 
LVL 21

Author Comment

by:yo_bee
ID: 40512916
Why not separate them? Here is my thoughts.
 
I have 1.8 TB worth of data that I need to move over.  I do not think it would work well on a single instance.  Second I want to introduce DAG in the near future. Also it is better practice to separate these parts.
I plan to have a 2003 and 2010 coexist for longer than a day. So I need to make sure this works.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40514634
"Also it is better practice to separate these parts. "
No, it isn't. Best practise is all roles on all servers.

1.8tb of data is nothing, I have sites larger than that.
Every deployment I have done has involved all roles on all servers. I have just completed a deployment of nine servers, three DAGs, over 6tb of data. All in that configuration.

Wanting to use a DAG - makes no difference at all. The only people who use separate CAS are those that want to use WNLB. The Exchange product team do not recommend the use of WNLB. It would be better to save the cost of additional Windows and Exchange licences and buy a proper load balancer (JetNexus or Kemp).

Where are you pointing the ActiveSync traffic? At the frontend or backend Exchange 2003 server? If the frontend then it should be the backend. Basically the frontend server is completely bypassed.

Simon.
0
 
LVL 21

Author Comment

by:yo_bee
ID: 40515212
I am in the process of introducing Exchange 2010 to my existing Exchange 2003 environment.
 The planned infrastructure is going to be CAS,HT on one server and MB on another.
 The Exchange 2003 server is both a Front-end/Back-End configuration.

For Production the public DNS points to the Exchange 2003 Server
For Testing  the public DNS points to the Exchange 2010 CAS Server.

Thanks for the information about the roles, but I am staying with the model of putting the MB Role on  a separate server.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40515708
"The Exchange 2003 server is both a Front-end/Back-End configuration."

That isn't possible.
Either it is a frontend or a backend. It cannot be both.

The primary cause of problems with co-existence I find is issues with the virtual directories. Reset the virtual directories and try again. They should be as close to default as possible.

Unfortunately the configuration you require for co-existence will break existing clients, so you cannot really "test" it using DNS.

Simon.
0
 
LVL 21

Author Comment

by:yo_bee
ID: 40515983
Simon,

There is only a single Exchange server in my current environment. The server handling both the Active Sync Calls, RPC over HTTPS as well as mail.
Here are some article that illustrates this:
http://blogs.technet.com/b/vik/archive/2007/09/20/how-to-get-exchange-activesync-to-work-on-a-single-exchange-server-error-code-85010014.aspx
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28010384.html

DNS wise the 2003 Active Sync Server and 2010 CAS have their own IP Addresses both public and private.
There is NATing on the FIrewall, but they forward to the appropriate server.

I am able to establish a connection one my iPhone, but they just take a really long time to process.
0
 
LVL 21

Accepted Solution

by:
yo_bee earned 0 total points
ID: 40516016
Found the issue and it was right under my noise the whole time.
Because I have a single Exchange Server in my environment (Sort of like a SBS scenario) where both the Front-End/Back-End roles are on the same server I had SSL forces (HTTP not allowed) on the Exchange Virtual Directory causing the 403 Forbidden Error.  I ended up blocking port 80 calls at the firewall.
Once I unchecked the setting Mail started to push in a timely manner.

Here is the article I found while trying to illustrate the single server scenario that helped me come to this conclusion and fix.

http://www.msexchange.org/blogs/walther/news/exchange-20032010-activesync-coexistence-lesson-learned-605.html


For someone with such an established ranking over the years I am surprised from your replies and very disappointed with the way you addressed my question.   Rather than try to answer my question you kept on bringing up and suggesting things that were not even relevant to the question I was asking as well as stating Absolutes like I can not have both Exchange 2003 role on the same server. For these reasons I would have to give you a C.  

 Everything you posted was not anywhere helpful.  Suggestive yes, but helpful regarding the question at hand No
0
 
LVL 21

Author Closing Comment

by:yo_bee
ID: 40520288
I found the solution on another site.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now