Solved

Exchange 2003 transition to Exchange 2010 CAS Setup portion Active Sync has a long Delay

Posted on 2014-12-21
11
178 Views
Last Modified: 2014-12-28
I am in the process of introducing Exchange 2010 to my existing Exchange 2003 environment.
The planned infrastructure is going to be CAS,HT on one server and MB on another.
The Exchange 2003 server is both a Front-end/Back-End configuration.

I have installed both the CAS and HT roles and configured the virtual directories according to the Exchange Server Deployment Assistant  
My internal domain name is xxxx.local.  I have a DNS Zone for xxxx.com.
I have a record for the legacy.xxxx.com Host record point to my 2003 Server and mail.xxxx.com resolving my new CAS/HT 2010 server.
I am able to successfully authenticate to OWA both internal and external.

When I run the test with ExRCA I get a Forbbiden 403 error.
I tried to follow some of  the suggestions, but still no luck.  

I am able to successfully create a active sync connection on my iPhone, but when I try to sync my folders I just see it trying to update.  


EDIT:
Update:
I was able to connect with Outlook over RPC over HTTPS, OWA and Active Sync.
I see normal response time using OWA and Outlook Over RPC, but Active Sync has a long delay between mail arriving in my Outlook inbox and on my phone.  Even when I delete and item from the phone it takes some time to show the change in my Outlook.
MCATestResults-AS-20141221.html
0
Comment
Question by:yo_bee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
11 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40512770
Inbox is the only thing that is real time with ActiveSync. Item deletions occur in the background, so can take a while to replicate to the Outlook client. Similarly deletions in the Outlook client can take a few minutes to (dis)appear on the device. Therefore the behaviour you are seeing is to be expected.

Furthermore, if you are connecting over Wifi rather than a mobile network, then the synchronisation of the items happens on a schedule, rather than push. Push only occurs over a mobile network connection.

Simon.
0
 
LVL 23

Author Comment

by:yo_bee
ID: 40512843
So the issue I am seeing is when I am on the public legacy.xxxx.com the sync between Outlook and my mobile device is seconds.  When I go to the new CAS public address it's minutes (up to 10).  

Something is wrong here.  I looked at the IIS logs and I see my connection established, but no errors that jump out.

I am trying to get the CAS part working before I move any further.
0
 
LVL 23

Author Comment

by:yo_bee
ID: 40512849
I also put Legacy, Autodiscover, Mail  Host Records for my domain in my Public DNS name server as well as the xxxx.com zone in my internal DNS Server.  I am able to resolve both internally and externally without any issues.
0
Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40512889
Where is your mailbox located?
What was the reason for splitting CAS/HT from the mailbox role? I haven't split the roles in any deployment of Exchange 2010 (and I have done a lot of them, including for UK household names). All roles on all servers is considered the best practise.
If you aren't planning for an extended co-existence period, this isn't really something I would worry too much about. Test it with a mailbox that is on the Exchange 2010 platform.

Simon.
0
 
LVL 23

Author Comment

by:yo_bee
ID: 40512916
Why not separate them? Here is my thoughts.
 
I have 1.8 TB worth of data that I need to move over.  I do not think it would work well on a single instance.  Second I want to introduce DAG in the near future. Also it is better practice to separate these parts.
I plan to have a 2003 and 2010 coexist for longer than a day. So I need to make sure this works.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40514634
"Also it is better practice to separate these parts. "
No, it isn't. Best practise is all roles on all servers.

1.8tb of data is nothing, I have sites larger than that.
Every deployment I have done has involved all roles on all servers. I have just completed a deployment of nine servers, three DAGs, over 6tb of data. All in that configuration.

Wanting to use a DAG - makes no difference at all. The only people who use separate CAS are those that want to use WNLB. The Exchange product team do not recommend the use of WNLB. It would be better to save the cost of additional Windows and Exchange licences and buy a proper load balancer (JetNexus or Kemp).

Where are you pointing the ActiveSync traffic? At the frontend or backend Exchange 2003 server? If the frontend then it should be the backend. Basically the frontend server is completely bypassed.

Simon.
0
 
LVL 23

Author Comment

by:yo_bee
ID: 40515212
I am in the process of introducing Exchange 2010 to my existing Exchange 2003 environment.
 The planned infrastructure is going to be CAS,HT on one server and MB on another.
 The Exchange 2003 server is both a Front-end/Back-End configuration.

For Production the public DNS points to the Exchange 2003 Server
For Testing  the public DNS points to the Exchange 2010 CAS Server.

Thanks for the information about the roles, but I am staying with the model of putting the MB Role on  a separate server.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40515708
"The Exchange 2003 server is both a Front-end/Back-End configuration."

That isn't possible.
Either it is a frontend or a backend. It cannot be both.

The primary cause of problems with co-existence I find is issues with the virtual directories. Reset the virtual directories and try again. They should be as close to default as possible.

Unfortunately the configuration you require for co-existence will break existing clients, so you cannot really "test" it using DNS.

Simon.
0
 
LVL 23

Author Comment

by:yo_bee
ID: 40515983
Simon,

There is only a single Exchange server in my current environment. The server handling both the Active Sync Calls, RPC over HTTPS as well as mail.
Here are some article that illustrates this:
http://blogs.technet.com/b/vik/archive/2007/09/20/how-to-get-exchange-activesync-to-work-on-a-single-exchange-server-error-code-85010014.aspx
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28010384.html

DNS wise the 2003 Active Sync Server and 2010 CAS have their own IP Addresses both public and private.
There is NATing on the FIrewall, but they forward to the appropriate server.

I am able to establish a connection one my iPhone, but they just take a really long time to process.
0
 
LVL 23

Accepted Solution

by:
yo_bee earned 0 total points
ID: 40516016
Found the issue and it was right under my noise the whole time.
Because I have a single Exchange Server in my environment (Sort of like a SBS scenario) where both the Front-End/Back-End roles are on the same server I had SSL forces (HTTP not allowed) on the Exchange Virtual Directory causing the 403 Forbidden Error.  I ended up blocking port 80 calls at the firewall.
Once I unchecked the setting Mail started to push in a timely manner.

Here is the article I found while trying to illustrate the single server scenario that helped me come to this conclusion and fix.

http://www.msexchange.org/blogs/walther/news/exchange-20032010-activesync-coexistence-lesson-learned-605.html


For someone with such an established ranking over the years I am surprised from your replies and very disappointed with the way you addressed my question.   Rather than try to answer my question you kept on bringing up and suggesting things that were not even relevant to the question I was asking as well as stating Absolutes like I can not have both Exchange 2003 role on the same server. For these reasons I would have to give you a C.  

 Everything you posted was not anywhere helpful.  Suggestive yes, but helpful regarding the question at hand No
0
 
LVL 23

Author Closing Comment

by:yo_bee
ID: 40520288
I found the solution on another site.
0

Featured Post

Windows running painfully slow? Try these tips..

Stay away from Speed Up Computer Programs that do more harm than good.
Try these tips instead.
Step by step instructions in trouble shooting Windows Performance issues.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This video discusses moving either the default database or any database to a new volume.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question