?
Solved

Exchange 2013 Activesync connectivity issue

Posted on 2016-09-08
4
Medium Priority
?
162 Views
Last Modified: 2016-09-09
Hi,

Currently troubleshooting some issues with the activesync after a FW change.

So far not related to the FW change. Mail flow is working and all seems fine (logs from FW)

BUT.......
Activesync is not functioning correctly.

when using an device and adding a users account - Autodiscover does its part and find the mailbox and connects to the device.
So fra so good.
When opening the mailbox it is empty and states its waiting to be synched.
Manually synching does nothing.

Trying to set up the same account on a Sony Xperia give error on root certificate. Manually adding the exchange config gives access and all works.


Exchange :
When runnning -> test-activesyncconnectivity it give and failure in response. Using the -TrustAnySSLcertificate give succes on all scenarios.

Testing with a user i changed some of the auth settings in acticesync virtual directory in IIS just to be able to do some changes. The recyceld the syncapppool. The user could then send a mail from an Iphone. Testing test-activesyncconnectivity gave an success on all scenarios. 30 sec later, failure on test-activesynconnectivity, and user could not send mail.

I have gone through the SSL certificate on the Exchange (it's a DAG) servers. Only issue i could find was that the SSL certificate was in SHA-1 and that would be on the deprecate plan for 1/1-17.

So, Any suggestion to where the issue resides ?
0
Comment
Question by:Mr Woober
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Andy M
ID: 41789398
When runnning -> test-activesyncconnectivity it give and failure in response

What error are you getting when running this? Seems to be pointing to an SSL issue based on the information provided so far, are you using a trusted certificate or a self-signed certficate?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 41789414
Thanks for the response.

See attached picture for response from the test-activesyncconnectivity

Yes, I suspect some SSL issue but cant figure out where :)

I have just changed the SSL certificate on our webmail service. New certificate is created at Comodo. SHA256RSA. The self Signed is SHA-1



Self signed certificate in backend between servers.
exchange_activesync.png
0
 
LVL 14

Accepted Solution

by:
Andy M earned 2000 total points
ID: 41789832
Hmm, the error doesn't provide a great deal of information.

What results do you get from using the get-exchangecertificate command? In particular which services are assigned to the Comodo certificate when running this?

You could also trying using the exchange remote connectivity analyzer: https://testconnectivity.microsoft.com/?tabid=client - this will show you any errors it has connecting to the Activesync which will help to narrow it down a bit.
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 41791174
Thanks for the push in right direction :)

The issue was in services applied to different services.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question