?
Solved

Exchange 2013 Activesync connectivity issue

Posted on 2016-09-08
4
Medium Priority
?
123 Views
Last Modified: 2016-09-09
Hi,

Currently troubleshooting some issues with the activesync after a FW change.

So far not related to the FW change. Mail flow is working and all seems fine (logs from FW)

BUT.......
Activesync is not functioning correctly.

when using an device and adding a users account - Autodiscover does its part and find the mailbox and connects to the device.
So fra so good.
When opening the mailbox it is empty and states its waiting to be synched.
Manually synching does nothing.

Trying to set up the same account on a Sony Xperia give error on root certificate. Manually adding the exchange config gives access and all works.


Exchange :
When runnning -> test-activesyncconnectivity it give and failure in response. Using the -TrustAnySSLcertificate give succes on all scenarios.

Testing with a user i changed some of the auth settings in acticesync virtual directory in IIS just to be able to do some changes. The recyceld the syncapppool. The user could then send a mail from an Iphone. Testing test-activesyncconnectivity gave an success on all scenarios. 30 sec later, failure on test-activesynconnectivity, and user could not send mail.

I have gone through the SSL certificate on the Exchange (it's a DAG) servers. Only issue i could find was that the SSL certificate was in SHA-1 and that would be on the deprecate plan for 1/1-17.

So, Any suggestion to where the issue resides ?
0
Comment
Question by:Mr Woober
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Andy M
ID: 41789398
When runnning -> test-activesyncconnectivity it give and failure in response

What error are you getting when running this? Seems to be pointing to an SSL issue based on the information provided so far, are you using a trusted certificate or a self-signed certficate?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 41789414
Thanks for the response.

See attached picture for response from the test-activesyncconnectivity

Yes, I suspect some SSL issue but cant figure out where :)

I have just changed the SSL certificate on our webmail service. New certificate is created at Comodo. SHA256RSA. The self Signed is SHA-1



Self signed certificate in backend between servers.
exchange_activesync.png
0
 
LVL 14

Accepted Solution

by:
Andy M earned 2000 total points
ID: 41789832
Hmm, the error doesn't provide a great deal of information.

What results do you get from using the get-exchangecertificate command? In particular which services are assigned to the Comodo certificate when running this?

You could also trying using the exchange remote connectivity analyzer: https://testconnectivity.microsoft.com/?tabid=client - this will show you any errors it has connecting to the Activesync which will help to narrow it down a bit.
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 41791174
Thanks for the push in right direction :)

The issue was in services applied to different services.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month11 days, 6 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question