?
Solved

Exchange 2013 Activesync connectivity issue

Posted on 2016-09-08
4
Medium Priority
?
145 Views
Last Modified: 2016-09-09
Hi,

Currently troubleshooting some issues with the activesync after a FW change.

So far not related to the FW change. Mail flow is working and all seems fine (logs from FW)

BUT.......
Activesync is not functioning correctly.

when using an device and adding a users account - Autodiscover does its part and find the mailbox and connects to the device.
So fra so good.
When opening the mailbox it is empty and states its waiting to be synched.
Manually synching does nothing.

Trying to set up the same account on a Sony Xperia give error on root certificate. Manually adding the exchange config gives access and all works.


Exchange :
When runnning -> test-activesyncconnectivity it give and failure in response. Using the -TrustAnySSLcertificate give succes on all scenarios.

Testing with a user i changed some of the auth settings in acticesync virtual directory in IIS just to be able to do some changes. The recyceld the syncapppool. The user could then send a mail from an Iphone. Testing test-activesyncconnectivity gave an success on all scenarios. 30 sec later, failure on test-activesynconnectivity, and user could not send mail.

I have gone through the SSL certificate on the Exchange (it's a DAG) servers. Only issue i could find was that the SSL certificate was in SHA-1 and that would be on the deprecate plan for 1/1-17.

So, Any suggestion to where the issue resides ?
0
Comment
Question by:Mr Woober
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Andy M
ID: 41789398
When runnning -> test-activesyncconnectivity it give and failure in response

What error are you getting when running this? Seems to be pointing to an SSL issue based on the information provided so far, are you using a trusted certificate or a self-signed certficate?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 41789414
Thanks for the response.

See attached picture for response from the test-activesyncconnectivity

Yes, I suspect some SSL issue but cant figure out where :)

I have just changed the SSL certificate on our webmail service. New certificate is created at Comodo. SHA256RSA. The self Signed is SHA-1



Self signed certificate in backend between servers.
exchange_activesync.png
0
 
LVL 14

Accepted Solution

by:
Andy M earned 2000 total points
ID: 41789832
Hmm, the error doesn't provide a great deal of information.

What results do you get from using the get-exchangecertificate command? In particular which services are assigned to the Comodo certificate when running this?

You could also trying using the exchange remote connectivity analyzer: https://testconnectivity.microsoft.com/?tabid=client - this will show you any errors it has connecting to the Activesync which will help to narrow it down a bit.
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 41791174
Thanks for the push in right direction :)

The issue was in services applied to different services.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question