We help IT Professionals succeed at work.

URGENT! New Exchange 2013 (migrate from 2007) and BES 12 no longer works for users email send/receive Activesync error port 443

Laszlo Denes
Laszlo Denes asked
on
515 Views
Last Modified: 2018-04-25
Urgent!
We migrated all of our users from Exchange 2007 to Exchange 2013 (two servers load balanced Microsoft failover with 1 DAG) and it went well. No issues for users using Outlook 2013 and OWA. However, as soon as we moved our Blackberry users (all Z30 Blackberry 10 version 10.3.3.1463) to the new Exchange 2013 and repointed the BES server to the new Exchange 2013 (new mail profile, but the same issues if we just repoint the old profile to the new IP) their Blackberry devices (connected to a single Blackberry Server Version 12.5.1) started acting odd and did not receive or send email anymore from their Z30 devices. We had to generate and export a BES certificate to the new Exchange 2013 and vice versa for mail to flow. However, then we noticed that users who had their Blackberry off during the migration could not get email. Only users who were ON and connected (to Blackberry) throughout the entire migration process could continue to send/receive email from their Z30’s. Anyone who restarted their Z30 or changed their network password (the one specified on the Z30) or if we try to deploy (using the standard process via the BES -> create account, send verification code, etc.) a new Z30 we run into the same no email issue. During the deployment the entire process from the Bes to the Z30 works and a workspace is created (visible and can be used) without issues, just like before, but when you get to the last item (when you enter the network password for the user so it can authenticate and download emails, calendar, etc.) it fails with the error shown hereafter. The 2007 Exchange did not have these issues and I can only speculate that it is an ActiveSync related authentication issue in that something is preventing the password from being transmitted successfully. Any users who restarts their Z30 also drops off and no longer gets email. We have tried with ISP (Rogers) connection, internal Wi-Fi, new users, existing users but to no avail. Some users continue to be able send/receive
“The server for account activesync : work jpeters@organization.org (172.20.1.9, port: 443) can't be reached. The settings might be incorrect or the server could temporarily offline. Check your settings and try again.”
Please help as all BB users are Executive team members!!!
Comment
Watch Question

CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Tried that already with several accounts sadly no difference...
CERTIFIED EXPERT

Commented:
On what server did yo install Ex.2013?
CERTIFIED EXPERT

Commented:
Try checking TLS settings as suggested here
http://support.blackberry.com/kb/articleDetail?ArticleNumber=000037274

also still want to know Server type you installed on.

Author

Commented:
Exchange 2013 is installed (cluster with failover) on two 2012 R2 virtualized (VM 6) servers!
Will try suggestion!
CERTIFIED EXPERT

Commented:
I've got bad news bud. According to this link
https://community.spiceworks.com/topic/436736-active-sync-issue
2012 R2 is an unsupported OS for Exchange 2013.

OK, I called Microsoft and found I had much much bigger issues. I installed Exchange 2013 on Server 2012 R2. This is an unsupported operating system. I will need to do a reinstall of exchange and try again.

Author

Commented:
LMAO thanks but I find that hard to believe as we are working with an Exchange expert from a Microsoft Gold partner Vendor... not trying to be cheeky... but

Author

Commented:
also comment was made in 2014... so 3 years later now...
Lost in Windows  Jan 30, 2014 at 7:49 AM  

 
Computer Rescue is an IT service provider.


OK, I called Microsoft and found I had much much bigger issues. I installed Exchange 2013 on Server 2012 R2. This is an unsupported operating system. I will need to do a reinstall of exchange and try again. (groan).
CERTIFIED EXPERT

Commented:
No that's cool. This link from MS
https://technet.microsoft.com/en-us/library/ff728623%28v=exchg.150%29.aspx
confirms it is w/SP1.

Should looked harder before I posted that. My fault.

Author

Commented:
the tls suggestion also had no effect
CERTIFIED EXPERT

Commented:
Have you tried enabling "windows authentication" in IIS under ActiveSync? I read where iPhones where having connection issues and that resolved their problem.

http://www.itechlounge.net/2013/11/windows-exchange-2013-activesync-unable-to-verify-account-information/

Author

Commented:
that looks interesting and although we do not have iphones will try... thanks...
CERTIFIED EXPERT

Commented:
Did you bind port 443 in IIS?

Author

Commented:
not the cause... interestingly enough all other uses work now except for two...
CERTIFIED EXPERT

Commented:
Try resetting there password in active directory. I know it's a pain to have the user come to you and have them reset it at a terminal on the server but I have had success in other instances where this worked. Might be worth a shot.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.