Monday 27 February 2012

Troubleshooting issues with Exchange ActiveSync

Original Link Here


This is really a nice link to troubleshoot Exchange ActiveSync issues, just make sure that you have IIS logging enabled..



IIS 7
  1. In IIS Manager, expand the server name i.e. ExchangeServer (Contoso\Administrator)
  2. In the Features View, double click Logging in the IIS section.
IIS 6
  1. In IIS Manager, right click the web site name (for most it should be Default Web Site) and chooseProperties
  2. Click on the Web Site tab.
You can use a number of queries as per your requirement and can take it in a nice HTML format as well..

There is yet another site that talks about common error codes in Exchange Active Sync along with there resolution

I’ve been troubleshooting Exchange ActiveSync issues on WP7 for a while and thought I would collate all error codes from my personal notes.
You won’t see any official Microsoft documentation supporting these steps, so use it at your own risk.
ErrorSolution
0×85010014Another website other than the “Default website” with host header value same as OWA url
Improper authentication and settings on virtual directories
Allow inheritable permissions were unchecked on user’s properties.
0x80072F0DInvalid certificate on the server
Root certificate missing on the device
0×85010013Re-install CAS role along with the latest Service Pack and update rollups
Set AllowNonProvisionableDevices $true
0×85030027Allow inheritable permissions were unchecked on user’s properties.
Microsoft Server ActiveSync directory corruption. Recreated it
0x80072f0dRemoved HTTP redirect from the Microsoft-Server-ActiveSync
virtual directory from all the exchange boxes
Certificate missing external URL
0x80072F17Allow inheritable permissions were unchecked on user’s properties.
Invalid certificate on the server
Root certificate missing on the device
0x80072f05Root certificate missing on the device
Invalid certificate on the server
0x80072EE2Port 80 Blocked from CAS to MBX server
Certificate missing external URL
0x86000c0aAllow inheritable permissions were unchecked on user’s properties.
0×85010017Allow inheritable permissions were unchecked on user’s properties.
0X85010019Issue with invalid certificate
0×80070057Recreate Autodiscover virtual directory
Posted by at No comments:

Monday 2 January 2012

Record your PowerShell sessions


In-case if you want to record your session in PowerShell and wants to take output in a text file for each and every steps that you have done in PowerShell,  below are the steps


In PowerShell run the following command (Change location to wherever you would like)


Start-Transcript c:\Powershell.txt –Append


Now use PowerShell as you usually would, once you are done with PowerShell run the following command 


“Stop-Transcript” (without quotes)


If you now open the “PowerShell.txt” you will see everything you have just done in your PowerShell session.


********************************************
Windows PowerShell Transcript Start
Start time: 20120102173323
Username  : PowerShell User
Machine      : Windows 2008 R2 (Microsoft Windows NT 6.1.7600.0)
********************************************
Transcript started, output file is c:\MySession.txt
[PS] C:\>Get-Mailbox –Identity Daniel


Name                     Alias                ServerName
—-                         —–                 ———-
Daniel                      Dan                  Exchange2010


[PS] C:\>Get-User -Identity Daniel -RecipientTypeDetails


Name               RecipientType
—-                   ————-
Daniel                MailUser


[PS] C:\>Stop-Transcript


Happy Recording :-)
Posted by at No comments:

Tuesday 13 December 2011

OWA Cross-Site Silent Redirection in Exchange 2010 SP2

Now with the advent of Exchange 2010 Service Pack 2, there is a new feature added that you all might be aware off, which is Cross-Site Silent Redirection. This can be seamlessly achieved by using the CrossSiteRedirectType parameter added to Set-OWAVirtualDirectory command.


There is a beautiful article on Microsoft Exchange Team's webpage which suggests and even demonstrates with a Video about how to achieve this.


MSExchangeTeam Link
Posted by at No comments:

Friday 9 December 2011

Exchange 2010 SP2 Update Issue

Ever wonder why you are getting an error for when running Client Access Role Prerequisities 'The IIS 6 WMI Compatibility' component is required. Install the component via Server Manager.
This error occurs because a new feature of Exchange 2010 SP2 called Outlook Web App Mini requires that IIS component to be installed on Client Access servers.
You can install the component manually by opening a PowerShell window and running the following commands.


Import-Module servermanager
Add-WindowsFeature Web-WMI
You should get an output as below


Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
True    No             Success   {IIS 6 WMI Compatibility}


or alternatively you can run the upgrade command using the following switch
setup /mode:upgrade /installwindowscomponents and upgraded the server
Posted by at No comments:

Wednesday 7 December 2011

FAQ Questions and Issues related to iPhones connecting to Exchange Servers


IMPORTANT: iPhone support requires that Exchange is running Exchange Server 2003 Service Pack 2 or Exchange 2007 SP1 or later. 


1. Do we have a list that compares the features available and not available when connecting to Exchange ActiveSync using an iPhone?

Exchange ActiveSync Client Comparison Table


2. I'm unable to configure an iPhone with my test environment. Are there any screen shots that show what the device looks like in Exchange Management Console and OWA's Mobile Options after an iPhone has successfully connected?


http://blogs.technet.com/b/exchange/archive/2008/07/11/3405745.aspx


3. If I need to identify connections made by iPhone users, what can I search on in the IIS logs?


Do a string search for "Apple-iPhone".


4. How do I find more information on what policies the iPhone supports, how it connects to an Exchange server and other administrative questions?


Apple's iPhone Enterprise Deployment Guide


5. How can I see how many iPhones are connecting to my server and which users have them?


export-activesynclog -Filename:<IISlog dir>\*.log -outputpath:<output path>


6. Does the iPhone support Autodiscover? 


Yes, when connecting to Exchange 2007 and Exchange 2010.


7. Does the iPhone support HTML email?


Yes. iPhone views HTML e-mail as a webpage. This means if there is an image or chart pasted into the message, the width is always that width. This means that reading the message is very difficult as you have to zoom in and then scroll the screen back and forth to read the message.


8. Why does the iPhone support HTML email against Exchange 2003 but Windows Mobile does not unless I'm running WM 6.x against an Exchange 2007 server?


Window Mobile uses the AirSync body property which did not support HTML until Exchange 2007. Apple uses a different implementation. Questions about what Apple does should be directed to Apple. But there is no secret HTML interface in Exchange 2003 ActiveSync. 


9. Do the iPhones support Direct Push?


Yes, but EAS Direct Push may not work on iPhones that have multiple mail accounts setup that are also in Push mode. Examples of this would be Yahoo Mail in Push mode. Simply disable Push notification for the non-Exchange mail accounts and EAS Direct Push should start working.


10. Self-signed SSL certificates - There is no "simple" way to install a self-signed certificate to the iPhone. Customers can contact Apple for instructions on how to do this. The iPhone can "read" .pfx files for example, so if you can get the certificate to be opened on the iPhone whether through a webmail 


client or otherwise, then you should be able to import a self-signed certificate to the iPhone. Apple does have instructions on this listed in the Enterprise Deployment Guide. Link: 
<http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf> (see page 36). 


11. Performance questions - Customers asking for direction regarding the load an iPhone EAS client will place on their servers should be told the iPhone's load should be no different than any other Windows Mobile EAS client. The only caveat is the iPhone downloads the ENTIRE message vs. Windows 


Mobile's .5k / 2k / etc. configurable chunk size. This can create more traffic for iPhone EAS clients. 


12. I'm getting an, "Exchange account verification failed", error message. What do I do?


Here are some things to try:


a. Disable WiFi during setup (make sure they're only going over the cell connection)


b. Make sure they're putting in domain/username, then try with domain\username (note backslash direction). If that doesn't work, try using just username with no domain.


c. Try with & without SSL. When you get the error "Exchange account verification failed", click Next then Save, then edit the mail profile in Settings (off home screen) and set SSL to OFF vs. ON.


d. Use the same FQDN name of the server (usually users call this their "OWA" address), or external IP address.


e. As a test, temporarily disable certificate verification (certificate authentication) on the /Microsoft-Server-ActiveSync virtual directory by selecting the "Ignore Client Certificates" option (if it were set to cert verification, the setting for "Accept client certificates" would have been selected). Don’t forget 


to disable it if the customer has that intention. The iPhone may just need to have a certificate loaded (have customer review Apple’s Enterprise Deployment Guide for the iPhone).


13. User is CC'd on every reply all - If an iPhone user configures their Exchange ActiveSync profile using something other than their default SMTP address, then the iPhone will add this [non-default SMTP] e-mail address to all Reply All messages. The solution is to configure using whatever is listed as the 


default SMTP address for that user in the company GAL. To find that value: look the user up in Outlook and click the E-mail Addresses tab. Use the value next to the capital letter SMTP. The listing is usually something like this:
SMTP:usera@domain.com
smtp:user.a@domain.com
smtp:usera@mail.domain.com
In the above example, the user should be using usera@domain.com.


14. Does iPhone support Certificate Based Authentication when using iPhones.


Both Microsoft AND Apple do NOT support certificate authentication when connecting using iPhones and Exchange ActiveSync.


16. I'm able to successfully create a profile on my device and am able to successfully connect to Exchange, but I'm not able to synchronize my Inbox, Calendar, or Contacts? What gives?


Check to be sure that Exchange is running Exchange Server 2003 with Service Pack 2 or later. Previous versions are NOT supported and can cause this issue.


17. When using an iphone with Exchange ActiveSync, email attachments may not download for some users. Tapping the attachment to start the download shows a spinning wheel which never stops. 


This issue can occur when you're running Exchange 2007 RTM. To resolve the issue, install Exchange 2007 Service Pack 1. For more information, see Apple's documentation: http://support.apple.com/kb/TS1946


There is another WONDERFUL E-E article that talks about Exchange 2003 and ActiveSync connections problems and gives a deep dive into resolution as well
Exchange 2003 - Activesync Connection Problems FAQ


If you are facing isssues with only a few set of users not able to sync there mobile phones using Exchange ActiveSync irrelevant of type of device that they are using, check this another E-E link
Activesync Working But Only For Some Users On Exchange 2007 / 2010

Happy ActiveSyncing :-)

Posted by at No comments:

Tuesday 6 December 2011

Microsoft Exchange Server 2010 Service Pack 2 (SP2) now available for download

Posted by at No comments:

Wednesday 30 November 2011

Default IIS Authentication for Exchange 2003, 2007 and 2010


Exchange Server 2003
Front End and Back End Topology
Virtual Directory
FE
SSL Required
BE
SSL Required
Default Web Site
Anonymous
Optional
Anonymous
No
Exadmin
Integrated
No
Integrated
No
Exchange
Basic
Optional
Basic/integrated
No
Exchweb
Anonymous
No
Anonymous
No
Active Sync
Basic
Optional
Basic
No
Public
Basic
No
Basic/integrated
No



Exchange Server 2003
Single Server Topology
Virtual Directory
Server
SSL Required
Default Web Site
Anonymous
Optional
Exadmin
Integrated
No
Exchange
Basic/integrated
No
If SSL is required then follow KB-817379
Exchweb
Anonymous
No
Active Sync
Basic
Optional
Public
Basic/integrated
No

·Default Authentication of IIS

Exchange 2007 Client Access Server
Location
Authentication
SSL Setting
Comments
Default Web Site
Anonymous
Required
"Enable HTTP Keep-Alives" setting should be enabled on Web Site tab
/Owa
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Exchange
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Public
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Exchweb
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Oab
Integrated
Not required
/Autodiscover
Basic and Integrated
Required
/Ews
Integrated
Required
/UnifiedMessaging
Integrated
Required
/Microsoft-Server-Activesync
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Rpc
Basic and Integrated
Required
Technically, this is a Windows component but I've added it here since Outlook Anywhere depends on the installation of this virtual directory



Exchange 2007 Mailbox Server
Location
Authentication
SSL Setting
Comments
Default Web Site
Anonymous
Not required
/Exadmin
Basic and Integrated
Not required
/Exchange
Basic and Integrated
Not required
Management of authentication setting should be done in Exchange Management Console
/Public
Basic and Integrated
Not required
Management of authentication setting should be done in Exchange Management Console



Exchange 2007 CAS + HUB + MBX
Location
Authentication
SSL Setting
Comments
Default Web Site
Anonymous
Required
"Enable HTTP Keep-Alives" setting should be enabled on Web Site tab
/Owa
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Exchange
Basic and Integrated
Required
Management of authentication setting should be done in Exchange Management Console
/Public
Basic and Integrated
Required
Management of authentication setting should be done in Exchange Management Console
/Exchweb
Basic and Integrated
Required
Management of authentication setting should be done in Exchange Management Console
/Oab
Integrated
Not required
/Autodiscover
Basic and Integrated
Required
/Ews
Integrated
Required
/UnifiedMessaging
Integrated
Required
/Microsoft-Server-Activesync
Basic
Required
Management of authentication setting should be done in Exchange Management Console
/Rpc
Basic and Integrated
Required
Technically, this is a Windows component but I've added it here since Outlook Anywhere depends on the installation of this virtual directory

Exchange 2010 All in One Box

Virtual Directory
Default Auth Setting
/Autodiscover
Anonymous, Basic, WIA
/ECP
Anonymous, Basic
/EWS
Anonymous, WIA
/MS-Server-Activesync
Basic
/OAB
WIA
/OWA
Basic
/PowerShell
Anonymous
/RPC
Basic, WIA
Posted by at No comments:
Subscribe to: Posts (Atom)