Announcement

Collapse
No announcement yet.

Mobile devices can't connect to exchange

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mobile devices can't connect to exchange

    Hi I have just started in a new position that has exchange 2007, I noticed that there were no service packs or rollups installed, which I set to yesterday.

    Now mobile devices can't connect to exchange. I can access emails with OWA and Outlook.

    I have also applied SP3 as suggested

    Can anyone point in the right direction please
    Last edited by edie209; 27th March 2012, 13:12. Reason: Added info

  • #2
    Re: Mobile devices can't connect to exchange

    So what exactly did you change (exact SPs / Rollups)?
    Anything in event logs?
    Can you restore to the original configuration?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Mobile devices can't connect to exchange

      I have installed SP1, SP2, SP3 and rollup 6

      I have just noticed this error in the event viewer and I am about to reboot the server.


      Event Type: Error
      Event Source: MSExchangeSA
      Event Category: NSPI Proxy
      Event ID: 9176
      Date: 06/03/2012
      Time: 08:59:35
      User: N/A
      Computer: MAIL
      Description:
      NSPI Proxy can contact Global Catalog Caradon.liskeard.local but it does not support the NSPI service. After a Domain Controller is promoted to a Global Catalog, the Global Catalog must be rebooted to support MAPI Clients. Reboot Server.domain.local as soon as possible.

      Comment


      • #4
        Re: Mobile devices can't connect to exchange

        Use www.testexchangeconnectivity.com to get a detailed set of errors (it simulates activesync access)
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Mobile devices can't connect to exchange

          This is the reply from the test

          ExRCA is testing Exchange ActiveSync.
          The Exchange ActiveSync test failed.

          Test Steps

          Attempting to resolve the host name mail.server.domain.co.uk in DNS.
          The host name resolved successfully.

          Additional Details
          IP addresses returned: xxx.xxx.xxx.xxx
          Testing TCP port 443 on host name mail.server.domain.co.uk to ensure it's listening and open.
          The port was opened successfully.
          Testing the SSL certificate to make sure it's valid.
          The SSL certificate failed one or more certificate validation checks.

          Test Steps

          ExRCA is attempting to obtain the SSL certificate from remote server name mail.server.domain.co.uk on port 443.
          ExRCA successfully obtained the remote SSL certificate.

          Additional Details
          Remote Certificate Subject: CN=name mail.server.domain.co.uk, Issuer: CN=name mail.server.domain.co.uk.
          Validating the certificate name.
          The certificate name was validated successfully.

          Additional Details
          Host name name mail.server.domain.co.uk was found in the Certificate Subject Common name.
          Validating certificate trust for Windows Mobile devices.
          Certificate trust validation failed.

          Test Steps

          ExRCA is attempting to build certificate chains for certificate CN=name mail.server.domain.co.uk.
          A certificate chain couldn't be constructed for the certificate.
          Tell me more about this issue and how to resolve it

          Additional Details
          The certificate chain didn't end in a trusted root. Root = CN=name mail.server.domain.co.uk

          Comment


          • #6
            Re: Mobile devices can't connect to exchange

            If you're not using a commercial certificate then re-run the test with "Ignore Trust for SSL" selected, which might give you some more helpful results. If you are using a commercial certificate then make sure Exchange is properly configured to use it.
            BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
            sigpic
            Cruachan's Blog

            Comment


            • #7
              Re: Mobile devices can't connect to exchange

              Ok Thanks I have re run the test

              ExRCA is testing Exchange ActiveSync.
              The Exchange ActiveSync test failed.

              Test Steps

              Attempting to resolve the host name mail.server.domain.co.uk in DNS.
              The host name resolved successfully.

              Additional Details
              IP addresses returned: xxx.xxx.xxx.xxx
              Testing TCP port 443 on host mail.server.domain.co.uk to ensure it's listening and open.
              The port was opened successfully.
              Testing the SSL certificate to make sure it's valid.
              The certificate passed all validation requirements.

              Test Steps

              ExRCA is attempting to obtain the SSL certificate from remote server mail.server.domain.co.uk on port 443.
              ExRCA successfully obtained the remote SSL certificate.

              Additional Details
              Remote Certificate Subject: CN=mail.server.domain.co.uk, Issuer: CN=mail.server.domain.co.uk.
              Validating the certificate name.
              The certificate name was validated successfully.

              Additional Details
              Host name mail.server.domain.co.uk was found in the Certificate Subject Common name.
              Testing the certificate date to confirm the certificate is valid.
              Date validation passed. The certificate hasn't expired.

              Additional Details
              The certificate is valid. NotBefore = 2/2/2012 3:35:13 PM, NotAfter = 2/2/2013 3:35:13 PM
              Checking the IIS configuration for client certificate authentication.
              Client certificate authentication wasn't detected.

              Additional Details
              Accept/Require Client Certificates isn't configured.
              Testing HTTP Authentication Methods for URL
              h t t p s : / / mail.server.domain.co.uk/Microsoft-Server-ActiveSync/
              The HTTP authentication test failed.
              Tell me more about this issue and how to resolve it

              Additional Details
              The Initial Anonymous HTTPS request didn't fail, but Anonymous isn't a supported authentication method for this scenario.

              Comment


              • #8
                Re: Mobile devices can't connect to exchange

                The self signed certificate that Exchange installs is not supported with use with ActiveSync, you need to use a commercial certificate.
                What probably happened was that during the service pack installation the certificate was recreated, and the clients no longer trust the certificate.

                Switch to a commercial UC certificate and you will not have any problems.
                http://exchange.sembee.info/2007/ins...plenamessl.asp

                You also didn't need to install all of the service packs - if the server was on RTM you could have just installed Exchange 2007 SP3 and then the latest rollup.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: Mobile devices can't connect to exchange

                  Hi Thanks for that, is there any alternative because it was all working before the service packs.

                  Comment


                  • #10
                    Re: Mobile devices can't connect to exchange

                    A commercial certificate costs about 50 per year (www.godaddy.com) and deploying it, even in 2007, takes about an hour. Read Sembee's link for more info

                    Alternatives will cost you a lot more in time -- bite the bullet!
                    Tom Jones
                    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                    PhD, MSc, FIAP, MIITT
                    IT Trainer / Consultant
                    Ossian Ltd
                    Scotland

                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Mobile devices can't connect to exchange

                      I want to bring this one up again, I was told that it was our certificate that was the problem so I have waited to get one of the free ones from SWGFL, which I got today.

                      I have just installed on the exchange server and we still have the same problem. We can connect fine using OWA however mobile devices just can't connect via Activesyc. I have noticed an error in Event Viewer
                      Event code: 3005
                      Event message: An unhandled exception has occurred.
                      Event time: 21/03/2012 15:19:48
                      Event time (UTC): 21/03/2012 15:19:48
                      Event ID: 3ef6724f6e314465a8be25848a9b601e
                      Event sequence: 310702
                      Event occurrence: 103567
                      Event detail code: 0

                      Application information:
                      Application domain: /LM/W3SVC/1/ROOT/Microsoft-Server-ActiveSync-1-129755230683925126
                      Trust level: Full
                      Application Virtual Path: /Microsoft-Server-ActiveSync
                      Application Path: D:\ExchangeX86\ClientAccess\sync\
                      Machine name: MAIL

                      Process information:
                      Process ID: 2196
                      Process name: w3wp.exe
                      Account name: NT AUTHORITY\SYSTEM

                      Exception information:
                      Exception type: FileNotFoundException
                      Exception message: Could not load file or assembly 'Microsoft.Exchange.AirSync, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

                      Request information:
                      Request URL: https://mail..server.domain.u...nc/default.eas
                      Request path: /Microsoft-Server-ActiveSync/default.eas
                      User host address: 212.183.128.79
                      User: Domain\user
                      Is authenticated: True
                      Authentication Type: Basic
                      Thread account name: NT AUTHORITY\SYSTEM

                      Thread information:
                      Thread ID: 11
                      Thread account name: NT AUTHORITY\SYSTEM
                      Is impersonating: False
                      Stack trace: at Microsoft.Exchange.AirSyncHandler.Handler..ctor()
                      Looking in Add or Remove programs I can only see Rollup 6 available to unistall.
                      Going to the link in the error message and then entering a username and passwords returns the following.

                      Code:
                      Could not load file or assembly 'Microsoft.Exchange.AirSync, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

                      Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

                      Exception Details: System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Exchange.AirSync, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

                      Source Error:

                      An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

                      Assembly Load Trace: The following information can be helpful to determine why the assembly 'Microsoft.Exchange.AirSync, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' could not be loaded.


                      WRN: Assembly binding logging is turned OFF.
                      To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
                      Note: There is some performance penalty associated with assembly bind failure logging.
                      To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].

                      Stack Trace:


                      [FileNotFoundException: Could not load file or assembly 'Microsoft.Exchange.AirSync, Version=8.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.]
                      Microsoft.Exchange.AirSyncHandler.Handler..ctor() +0

                      [TargetInvocationException: Exception has been thrown by the target of an invocation.]
                      System.RuntimeTypeHandle.CreateInstance(RuntimeTyp e type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) +0
                      System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) +146
                      System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) +298
                      System.Activator.CreateInstance(Type type, Boolean nonPublic) +79
                      System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) +10364251
                      System.Web.Configuration.HttpHandlerAction.Create( ) +107
                      System.Web.Configuration.HandlerFactoryCache..ctor (HttpHandlerAction mapping) +25
                      System.Web.HttpApplication.GetFactory(HttpHandlerA ction mapping) +108
                      System.Web.HttpApplication.MapHttpHandler(HttpCont ext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig) +433
                      System.Web.MapHandlerExecutionStep.System.Web.Http Application.IExecutionStep.Execute() +142
                      System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +263
                      Any pointers really would be well recieved

                      Comment


                      • #12
                        Re: Mobile devices can't connect to exchange

                        Has the system been fully patched? As it looks like the patching didn't work correctly if it has, or if it hasn't, then I would suggest installing the latest service pack for Exchange to correct the errors.

                        Simon.
                        --
                        Simon Butler
                        Exchange MVP

                        Blog: http://blog.sembee.co.uk/
                        More Exchange Content: http://exchange.sembee.info/
                        Exchange Resources List: http://exbpa.com/
                        In the UK? Hire me: http://www.sembee.co.uk/

                        Sembee is a registered trademark, used here with permission.

                        Comment


                        • #13
                          Re: Mobile devices can't connect to exchange

                          Thanks for the reply I have only just recently started this position and the Exchange server had no updates so I did SP1/2/3 and rollup 6.

                          so are you suggesting redoing sp3 or rollup 6?

                          Comment


                          • #14
                            Re: Mobile devices can't connect to exchange

                            I am still trying to figure this out if anyone has any more suggestions.

                            I have recreated the virtual directories now as well and i still get the same problem.

                            Comment


                            • #15
                              Re: Mobile devices can't connect to exchange

                              I have spent the last week searching for a solution for this issue and have not really come up with much at all. I did see a post on another site suggesting to someone with a similar problem to uninstall and then re-install the client access part of exchange. SO my question is has anyone ever done this and what should I be looking out for.

                              On a side note we will be moving to Exchange 2010 this summer so out of interest I have built a 2010 server however my 2007 server is called "Mail" and I have called the 2010 server "Mail-01" I know I can't change exchange server names so what would be the next steps to move to this server as my production server?

                              I have moved a mailbox to it and I am able to send and receive mail on it, but I am unable to access via OWA, my certificate is pointing to "Mail" can I just add an mx record for the sever in DNS and and alias?

                              I do wonder if I should just push on with 2010 early an hope that my mobile devices connect.

                              Comment

                              Working...
                              X