Activesync Autodiscover not working

שאל שאלה

יום חמישי 05 אפריל 2012 09:08

0

My Activesync Autodiscovery is failing (Both in real life, and at testexchangeconnectivity.com.

The failure at testexchangeconnectiivty.com is:

Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
     Autodiscover settings weren't obtained when the Autodiscover POST request was sent.

      Test Steps

      ExRCA is attempting to retrieve an XML Autodiscover response from URLhttps://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml for user username.com
     ExRCA failed to obtain an Autodiscover XML response.

      Additional Details
     None of the expected XML elements were found in the XML response.

Test-outlookwebservices gives no errors.
Test-activesynconnectivity does give an error.

Error : An incorrect HTTP response was received for user domain.internal\username@domainname.com, HTTP code = MovedPermanently.

Further info:
Windows 2008 R2, Exchange 2010 SP1 (Installed as /hosting which may be relevant). There are two CAS using MS NLB - however, I get precisely the same results when the firewall points to either of the CAS directly.

Any ideas?
- תגובה
- ציטוט

כל התגובות

יום חמישי 05 אפריל 2012 17:07

0
i would suggest check the setting using this tool and then revert me with the error...

http://www.yusufozturk.info/exchange-server/hosted-exchange-2010-sp1-configuration-tool.html

Thanks
Happiness Always
Jatin
- נערך על-ידי 'Jatin' יום חמישי 05 אפריל 2012 17:07
- תגובה
- ציטוט
יום שלישי 10 אפריל 2012 08:55

0

Hi, I had already checked with that tool, sadly nothing pointed out as wrong...
- תגובה
- ציטוט
יום שלישי 10 אפריל 2012 16:34

0
Have you got any IIS redirects configured? Directing / to /owa for example?
- הוצע כתשובה על-ידי Greg Taylor [msft]Microsoft Employee יום שישי 13 אפריל 2012 19:03
- תגובה
- ציטוט
יום רביעי 11 אפריל 2012 07:45

0

Have you got any IIS redirects configured? Directing / to /owa for example?
I do, but implemented these after the issue was discovered. I'll remove and recheck.
- תגובה
- ציטוט
יום רביעי 11 אפריל 2012 08:59

0

Greg,

That solved the test-activesync issue - I now get

CasServer LocalSite Scenario Result Latency(MS) Error
--------- --------- -------- ------ ----------- -----
oa2ex005 Default-Fi... Options Success 15.62
oa2ex005 Default-Fi... FolderSync Success 171.86
oa2ex005 Default-Fi... First Sync Success 140.61
oa2ex005 Default-Fi... GetItemEstimate Success 46.87
oa2ex005 Default-Fi... Sync Data Success 78.12
oa2ex005 Default-Fi... Ping Success 5077.67
oa2ex005 Default-Fi... Sync Test Item Success 78.12

The ping time looks long but otherwise good.

However, the EXRCA error remains the same. :(
- תגובה
- ציטוט
יום רביעי 11 אפריל 2012 14:00

0

Do you have an ExternalURL configured on the ActiveSync Virtual Directory?
- תגובה
- ציטוט
יום רביעי 11 אפריל 2012 16:03

0

Yes, https://outlook.domain.com/Microsoft-Server-ActiveSync. When I do get-activesyncvirtualdirectory, the attribute ExternalAuthenticationmethods is (), and WindowsAuthEnabled is False - despite Windows Authentication being enabled in IIS. BasicAuthEnabled is true. Everything else [i]looks[/i] - to my not-very-tutored eye to be correct.
- תגובה
- ציטוט
יום רביעי 11 אפריל 2012 18:40

0

Ok, that looks ok. I think you need to paste an output from a get-mailbox, for a user that fails (is this all users? or just some?) and get-activesyncvirtualdirectory. full list for both.
- תגובה
- ציטוט
יום חמישי 12 אפריל 2012 09:29

0

[PS] C:\Windows\system32>get-activesyncvirtualdirectory | fl *

PSComputerName : oa2ex005.oatoo.internal
RunspaceId : 07f64636-78d7-425f-8b4f-432f0247650d
MobileClientFlags : BadItemReportingEnabled, SendWatsonReport
MobileClientCertificateProvisioningEnabled : False
BadItemReportingEnabled : True
SendWatsonReport : True
MobileClientCertificateAuthorityURL :
MobileClientCertTemplateName :
ActiveSyncServer : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
RemoteDocumentsActionForUnknownServers : Allow
RemoteDocumentsAllowedServers : {}
RemoteDocumentsBlockedServers : {}
RemoteDocumentsInternalDomainSuffixList : {}
MetabasePath : IIS://OA2EX006.oatoo.internal/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
BasicAuthEnabled : True
WindowsAuthEnabled : False
CompressionEnabled : True
ClientCertAuth : Ignore
WebsiteName : Default Web Site
WebSiteSSLEnabled : True
VirtualDirectoryName : Microsoft-Server-ActiveSync
ProxyVdirExtendedProtectionTokenChecking : None
ProxyVdirExtendedProtectionFlags : {}
ProxyVdirExtendedProtectionSPNList : {}
Path :
Server : OA2EX006
InternalUrl : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
InternalAuthenticationMethods : {}
ExternalUrl : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
ExternalAuthenticationMethods : {}
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
Name : Microsoft-Server-ActiveSync (Default Web Site)
DistinguishedName : CN=Microsoft-Server-ActiveSync (Default Web Site),CN=HTTP,CN=Protocols,CN=
OA2EX006,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=
Administrative Groups,CN=OATOO,CN=Microsoft Exchange,CN=Services,CN=Config
uration,DC=oatoo,DC=internal
Identity : OA2EX006\Microsoft-Server-ActiveSync (Default Web Site)
Guid : 46ab08fb-0856-4df8-8d22-f35733e2784d
ObjectCategory : oatoo.internal/Configuration/Schema/ms-Exch-Mobile-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchMobileVirtualDirectory}
WhenChanged : 4/3/2012 4:53:11 PM
WhenCreated : 3/18/2012 6:12:02 PM
WhenChangedUTC : 4/3/2012 3:53:11 PM
WhenCreatedUTC : 3/18/2012 6:12:02 PM
OrganizationId :
OriginatingServer : OA2DC001.oatoo.internal
IsValid : True

PSComputerName : oa2ex005.oatoo.internal
RunspaceId : 07f64636-78d7-425f-8b4f-432f0247650d
MobileClientFlags : BadItemReportingEnabled, SendWatsonReport
MobileClientCertificateProvisioningEnabled : False
BadItemReportingEnabled : True
SendWatsonReport : True
MobileClientCertificateAuthorityURL :
MobileClientCertTemplateName :
ActiveSyncServer : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
RemoteDocumentsActionForUnknownServers : Allow
RemoteDocumentsAllowedServers : {}
RemoteDocumentsBlockedServers : {}
RemoteDocumentsInternalDomainSuffixList : {}
MetabasePath : IIS://OA2EX005.oatoo.internal/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
BasicAuthEnabled : True
WindowsAuthEnabled : False
CompressionEnabled : True
ClientCertAuth : Ignore
WebsiteName : Default Web Site
WebSiteSSLEnabled : True
VirtualDirectoryName : Microsoft-Server-ActiveSync
ProxyVdirExtendedProtectionTokenChecking : None
ProxyVdirExtendedProtectionFlags : {}
ProxyVdirExtendedProtectionSPNList : {}
Path :
Server : OA2EX005
InternalUrl : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
InternalAuthenticationMethods : {}
ExternalUrl : https://outlook.oatoo.com/Microsoft-Server-ActiveSync
ExternalAuthenticationMethods : {}
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
Name : Microsoft-Server-ActiveSync (Default Web Site)
DistinguishedName : CN=Microsoft-Server-ActiveSync (Default Web Site),CN=HTTP,CN=Protocols,CN=
OA2EX005,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=
Administrative Groups,CN=OATOO,CN=Microsoft Exchange,CN=Services,CN=Config
uration,DC=oatoo,DC=internal
Identity : OA2EX005\Microsoft-Server-ActiveSync (Default Web Site)
Guid : b92fbd9b-efb3-421f-a331-81d81c915c81
ObjectCategory : oatoo.internal/Configuration/Schema/ms-Exch-Mobile-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchMobileVirtualDirectory}
WhenChanged : 4/3/2012 4:51:04 PM
WhenCreated : 3/18/2012 7:01:18 PM
WhenChangedUTC : 4/3/2012 3:51:04 PM
WhenCreatedUTC : 3/18/2012 7:01:18 PM
OrganizationId :
OriginatingServer : OA2DC001.oatoo.internal
IsValid : False
- תגובה
- ציטוט
יום חמישי 12 אפריל 2012 09:59

0
And...get-mailbox fails. (Activesync fails for all users, but there are very very few - this is a pre-production Exchange infrastructure)

[PS] C:\Windows\system32>get-mailbox nick.smith
The operation couldn't be performed because object 'nick.smith' couldn't be found on 'OA2DC001.oatoo.internal'.
+ CategoryInfo : NotSpecified: (:) [Get-Mailbox], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : B1EA85E4,Microsoft.Exchange.Management.RecipientTasks.GetMailbox

[PS] C:\Windows\system32>get-mailbox nick.smith -domaincontroller oa2dc002.oatoo.internal
The operation couldn't be performed because object 'nick.smith' couldn't be found on 'OA2DC002.oatoo.internal'.
+ CategoryInfo : NotSpecified: (:) [Get-Mailbox], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : 21DAB173,Microsoft.Exchange.Management.RecipientTasks.GetMailbox

[PS] C:\Windows\system32>get-mailbox

Name Alias ServerName ProhibitSendQuota
---- ----- ---------- -----------------
Office Anyplace oa oa2ex003 unlimited
DiscoverySearchMailbox... DiscoverySearchMa... oa2ex003 50 GB (53,687,091,200 bytes)

[PS] C:\Windows\system32>get-mailboxdatabase

Name Server Recovery ReplicationType
---- ------ -------- ---------------
database01 OA2EX004 False Remote

[PS] C:\Windows\system32>get-mailbox -database database01

Name Alias ServerName ProhibitSendQuota
---- ----- ---------- -----------------
Office Anyplace oa oa2ex003 unlimited
DiscoverySearchMailbox... DiscoverySearchMa... oa2ex003 50 GB (53,687,091,200 bytes)
Administrator Administrator oa2ex004 9.668 GB (10,380,902,400 bytes)
DiscoverySearchMailbox... DiscoverySearchMa... oa2ex004 50 GB (53,687,091,200 bytes)
Nick Smith nick.smith oa2ex004 9.668 GB (10,380,902,400 bytes)
Ryan French ryan.french oa2ex004 9.668 GB (10,380,902,400 bytes)
Simon Stanger simon.stanger oa2ex003 9.668 GB (10,380,902,400 bytes)

I have run EXBPA and it found no AD errors, or any critical ones.

As a possible aside, I'm slightly confused as to why simon.stanger shows as being on oa2ex003 - the only Mounted database is on OA2EX004, with a healthy copy on OA2EX003.
- נערך על-ידי nphsmith יום חמישי 12 אפריל 2012 10:02
- תגובה
- ציטוט
יום חמישי 12 אפריל 2012 16:32

0

Is this Exchange installed using the /hosting switch? If so, you need to specify an organization for a get-mailbox

Get-Mailbox -Organization "OrgNameHere" Nick.Smith

How did you create these users? Did you move them around OU's within AD after creation?
- תגובה
- ציטוט
יום חמישי 12 אפריל 2012 19:34

0

Ah, stupid me - it is installed using /hosting. I created them through the /ecp panel. I haven't moved them at all.

[PS] C:\Windows\system32>get-mailbox -organization "webactive" nick.smith | fl *

PSComputerName : oa2ex003.oatoo.internal
RunspaceId : 8cfd9c19-8243-460e-8184-fb7ba639a0bf
Database : database01
UseDatabaseRetentionDefaults : True
RetainDeletedItemsUntilBackup : False
DeliverToMailboxAndForward : False
LitigationHoldEnabled : False
SingleItemRecoveryEnabled : False
RetentionHoldEnabled : False
EndDateForRetentionHold :
StartDateForRetentionHold :
RetentionComment :
RetentionUrl :
LitigationHoldDate :
LitigationHoldOwner :
ManagedFolderMailboxPolicy :
RetentionPolicy : Webactive\DefaultRetentionPolicy
CalendarRepairDisabled : False
ExchangeGuid : 69fb7c6a-f912-4391-9715-c43a71f8d4d5
ExchangeSecurityDescriptor : System.Security.AccessControl.RawSecurityDescriptor
ExchangeUserAccountControl : None
MessageTrackingReadStatusEnabled : True
ExternalOofOptions : External
ForwardingAddress :
ForwardingSmtpAddress :
RetainDeletedItemsFor : 14.00:00:00
IsMailboxEnabled : True
Languages : {en-GB}
OfflineAddressBook :
ProhibitSendQuota : 9.668 GB (10,380,902,400 bytes)
ProhibitSendReceiveQuota : 10 GB (10,737,418,240 bytes)
RecoverableItemsQuota : 30 GB (32,212,254,720 bytes)
RecoverableItemsWarningQuota : 20 GB (21,474,836,480 bytes)
DowngradeHighPriorityMessagesEnabled : False
ProtocolSettings : {RemotePowerShell§1, MAPI§1§0§§§0§§§, IMAP4§1§1§§§§§§§5§0§§0, POP3§1§1§§§§§§§5
§0§§0, Emws§0, ECP§1, HTTP§1§1§§§§§§, OWA§1}
RecipientLimits : 5000
IsResource : False
IsLinked : False
IsShared : False
LinkedMasterAccount :
ResourceCapacity :
ResourceCustom : {}
ResourceType :
SamAccountName : nick.smith
SCLDeleteThreshold :
SCLDeleteEnabled :
SCLRejectThreshold :
SCLRejectEnabled :
SCLQuarantineThreshold :
SCLQuarantineEnabled :
SCLJunkThreshold :
SCLJunkEnabled :
AntispamBypassEnabled : False
ServerLegacyDN : /o=OATOO/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/c
n=Servers/cn=OA2EX004
ServerName : oa2ex004
UseDatabaseQuotaDefaults : False
IssueWarningQuota : 9 GB (9,663,676,416 bytes)
RulesQuota : 64 KB (65,536 bytes)
Office :
UserPrincipalName : nick.smith@oatoo.com
UMEnabled : False
MaxSafeSenders :
MaxBlockedSenders :
ReconciliationId :
WindowsLiveID :
ThrottlingPolicy :
RoleAssignmentPolicy : Webactive\Default Role Assignment Policy
SharingPolicy : Webactive\Default Sharing Policy
RemoteAccountPolicy :
MailboxPlan : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive/DefaultMailbo
xPlan-76ce4834-5dd3-4592-b089-b68ea938d43b
ArchiveDatabase :
ArchiveGuid : 00000000-0000-0000-0000-000000000000
ArchiveName : {}
ArchiveQuota : 50 GB (53,687,091,200 bytes)
ArchiveWarningQuota : 45 GB (48,318,382,080 bytes)
ArchiveDomain :
ArchiveStatus : None
RemoteRecipientType : None
DisabledArchiveDatabase :
DisabledArchiveGuid : 00000000-0000-0000-0000-000000000000
QueryBaseDNRestrictionEnabled : False
MailboxMoveTargetMDB :
MailboxMoveSourceMDB :
MailboxMoveFlags : None
MailboxMoveRemoteHostName :
MailboxMoveBatchName :
MailboxMoveStatus : None
IsPersonToPersonTextMessagingEnabled : False
IsMachineToPersonTextMessagingEnabled : True
UserSMimeCertificate : {}
UserCertificate : {}
CalendarVersionStoreDisabled : False
ImmutableId :
PersistedCapabilities : {}
SKUAssigned : False
AuditEnabled : False
AuditLogAgeLimit : 90.00:00:00
AuditAdmin : {Update, Move, MoveToDeletedItems, SoftDelete, HardDelete, FolderBind, SendAs,
SendOnBehalf, Create}
AuditDelegate : {Update, SoftDelete, HardDelete, SendAs, Create}
AuditOwner : {}
WhenMailboxCreated : 12/03/2012 14:43:29
UsageLocation :
Extensions : {}
HasPicture : False
HasSpokenName : False
AcceptMessagesOnlyFrom : {}
AcceptMessagesOnlyFromDLMembers : {}
AcceptMessagesOnlyFromSendersOrMembers : {}
AddressListMembership : {Webactive\Offline Global Address List, Webactive\All Users, Webactive\Mailbox
es(VLV), Webactive\All Mailboxes(VLV), Webactive\All Recipients(VLV), Webactiv
e\Default Global Address List}
Alias : nick.smith
ArbitrationMailbox :
BypassModerationFromSendersOrMembers : {}
OrganizationalUnit : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive
CustomAttribute1 :
CustomAttribute10 :
CustomAttribute11 :
CustomAttribute12 :
CustomAttribute13 :
CustomAttribute14 :
CustomAttribute15 :
CustomAttribute2 :
CustomAttribute3 :
CustomAttribute4 :
CustomAttribute5 :
CustomAttribute6 :
CustomAttribute7 :
CustomAttribute8 :
CustomAttribute9 :
DisplayName : Nick Smith
EmailAddresses : {SMTP:nick.smith@oatoo.com}
GrantSendOnBehalfTo : {}
ExternalDirectoryObjectId :
HiddenFromAddressListsEnabled : False
LastExchangeChangedTime :
LegacyExchangeDN : /o=OATOO/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=N
ick Smithea6
MaxSendSize : 1 GB (1,073,741,824 bytes)
MaxReceiveSize : 1 GB (1,073,741,824 bytes)
ModeratedBy : {}
ModerationEnabled : False
PoliciesIncluded : {97b3962a-b535-4928-9345-bc0a01410987, {26491cfc-9e50-4857-861b-0cb8df22b5d7}}
PoliciesExcluded : {}
EmailAddressPolicyEnabled : True
PrimarySmtpAddress : nick.smith@oatoo.com
RecipientType : UserMailbox
RecipientTypeDetails : UserMailbox
RejectMessagesFrom : {}
RejectMessagesFromDLMembers : {}
RejectMessagesFromSendersOrMembers : {}
RequireSenderAuthenticationEnabled : False
SimpleDisplayName :
SendModerationNotifications : Always
UMDtmfMap : {emailAddress:642576484, lastNameFirstName:642576484, firstNameLastName:642576
484}
WindowsEmailAddress : nick.smith@oatoo.com
MailTip :
MailTipTranslations : {}
PartnerObjectId : 00000000-0000-0000-0000-000000000000
IsValid : True
ExchangeVersion : 0.10 (14.0.100.0)
Name : Nick Smith
DistinguishedName : CN=Nick Smith,OU=Webactive,OU=Microsoft Exchange Hosted Organizations,DC=oatoo
,DC=internal
Identity : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive/Nick Smith
Guid : 9009ce6a-4da3-4e00-a71a-98862463a844
ObjectCategory : oatoo.internal/Configuration/Schema/Person
ObjectClass : {top, person, organizationalPerson, user}
WhenChanged : 04/04/2012 15:30:04
WhenCreated : 12/03/2012 14:43:29
WhenChangedUTC : 04/04/2012 14:30:04
WhenCreatedUTC : 12/03/2012 14:43:29
OrganizationId : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive - oatoo.inter
nal/Configuration/Services/Microsoft Exchange/ConfigurationUnits/Webactive/Con
figuration
OriginatingServer : OA2DC002.oatoo.internal
- תגובה
- ציטוט
יום חמישי 12 אפריל 2012 21:04

0

Ok, so that looks ok. Can you run a get-casmailbox for the same user?
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 07:26

0

[PS] C:\Windows\system32>get-casmailbox -organization "webactive" nick.smith

Name ActiveSyncEnabled OWAEnabled PopEnabled ImapEnabled MapiEnabled
---- ----------------- ---------- ---------- ----------- -----------
Nick Smith True True True True True

[PS] C:\Windows\system32>get-casmailbox -organization "webactive" nick.smith | fl *

PSComputerName : oa2ex005.oatoo.internal
RunspaceId : 27d36070-2def-4c89-ac6f-8ca31bbf5691
EmailAddresses : {SMTP:nick.smith@oatoo.com}
LegacyExchangeDN : /o=OATOO/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Nick
Smithea6
LinkedMasterAccount :
PrimarySmtpAddress : nick.smith@oatoo.com
SamAccountName : nick.smith
ServerLegacyDN : /o=OATOO/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Se
rvers/cn=OA2EX004
ServerName : oa2ex004
DisplayName : Nick Smith
ActiveSyncAllowedDeviceIDs : {}
ActiveSyncBlockedDeviceIDs : {}
ActiveSyncMailboxPolicy : Webactive\Default
ActiveSyncMailboxPolicyIsDefaulted : True
ActiveSyncDebugLogging :
ActiveSyncEnabled : True
HasActiveSyncDevicePartnership : True
ExternalImapSettings :
InternalImapSettings :
ExternalPopSettings :
InternalPopSettings :
ExternalSmtpSettings :
InternalSmtpSettings :
OwaMailboxPolicy : Webactive\OwaMailboxPolicy-Default
OWAEnabled : True
ECPEnabled : True
EmwsEnabled : False
PopEnabled : True
PopUseProtocolDefaults : True
PopMessagesRetrievalMimeFormat : BestBodyFormat
PopEnableExactRFC822Size : False
PopSuppressReadReceipt : False
ImapEnabled : True
ImapUseProtocolDefaults : True
ImapMessagesRetrievalMimeFormat : BestBodyFormat
ImapEnableExactRFC822Size : False
ImapSuppressReadReceipt : False
MAPIEnabled : True
MAPIBlockOutlookNonCachedMode : False
MAPIBlockOutlookVersions :
MAPIBlockOutlookRpcHttp : False
EwsEnabled : True
EwsAllowOutlook :
EwsAllowMacOutlook :
EwsAllowEntourage :
EwsApplicationAccessPolicy :
EwsAllowList :
EwsBlockList :
ShowGalAsDefaultView : True
IsValid : True
ExchangeVersion : 0.10 (14.0.100.0)
Name : Nick Smith
DistinguishedName : CN=Nick Smith,OU=Webactive,OU=Microsoft Exchange Hosted Organizations,DC=oatoo,DC=
internal
Identity : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive/Nick Smith
Guid : 9009ce6a-4da3-4e00-a71a-98862463a844
ObjectCategory : oatoo.internal/Configuration/Schema/Person
ObjectClass : {top, person, organizationalPerson, user}
WhenChanged : 4/4/2012 3:30:04 PM
WhenCreated : 3/12/2012 2:43:29 PM
WhenChangedUTC : 4/4/2012 2:30:04 PM
WhenCreatedUTC : 3/12/2012 2:43:29 PM
OrganizationId : oatoo.internal/Microsoft Exchange Hosted Organizations/Webactive - oatoo.internal/
Configuration/Services/Microsoft Exchange/ConfigurationUnits/Webactive/Configurati
on
OriginatingServer : OA2DC002.oatoo.internal

[PS] C:\Windows\system32>
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 16:49

0

Looks ok too. So is this affecting all users? Looking at your activesync VDir properties it's showing IsValid as False on OA2EX005.

Do you have any other issues with this machine? Any errors in the application event log? If this is just test environment, could you try a remove-activesyncvirtualdirectory on that box, and re-create it.
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 18:18

0

I can remove and recreate, but it's a new-therefore-should-be-clean environment, and the issue seems to affect both the cas in the nlb group. I'll try forwarding the http/s traffic direct to oa2ex006 and see if I get same result.
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 18:33

0

Good idea. let me know. in a greenfield like this, it really should just work.
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 18:53

0

Ooookayy. So, I pointed the firewall at oa2ex006, Autodiscovery worked. I pointed it at oa2ex005, to my surprise Autodiscover worked. Pointed it back at the NLB, Autodiscovery worked!

I swear I have made no changes since removing the Redirect on Wednesday, and definitely rechecked autodiscover since. The only thing that makes any sense is that last night was patch night, and a reboot happened.

So...happiness that it is working, but still complete puzzlement as to why it wasn't.

I am going to run another couple of tests, assuming all is good, I will put the redirect back on and review.
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 18:54

0

And many many thanks for all your patient help.
- תגובה
- ציטוט
יום שישי 13 אפריל 2012 19:03

0

No problem. Glad it's working now. Be careful with the redirect piece.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 10:29

0

Aaaannnnd. It's stopped working. Only changes I have made are reboots on the Mailbox servers.

But... If I run "Exchange Web Services synchronization, notification, availability, and Automatic Replies (OOF)", it passes succesfully, including Autodiscovery!

Autodiscover also works if I do Outlook Anywhere testing, though this fails with:

[i]Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.

An error occurred while testing the NSPI RPC endpoint.

Test Steps

Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server OA2EX003.oatoo.internal.
The attempt to ping the endpoint failed.
Tell me more about this issue and how to resolve it

Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.

[/i]

Following the http://technet.microsoft.com/en-us/library/db543644-c252-47ee-a70b-4f60770083dc.aspx article:

- Cannot see any failures in DNS resolution

-ValidPorts should not be relevant in 2010, and in any case looks correct

-IP V6 is disabled on Mailbox servers and CAS servers.

- netstat -a shows that it is [i]not[/i] listening on 6004:

Proto Local Address Foreign Address State
TCP 0.0.0.0:80 OA2EX003:0 LISTENING
TCP 0.0.0.0:135 OA2EX003:0 LISTENING
TCP 0.0.0.0:443 OA2EX003:0 LISTENING
TCP 0.0.0.0:445 OA2EX003:0 LISTENING
TCP 0.0.0.0:593 OA2EX003:0 LISTENING
TCP 0.0.0.0:3343 OA2EX003:0 LISTENING
TCP 0.0.0.0:3389 OA2EX003:0 LISTENING
TCP 0.0.0.0:6001 OA2EX003:0 LISTENING
TCP 0.0.0.0:6005 OA2EX003:0 LISTENING
TCP 0.0.0.0:6006 OA2EX003:0 LISTENING
TCP 0.0.0.0:6007 OA2EX003:0 LISTENING
TCP 0.0.0.0:6008 OA2EX003:0 LISTENING
TCP 0.0.0.0:6009 OA2EX003:0 LISTENING
TCP 0.0.0.0:6010 OA2EX003:0 LISTENING
TCP 0.0.0.0:6053 OA2EX003:0 LISTENING

I have no idea if this is connected, obviously.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 14:28

0
Is the Microsoft Exchange Address Book Service running?
- הוצע כתשובה על-ידי steve siyavayaMicrosoft Community Contributor יום שני 16 אפריל 2012 15:33
- הצעה כתשובה בוטלה על-ידי steve siyavayaMicrosoft Community Contributor יום שני 16 אפריל 2012 15:41
- תגובה
- ציטוט
יום שני 16 אפריל 2012 15:27

0
Address Book was not running on one of the Cas. Service Host Service was not running on either of the Mailbox - started these and Outlook over RPC tests fine - thanks. I'll put that one down to not seeing woods for trees:).

Activesync Autodiscover continues to fail, however. Is it worth my simply recreating the Virtual Directories? If so, which ones?
- נערך על-ידי nphsmith יום שני 16 אפריל 2012 15:27
- תגובה
- ציטוט
יום שני 16 אפריל 2012 15:40

0

I think you need to go back to testing each of the CAS again individually and try to figure out if one, or both, have the issue.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 15:51

0

Ok, will do that this evening. Thanks again for ongoing help.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 15:57

0

In fact found time before catching train home. It is failing with both CAS.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 16:01

0

Only thing in the event logs is the Address Book service timing out after last restart.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 16:08

0

What event was it? Why would it be timing out?

Check both CAS's activesync virtual directories. OA2EX005 reported as invalid last time, does it still? If so, remove- it and re-create it.

Any other events being logged? If things are timing out, could DNS be the issue?
- תגובה
- ציטוט
יום שני 16 אפריל 2012 19:34

0
Event 7009 - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Exchange Address Book service to connect.

That was during/after a reboot this morning.

I've removed and recreated the OA2EX005 activesync VD, it still gives IsValid as False.

The only oddness with DNS is that if I ping from oa2ex005 to oa2ex006, it pings to the nic I am using for LB, and viceversa. The default web-site uses * rather than a specified IP number.

Edit: resolved the DNS issue.
- נערך על-ידי nphsmith יום שני 16 אפריל 2012 19:42
- תגובה
- ציטוט
יום שני 16 אפריל 2012 20:29

0

Did you put the IIS redirect back in? What errors do you get from an activesync test? We're going in circles. Something isn't right. Try turning up event logging for the activesync and autodiscover components using set-eventloglevel (http://technet.microsoft.com/en-us/library/aa998905.aspx)
- תגובה
- ציטוט
יום שני 16 אפריל 2012 20:39

0

One more question, can your CAS servers resolve the outlook.oatoo.com fqdn?
- תגובה
- ציטוט
יום שני 16 אפריל 2012 20:59

0

Yes, they resolve it to the NLB IP.

Having upped the logging, I *do* get another error in the log, but not sure quite how informative it is:

Time:21:55:25.2876775, Id:2027028260, Error Response with the ErrCode:"1", Message:"No external URL is available to access this mailbox with Exchange ActiveSync. Your Exchange server configuration needs to be adjusted to allow access.", DebugData:"UserMailbox" was generated for EMailAddress:"nick.smith@oatoo.com", LegacyDN:"" by "Microsoft.Exchange.Autodiscover.Providers.MobileSync.MobileSyncProvider, Microsoft.Exchange.Autodiscover, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35".
- תגובה
- ציטוט
יום שני 16 אפריל 2012 21:01

0

"No external URL is available to access this mailbox with Exchange ActiveSync"

Can you check the externalURL is populated on both the servers, and make sure there is an AD site set up in AD Sites and Services.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 21:18

0
Using get-activesyncvirtualdirectory | fl * I get

ExternalURL https://outlook.oatoo.com/Microsoft-Server-Activesync for both servers

The site is simply Default-Site-First-Name.

Annoyingly, the guy at the end of this thread:

http://forums.msexchange.org/m_1800544806/mpage_1/key_/tm.htm#1800544806

Say he has a solution, but not what it is. :(. I've mailed him, may get a response....
- נערך על-ידי nphsmith יום שני 16 אפריל 2012 21:54
- תגובה
- ציטוט
יום שני 16 אפריל 2012 21:59

0

A possible solution is recorded here:

http://social.technet.microsoft.com/Forums/ta/exchange2010/thread/7f8585e1-6d7b-4f39-b83b-836915dd5e0c

But no event 1033 is being logged, and I am wary of editing web.config unless I or someone else knows what I am doing.
- תגובה
- ציטוט
יום שני 16 אפריל 2012 22:10

0

Have you defined the subnet in AD Sites and Services? And associated it to the Default-Site etc site? Add a subnet, containing the servers, restart AD topology service on both Exchange servers.

When you do a testconnectivity.com now, what error do you get in the XML?
- תגובה
- ציטוט

יום שלישי 17 אפריל 2012 03:27

Subnet now defined, same error:

Attempting to send an Autodiscover POST request to potential Autodiscover URLs.

Autodiscover settings weren't obtained when the Autodiscover POST request was sent.

Test Steps

ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.oatoo.com/AutoDiscover/AutoDiscover.xml for user nick.smith@oatoo.com.

ExRCA failed to obtain an Autodiscover XML response.

Additional Details

None of the expected XML elements were found in the XML response.

In Windows event log, error remains:

Time:04:25:25.6068418, Id:2027028260, Error Response with the ErrCode:"1", Message:"No external URL is available to access this mailbox with Exchange ActiveSync. Your Exchange server configuration needs to be adjusted to allow access.", DebugData:"UserMailbox" was generated for EMailAddress:"nick.smith@oatoo.com", LegacyDN:"" by "Microsoft.Exchange.Autodiscover.Providers.MobileSync.MobileSyncProvider, Microsoft.Exchange.Autodiscover, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35".

יום שלישי 17 אפריל 2012 03:33

Looking further down the testconnectivity.com, I get this unauthorized response (I have not setup HttP redirect, so this may be a complete red herring).

Attempting to contact the Autodiscover service using the HTTP redirect method.

The attempt to contact Autodiscover using the HTTP Redirect method failed.

Test Steps

Attempting to resolve the host name autodiscover.oatoo.com in DNS.

The host name resolved successfully.

Additional Details

	Testing TCP port 80 on host autodiscover.oatoo.com to ensure it's listening and open.
	The port was opened successfully.

ExRCA is checking the host autodiscover.oatoo.com for an HTTP redirect to the Autodiscover service.

ExRCA failed to get an HTTP redirect response for Autodiscover.

	Additional Details
	An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).

יום שלישי 17 אפריל 2012 04:18

0

Can you try running nltest /dsgetsite on your CAS? Something is mixed up, if you have only two CAS, one AD site, something is hokey.
- תגובה
- ציטוט
יום שלישי 17 אפריל 2012 07:55

0
C:\Users\oa>nltest /dsgetsite
Default-First-Site-Name
The command completed successfully

Same result on both CAS
- נערך על-ידי nphsmith יום שלישי 17 אפריל 2012 07:55
- תגובה
- ציטוט
יום שלישי 17 אפריל 2012 13:37

0
Done a DCdiag querying both DCs, both errored with:

Starting test: KccEvent

The event log Directory Service on server OA2DC002.oatoo.internal

could not be queried, error 0x6ba "The RPC server is unavailable."

Starting test: SystemLog

The event log System on server OA2DC002.oatoo.internal could not be

queried, error 0x6ba "The RPC server is unavailable." Starting test: DFSREvent

The event log DFS Replication on server OA2DC002.oatoo.internal could

not be queried, error 0x6ba "The RPC server is unavailable.
Edit: Which means nothing, according to: http://support.microsoft.com/kb/2512643. D*ng.
- נערך על-ידי nphsmith יום שלישי 17 אפריל 2012 13:49
- תגובה
- ציטוט
יום שלישי 17 אפריל 2012 16:03

1

I'm all out of ideas for the moment. I would suggest you open a support incident, as we'll need to do some tracing and analysis of your environment, and this isn't the best way to do that. Or if this is a test lab, rebuild it.

One last idea, as it occurrs to me, did you happen to forcibly remove any servers at any point? Have issues installing and removing any servers from this org?
- תגובה
- ציטוט
יום שלישי 17 אפריל 2012 17:48

0

Yes, but only one of the Transport servers; I created a new server because it felt like it had problems, but having learnt a bit more, I think it likley it was just Powershell syntax issues/ignorance.

Thanks again for all your time. I'll open a case on Thursday (away tomorrow).

Nick
- תגובה
- ציטוט
יום חמישי 27 ספטמבר 2012 13:02

0

Did you manage to solve this problem?
- תגובה
- ציטוט

Activesync Autodiscover not working

כל התגובות

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support by product

Other support links

Not an IT pro?