Exchange 2010 Active sync (Access mail in Mobile issues) RRS feed

  • Question

  • Hi

    In my organisation Exchange server 2010 SP1 are deployed before six months itself & we accessed mail in mobile through active sync initially. Recently(one month back) we facing problem in accessing mail in active sync. 

    While we tried to configure mailbox in mobile through Active sync it shows error "Server is not available"

    Initially i don't have autodiscover record in internal dns as well as public dns. Right now i had on both.

    Pls see the error which i received in testconnectivity.microsoft.com

    The Microsoft Connectivity Analyzer is checking the host autodiscover.astraglobal.co for an HTTP redirect to the Autodiscover service.

    The Microsoft Connectivity Analyzer failed to get an HTTP redirect response for Autodiscover.

    Additional Details
    An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: You do not have permission to view this directory or page.
    Headers received:
    Content-Length: 58
    Content-Type: text/html
    Date: Mon, 11 Nov 2013 07:02:55 GMT
    Server: Microsoft-IIS/7.5
    X-Powered-By: ASP.NET
    Elapsed Time: 509 ms.

    Kindly help me 


    Monday, November 11, 2013 11:27 AM

All replies

  • Check this and inform the status..

    on the Exchange Active Sync Virtual Directory, (Exchange Management Console -> Server Configuration -> Client Access -> Exchange Active Sync -> Properties of virtual directory -> Authentication ) check whether basic authentication and ignore ssl certificate is selected..

    Also, check allow non provisioned devices are selected

    (Exchange Management Console -> Organization Configuration -> Client Access -> Exchange Active Sync -> Properties of Exchange active sync policy -> check on general tab)

    Monday, November 11, 2013 1:10 PM
  • Hi,

    Agree with the above suggestion, please check "Ignore client certificates" and “basic authentication” in Active Sync configuration and allow non-provisioned devices.

    Additionally,  check the bindings of Active Sync virtual directory and default website in IIS.

    Here are similar cases for your reference:


    If you have any question, please feel free to let me know.


    Angela Shi
    TechNet Community Support

    Tuesday, November 12, 2013 7:43 AM
  • Please find the below inform..

    On General Tab--

    Internal URL


    External URL


    & Please see the below snapshot for other information


    In Internal DNS i'm having autodiscover host record & SRV record & In external DNS only autodiscover host record is there. 

    Kindly check the given information & help me 


    Tuesday, November 12, 2013 7:50 AM
  • Hi,

    According to your description, basic authentication and ignore SSL certificate has been selected. Thus please also refer to Rajkumar-MCITP’s suggestion to check if selecting allow non-provisioned devices:

    Additionally, please refer to the following troubleshooting:
    1. Check the binding of ActiveSync virtual directory and default site in IIS.
    2. Check if MSExchangeSyncAppPool starts. Here is the path:
    Exchange server>IIS> expanding the server name> Application Pools
    3. Directly access the following URL in IE:



    Angela Shi
    TechNet Community Support

    Thursday, November 14, 2013 3:23 AM
  • Hi,

    Very thanks for your replies

    Allow non provisonable devices are already selected & i checked above points also

    I checked the URL in point 3 It asked user name & password. After given i got the below attached snap 

    Please tell how to check the binding of ActiveSync virtual directory and default site in IIS


    Awaiting for your response.


    Friday, November 15, 2013 5:11 AM
  • Hi,

    Here are the path you can check the bindings:

    IIS> expand site>click default web site> in the actions pane, click bindings>confirm if http points port 80 and https points to port 443> click Microsoft-server-activesync> in the action pane, make sure the correct ports are being used 80 and 443 for active sync bindings

    Let’s also check the following article:


    A 403 error is typically returned by the server if your account is not enabled for ActiveSync.

    Thus, create a new Active Sync mailbox policy which allow non-provisionable devices and assign this to the test account and run the Test again:


    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.



    Angela Shi
    TechNet Community Support

    Friday, November 15, 2013 6:48 AM
  • 1st thing I would do is get to a supported state.  Go to SP3 min & latest RU.


    Sunday, November 17, 2013 2:03 AM
  • Hi,

    Sorry for late reply

    Please find the below snapshot for bindings information

    Active sync features has been enabled for mailbox with "Allow non-provisional devices"


    Tuesday, November 19, 2013 4:52 AM
  • Hi,

    I 'll go for SP3 & latest RU

    Is it possible to upgrade the exchange 2010 from SP1 to SP3 directly

    What are the prerequisites i need to do ?


    Tuesday, November 19, 2013 4:55 AM
  • Yes you can, read the readme notes, basically need to prep the schema and follow instruction. If you have multiple sites, start off with internet facing first.



    • Edited by Sukh828 Tuesday, November 19, 2013 10:20 AM
    Tuesday, November 19, 2013 10:19 AM