locked
ActiveSync Fails - From 2003, to 2010 then back to 2003 RRS feed

  • Question

  • Hello,

    We've been performing some tests on Exchange 2010 in preparation to going to 2010.  Moved two mailboxes to 2010.  Then moved them back to 2003 (fail-back testing)

    Before on 2003, ActiveSync worked perfectly (iphone).

    After on 2010, ActiveSync worked perfectly.

    After moving the mailboxes back to Exchange 2003, ActiveSync no longer works.

    As a test, I duplicated the problem.  Created another mailbox on Exch03, and went through the same same above.  Same result.

    I am unable to find much on how to fix this.  Please advise.

    2012-03-27 00:00:17 W3SVC1 172.26.85.202 POST /Microsoft-Server-ActiveSync User=Joe&DeviceId=ApplC39GJE6NDTDC&DeviceType=iPhone&Cmd=Sync&Log=V4TNASNC:0A0C0D0FS:0A0C0D0SP:1C1I469S1550R0S0L0H0P 443 acme.com\joe 68.45.181.179 Apple-iPhone4C1/902.179 500 0 0

    Thank you


    Shawn May

    Tuesday, March 27, 2012 1:46 AM

Answers

  • Hi Simon,

    Actually, this options simply disables the old SSL ciphers from the suite. 

    I was able resolve the problem by deleting the Exch2010 created objects beneath the user. (use LDP or ADSIEdit).


    Thank you


    Shawn May


    • Marked as answer by Shawn May Thursday, March 29, 2012 3:54 AM
    • Edited by Shawn May Thursday, March 29, 2012 12:40 PM
    Thursday, March 29, 2012 3:54 AM

All replies

  • Even if you remove and re-create the partnership?
    Tuesday, March 27, 2012 1:13 PM
  • Hi Northwinds,

    Can you provide a bit more to your question.  Partnership?  What is this, and how do you recreate a partnership with...???

    Thank you.

    Shawn


    Shawn May

    Tuesday, March 27, 2012 1:23 PM
  • Once you move it back to 2003, can you remove the activesync partnership that device has with the mailbox and recreate? Or via this method?

    Tuesday, March 27, 2012 1:30 PM
  • The device is an iPhone (method above does not apply).  I've removed and recreated the profile.

    Beneath the user's object in LDP/ADSI, I've also removed the ActiveSync container and object.

    Any other thoughts?


    Shawn May

    Tuesday, March 27, 2012 2:04 PM
  • Perhaps this link can help

    Tuesday, March 27, 2012 4:57 PM
  •  

    Hello,

    1. Go to Start-Administrative Tools-Select Local Security policy
    2. In Local Security policy navigate to Security Settings->Local Policies->Security Options
    3. On the right hand side, select the policy named "System cryptography: Use FIPS complaint algorithms for encryption,hashing,and signing." should be disabled

    Then checked the following registry key

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy

    this should set to 0

    Found that the “System cryptography: Use FIPS complaint algorithms for encryption,hashing,and signing.” was set to enabled.

    Thanks,

    Simon

    Thursday, March 29, 2012 3:23 AM
  • Hi Simon,

    Actually, this options simply disables the old SSL ciphers from the suite. 

    I was able resolve the problem by deleting the Exch2010 created objects beneath the user. (use LDP or ADSIEdit).


    Thank you


    Shawn May


    • Marked as answer by Shawn May Thursday, March 29, 2012 3:54 AM
    • Edited by Shawn May Thursday, March 29, 2012 12:40 PM
    Thursday, March 29, 2012 3:54 AM
  • Hi All,

    I had the same issue and it worked after remove the completed "move request" from the exchange 2010 console.

    Cheers,

     

    Tuesday, August 28, 2012 6:31 AM