Hi - A week ago two users who have had no problems with iPhone synchronisation to thier SBS 2003 exchange server installation suddenly stopped recieving email. Having run the analyzer I can see where it is failing but have had little joy in discovering the cause. The few KB articles I have been able to find have had me making some registry changes, removing all messages from the users inbox (which has caused his entourage to flip out) and even doing a full offline defrag and integrity check on the exchange store database, all with no success. If I run the analyzer against the administrator inbox I do not get any errors.
Results are posted below - can anyone point me in the right direction please as this is getting frustrating!
ExRCA is testing Exchange ActiveSync.
The Exchange ActiveSync test failed.
Attempting to resolve the host name yellowdot.dnsalias.com in DNS.
The host name resolved successfully.
IP addresses returned: 126.96.36.199
Testing TCP port 443 on host yellowdot.dnsalias.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Validating the certificate name.
The certificate name was validated successfully.
Host name yellowdot.dnsalias.com was found in the Certificate Subject Common name.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
The certificate is valid. NotBefore = 11/9/2006 10:33:03 AM, NotAfter = 11/9/2011 10:33:03 AM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://yellowdot.dnsalias.com/Microsoft-Server-Activesync/.
The HTTP authentication methods are correct.
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Attempting to send the OPTIONS command to the server.
The OPTIONS response was successfully received and is valid.
Headers received: MicrosoftOfficeWebServer: 5.0_Pub
Public: OPTIONS, POST
Allow: OPTIONS, POST
Date: Thu, 04 Nov 2010 08:54:13 GMT
Attempting the FolderSync command on the Exchange ActiveSync session.
The FolderSync command completed successfully.
Number of folders: 52
Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
An error occurred while the Sync command was being tested.
Message: The operation has timed out
I called in Tech Support under partner business critical contract as this particular customer was struggling to keep working as they are primarily Mac based and the problem was also impacting on Entourage accounts.
We did not find a satisfactory solution or explanation regarding the cause of the problem despite some 8 hours on the telephone.
I finally resorted to setting up brand new mailboxes for the affected users, giving them archive access to the old ones by swapping the accounts they were attached to.
This resolved the sync problem but I am concerned it is only a temporary fix as one of the users called to tell me that it has started happening again with the brand new mailbox.
Engineers at Microsoft tried to suggest that mailboxes were too big but I have never had this problem before. It seems to be some corruption in the Mailbox database that is not fixed by anything. The fact that it has been working absolutely fine for the five years or so that this server has been in use and only started to go wrong recently makes me suspect some kind of security update.
Please post here if you find any further information that may help - sorry I do not have a solution for you.
What are the actual inbox item counts of the affected users? This makes me want to confirm if users with the issues have very high inbox item counts and/or some issue completing the sync of all those items before a timeout. Maiboxes with very high item counts (in critical path folders) are a very real issue and many times everything will appear to be just fine until the limit/threshold is finally reached; from that point forward, relief is difficult until the item counts are back under control. Hence, the impression that there was never a problem previously. So this is definately worth pursuing. You might, as a test, take an affected user and move 90% of their inbox contents to a subfolder that is not set to sync and see if the issue persists.
We've run into this problem, but it might have arose differently. We were migrating users to 2010, when we realized that they were accessing a bunch of shared mailboxes that we weren't ready to migrate yet. Activesync worked fine with 2003 before the move, and it worked fine with 2010, but when we migrated 2 users back to 2003, we run into this exact same error. I've tried enabling and disabling the mailbox features many times. One inbox has 6000 items and is close to its size limit, the other has 4000 items and is well within storage limits.
These are typicall caused by firewalls, firewalls don't like idle sessions nor long standing http requests because they can seem like DOS attacks. These behaviors mimic activesync, you need to check your documentation on your Firewall an up the connection timeouts. Some firewalls have pre-created rules for activesync that have these settings. Also it may not necessarily be the firewall it can also be the carrier.
Understanding Direct Push
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Just as an update - we never resolved the problem, I had to create brand new mailboxes for each user wanting to use ActiveSync and link their old ones to a new user for archive access. It seems as though some past event corrupted all the mailboxes in such a way that even importing messages into a new blank mailbox stopped the ActiveSync working.
I spent days with Microsoft Technicians on this but have abondoned all hope of ever finding out what caused the problem.
Your situation sounds exactly like mine. Been working with Microsoft Critical down support for 3 days becuase our SBS2003 server suddenly stopped working with active sync on our main email accounts.
about 8 users affected.
Our administrator account & Besadmin account with email boxes work fine when tested. I even created a brand new account that was unaffected and worked fine. Then I copied a PST backup of a known bad account to the test account and it stopped working.
Now Microsoft & I are doing defrags, repairs, etc, etc to the database thinking corruption, but I've been pretty sure that this isnt going to solve it.... I guess I'll be stuck going down the same road of total recreation if no one else has found a solution yet either.
As for the reason... I'm fairly certain it was becuase the server was hacked or something similar. No one in the office accesses the server, but there was a "sysadmin" account created randomly the day that activesync stopped working... as well as an unknown support & supporte3004sf(Random letters/numbers) created 3 months ago. All had local/domain administrator rights granted. Plus, some scans found big virus's & Spyware on the server. (I've deleted or changed the passwords on the fraudulent Admin accounts & removed all the spyware/virus's... but sadly active sync is still unresolved)
Had this same hacker scenario, windows sbs server brute force hacked, found hacker remote desktop-ed in as sysadmin. Various accounts created , they used fs pro hf.exe hide folders 2009 to hide the sysadmin folder in documents and settings\sysadmin. various malware removed, best buy pc app safari, Google chrome. I disabled accounts and so forth, found the hacker because active sync quit working, hope he doesn't figure out how to take over a machine without breaking that.
Anyway, if I create a new user it works, but all existing accounts OMA doesn't work, tried most tech tips, including reinstalling exchange server 2003 sp2 . Recreating virtual iis webs etc. followed Alan hardesty's excellent instructions... no joy
Hi all, I just ran into this same issue and the cause was the same hacking problem that Kaedian and ktharper-mi ran into. After lots and lots of troubleshooting I was actually able to solve the problem. One piece of software installed by the hacker was a service named "FSPro Filter Service", the associated file was C:\Windows\system32\fsproflt.exe. This file could not be viewed in explorer, even with hidden and system files shown, but it was there because a new file with the same name could not be created. Disabling this service did not resolve the problem though. After further investigation I found a system driver loaded as well. C:\Windows\system32\drivers\FSPFltd.sys, I removed this file from the drivers folder, rebooted the server, and then all the accounts started syncing via activesync again.
- Proposed as answer by 999Dom999 Monday, April 30, 2012 4:34 PM
Lukeca brilliant! I too had an SBS2003 box hacked! This seems quite common, had all the same software mentioned above and your answer above on fspro service/system file with a reboot did the trick, so glad I found this valuable post. I would of never found that myself! I owe you a pint! :)
I had the same issue with server 2003 and Exchange 2003 SP2. The problem is that you are able to get in OMA directory using HTML https://yourserver/OMA , but when you try to reach your mailbox through ActiveSync you wont.
Very strange behaviour of exchange active sync is really wierd. The administrator account was able to sync, but some other users was not.
I tried procmon, without success.
Then I realized that after updates IPsec service fails again and again during system start up.
Than I tried to run wireshark. There was last update for Microsoft security essentials which blocked communication for server, also for activesync !!
After uninstall MSE everything works perfect now !
Try to unistall your antivirus software, I had the similar issue with norton antivirus but it was on the other server.
Branislav Pastorek SEAL IT services
We had the same issue on a 2003 SBS Server that just quit working with select accounts and it was due to a Microsoft Security Essentials update that seems to be blocking it. We had the same results as Branislav above and after removing MSE all of the phones started working properly again with activesync.
I had the same issue and it was MSE. I disabled it hours and hours ago but did not uninstall it. Weird thing was "all" the droids worked. But no IOS device worked. iPad/iPhone/iPod would not work. But using the same account on a droid would sync wihtout issues. I saw this thread and had no expectations that this would fix it since i had already disabled the real time scanning. But withing seconds of uninstalling it all the IOS devices started to work.
Thank you all for your info!! It really is the Microsoft seurity essentials.
Uninstalled and... PRESTO!!! iphones-ipads work prfect.
also the connectivity test pases with success!!!
I must mention that the same server was running Trendmcro AV , maybe a conflict ??
anyway thanks a lot.
Sokratis Laskaridis MCP, MCTS, MCITP, Small Business Specialist Netapp ASAP, Symantec STS
- Proposed as answer by Mike Raj Thursday, November 29, 2012 3:44 PM
Thank for this post it was definitely an antivirus definition issue. I have forefront and a definition came in last night and began blocking iPhone connections but some Windows 7 mobile phones could connect without an issue.
Uninstalled it and all is syncing again.
Thanks, Mike Raj
Just wanted to add that this fixed a problem for a client as well.
Client Environment: Windows Server 2003, Exchange Server 2003 and System Center 2012 Endpoint Protection.
Uninstall and it instantly started working again.
- Edited by Dan Apps Tuesday, January 07, 2014 5:08 AM