| Have your Exchange server installed, maintained or upgraded by Amset IT Solutions. Exchange 2000, 2003, 2003 SBS, 2007 More Information (UK only) |
Broadband - Exchange
Login Scripts - Net Admin
Outlook - Windows Mobile
Windows
Exchange and a
Dynamic IP Address
Global Mailbox Folder
Permissions from Server
Internal Email Address
for External People
Options when a Staff Member
Leaves
Prerequisites for Exchange
System Tools
Switching From POP3
to SMTP Delivery
| ||||||||||||
Author: Simon Butler, Exchange MVP, MCSE
Last Page Review: 30/01/2008
Working with a Mobile Device Section Home Page
When Exchange ActiveSync (EAS) isn't working correctly, it can be a pain to troubleshoot as all you get are cryptic error codes.
The quickest way to troubleshoot EAS is to check whether Outlook Mobile Access (OMA) is working correctly. They share the same infrastructure and often if one isn't working then the other will fail as well.
You can do the initial troubleshooting on OMA with a standard web browser. Turn off "Friendly http error messages" first, so that you can see the true error.
Then browse to http://servername/oma and login using the credentials in the format of domain\username and the password.
You should get a folder list in a plain text format. If you get anything else, then it isn't working properly.
If you are using SSL, then you will need to browse to the SSL URL.
Major things to check...
Incompatibilities
The ActiveSync push only works over a mobile phone connection, so if you are trying to see the feature work over a wireless or wired network connection, you will not. Regular initiated sync should work over the wireless connection though.
Windows Mobile is not compatible with wildcard SSL certificates, so if you have one of those you will need to change it for a named host certificate.
Certificate Prompts
Browse to https://servername.domain.com/oma where servername.domain.com is the name on the certificate.
If you get a certificate prompt, then that will cause EAS to fail, as it cannot handle the certificate prompt. Ideally you should be deploying this feature with a purchased certificate, but if you do need to use a certificate that isn't trusted by one of the built in root certificates, or need to import your own root certificate, then the certificate will need to be installed on to the device - see our instructions elsewhere on this site.
SSL and Forms Based Authentication - Exchange 2003 Only
Having SSL and Forms Based Authentication enabled can trigger the 85010014 sync errors. This is easily fixed, and is discussed here.
Authentication Settings - Exchange 2003 Only
The authentication settings on the virtual directories have caught some people out.
Again these are set in IIS Manager. On each virtual directory, click on Directory Security and then Edit under "Authentication and Access Control".
/exchange: Basic ONLY. Optional: set a default domain and a default realm*
/exchweb: Anonymous ONLY.
/exadmin: Integrated ONLY.
/OMA: Basic ONLY. Optional: set a default domain and a default realm*
/Microsoft-Server-ActiveSync: Integrated and Basic ONLY. Optional: set a default domain and a default realm*
* If you are using SSL, then setting the default domain and default realm has no effect on your users requirement to enter the domain name as part of their username (domain\username). You must enable forms based authentication and Exchange 2003 Service Pack 2 or higher, which has an undocumented change that defaults to not requiring the domain\ - despite what the web page says.
Authentication Settings - Exchange 2007
If you suspect that the authentication settings are not correct on Exchange 2007, then simply recreate the virtual directory.
First, delete the existing directory using the Exchange Management Console (where EXCH01 is the name of the server).
If you aren't sure of the identity of the ActiveSync directory, as the command must be exact, then use the following command to show how Exchange sees the virtual directory:
Then create a new one:
Application Pools - Exchange 2003 Only
If the application pools aren't set correctly, then the web application doesn't run. Also in IIS Manager.
/exchange - ExchangeApplicationPool*
/exchweb - ExchangeApplicationPool*
/exadmin - ExchangeApplicationPool*
/public - ExchangeApplicationPool*
/oma - ExchangeMobileBrowseApplicationPool
/Microsoft-Server-ActiveSync - ExchangeApplicationPool
* will probably show ExchangeApplicationPool but greyed out.
External Sites
Error Codes List: http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php
30/01/2008
Back to the Top
Contact Us - Advertise on amset.info
Exchange Index - Home Page
Broadband - Exchange - Login Scripts - Network Admin - Outlook - Windows Mobile - Windows
© Amset IT Solutions Ltd. 1998 - 2008. All rights reserved. Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned on this site. This site is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.