I think i will move this to here as I think the problem is more exchange than Server 2008
Story so far, Exchange server working fine however it was a base install with no service packs. I updated the service packs to SP3 and rolls ups to No 6.
After this mobile devices would not connect. We were advised that we should have a commercial certificate, which has now been installed and we were still having the same problem.
I have deleted and recreated the "Microsoft-Server-ActiveSync" virtual directory. And still I have the same problem, which creates the following entry in event viewer.
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 27/03/2012 11:14:06
Event time (UTC): 27/03/2012 10:14:06
Event ID: 8457bcf0c81b4099b62448bc3bd5ea5f
Event sequence: 152
Event occurrence: 51
Event detail code: 0
Application domain: /LM/W3SVC/1/ROOT/Microsoft-Server-ActiveSync-1-129773162326071333
Trust level: Full
Application Virtual Path: /Microsoft-Server-ActiveSync
Application Path: D:\ExchangeX86\ClientAccess\sync\
Machine name: MAIL
Process ID: 3460
Process name: w3wp.exe
Account name: NT AUTHORITY\SYSTEM
Exception type: FileNotFoundException
Exception message: Could not load file or assembly 'Microsoft.Exchange.AirSync, Version=220.127.116.11, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.
Request URL: https://mail.liskeard.cornwall.sch.u...SAMSUNGGTI9000
Request path: /Microsoft-Server-ActiveSync/default.eas
User host address: 18.104.22.168
Is authenticated: True
Authentication Type: Basic
Thread account name: NT AUTHORITY\SYSTEM
Thread ID: 5
Thread account name: NT AUTHORITY\SYSTEM
Is impersonating: False
Stack trace: at Microsoft.Exchange.AirSyncHandler.Handler..ctor()
Custom event details:
For more information, see Help and Support Center at Events and Errors Message Center: Basic Search.
Ok have run the test and we have the one error now (did have an issue with DNS but that's sorted) Google this error and I am not coming up with anything
An ActiveSync session is being attempted with the server.
Errors were encountered while testing the Exchange ActiveSync session.
Attempting to send the OPTIONS command to the server.
Testing of the OPTIONS command failed. For more information, see Additional Details.
An HTTP 500 response was returned from Unknown.
Can you post the entire results?
The error seem different today compare to yesterday, any suggestions really would be apprieciated.
Code:ExRCA is testing Exchange ActiveSync. The Exchange ActiveSync test failed. Test Steps Attempting the Autodiscover and Exchange ActiveSync test (if requested). Testing of Autodiscover for Exchange ActiveSync failed. Test Steps Attempting each method of contacting the Autodiscover service. The Autodiscover service couldn't be contacted successfully by any method. Test Steps Attempting to test potential Autodiscover URL https://liskeard.cornwall.sch.uk/AutoDiscover/AutoDiscover.xml Testing of this potential Autodiscover URL failed. Test Steps Attempting to resolve the host name liskeard.cornwall.sch.uk in DNS. The host name couldn't be resolved. Tell me more about this issue and how to resolve it Additional Details Host liskeard.cornwall.sch.uk couldn't be resolved in DNS InfoNoRecords. Attempting to test potential Autodiscover URL https://autodiscover.liskeard.cornwall.sch.uk/AutoDiscover/AutoDiscover.xml Testing of this potential Autodiscover URL failed. Test Steps Attempting to resolve the host name autodiscover.liskeard.cornwall.sch.uk in DNS. The host name resolved successfully. Additional Details IP addresses returned: 22.214.171.124 Testing TCP port 443 on host autodiscover.liskeard.cornwall.sch.uk to ensure it's listening and open. The port was opened successfully. Testing the SSL certificate to make sure it's valid. The certificate passed all validation requirements. Test Steps ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.liskeard.cornwall.sch.uk on port 443. ExRCA successfully obtained the remote SSL certificate. Additional Details Remote Certificate Subject: CN=mail.liskeard.cornwall.sch.uk, O=South West Grid for Learning Trust, L=Liskeard, S=Cornwall, C=GB, CN=autodiscover.liskeard.cornwall.sch.uk, Issuer: CN=TERENA SSL CA, O=TERENA, C=NL. Validating the certificate name. The certificate name was validated successfully. Additional Details Host name autodiscover.liskeard.cornwall.sch.uk was found in the Certificate Subject Alternative Name entry. Certificate trust is being validated. The certificate is trusted and all certificates are present in the chain. Test Steps ExRCA is attempting to build certificate chains for certificate CN=mail.liskeard.cornwall.sch.uk, O=South West Grid for Learning Trust, L=Liskeard, S=Cornwall, C=GB, CN=autodiscover.liskeard.cornwall.sch.uk. One or more certificate chains were constructed successfully. Additional Details A total of 2 chains were built. The highest quality chain ends in root certificate CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE. Analyzing the certificate chains for compatibility problems with versions of Windows. No Windows compatibility problems were identified. Additional Details The certificate chain has been validated up to a trusted root. Root = CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US. Testing the certificate date to confirm the certificate is valid. Date validation passed. The certificate hasn't expired. Additional Details The certificate is valid. NotBefore = 3/23/2012 12:00:00 AM, NotAfter = 3/23/2015 11:59:59 PM Checking the IIS configuration for client certificate authentication. Client certificate authentication wasn't detected. Additional Details Accept/Require Client Certificates isn't configured. Attempting to send an Autodiscover POST request to potential Autodiscover URLs. Autodiscover settings weren't obtained when the Autodiscover POST request was sent. Test Steps ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.liskeard.cornwall.sch.uk/AutoDiscover/AutoDiscover.xml for user firstname.lastname@example.org. ExRCA failed to obtain an Autodiscover XML response. Additional Details None of the expected XML elements were found in the XML response. Attempting to contact the Autodiscover service using the HTTP redirect method. The attempt to contact Autodiscover using the HTTP Redirect method failed. Test Steps Attempting to resolve the host name autodiscover.liskeard.cornwall.sch.uk in DNS. The host name resolved successfully. Additional Details IP addresses returned: 126.96.36.199 Testing TCP port 80 on host autodiscover.liskeard.cornwall.sch.uk to ensure it's listening and open. The port was opened successfully. ExRCA is checking the host autodiscover.liskeard.cornwall.sch.uk for an HTTP redirect to the Autodiscover service. ExRCA failed to get an HTTP redirect response for Autodiscover. Additional Details An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: <html><head><title>Error</title></head><body><head><title>Secure Channel Required</title></head> <body><h1>Secure Channel Required</h1>This Virtual Directory requires a browser that supports the configured encryption options.</body></body></html> Attempting to contact the Autodiscover service using the DNS SRV redirect method. ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method. Test Steps Attempting to locate SRV record _autodiscover._tcp.liskeard.cornwall.sch.uk in DNS. The Autodiscover SRV record wasn't found in DNS. Tell me more about this issue and how to resolve it
"The Autodiscover service couldn't be contacted successfully by any method."
Has this ever worked?
Seem like your autodiscover records may not be set correctly
Everything was working fine with a self signed certificate, however the problems began when we installed a JANET certificate issued via SWGFL.
Can you run
Get-exchangecertificate | fl >c:\cert.txt
Get-activesyncvirtualdirectory | fl > c:\activesync.txt
I have sent you a PM
Send the files?
did you get the files i sent?
Sorry, I havent, no idea where they are, can you try again?
I have fixed it now thanks, it has been quite a process and I will document it tomorrow as I am too tired to do it now.
As I said in the last post I have found a solution to this problem and I will go through what I did below just in case anyone else finds themselves in the same situation.
So this is what I had originally.
I searched the web high and low and never really found anyone with the exact same problem, lots of similar problems but none that really seemed the same. In the end I read a post from someone who had had problems with OWA and in the end he uninstalled and re installed Exchange. I didn't really want to be that extreme so I set about looking into uninstalling the CAS Server. Which I will document below the various steps and PowerScripts used.
- Uninstall IIS How to remove and reinstall IIS 5.0, 5.1 and 6.0 - make sure to take a backup first you just never know. Once you have removed IIS reboot your server
- Delete "watermark" from HKLM\software\microsoft\exchange\8.0\client access
- Uninstall the CAS Server Role open a command prompt and navigate to the \exchange\bin folder then run exsetup.exe /mode:uninstall /roles:ca
- Then open Exchange Management Shell and run the following Powershell scripts REPLACING SERVER2 WITH THE NAME OF YOUR EXCHANGE SERVER
- remove-autodiscovervirtualdirectory -identity "server2\autodiscover (default web site)"
- remove-oabvirtualdirectory -identity "server2\oab (default web site)"
- remove-owavirtualdirectory -identity "server2\owa (default web site)"
- remove-owavirtualdirectory -identity "server2\exchweb (default web site)"
- remove-umvirtualdirectory -identity "server2\unifiedmessaging (default web site)"
- remove-ActiveSyncVirtualDirectory -identity "server2\microsoft-server-activesync (default web site)"
- remove-webservicesvirtualdirectory -identity "server2\ews (default web site)"
- Reboot your server at this point
- Re install IIS..... I had a really strange problem at this point in that IIS installed as IIS 5 it took 4 uninstalls before IIS 6 installed
- re install the CAS Server Role open a command prompt and navigate to the \exchange\bin folder then run exsetup.exe /mode:install /roles:ca
At this point my sever was up and running and mobile devices were working again. However I was back to a self signed cert I am about to try the Cert I got from JA.net I will post the results of that later.
This worked for me and I take no responsibility if you try this and do more damage ( I have to say that don't I?) I would like to thank Sheepds on Technet for some of the above, I have pinched bits and pieces from many different post so if I haven't mentioned you sorry.
just a quick update the JA.net cert is working fine
There are currently 1 users browsing this thread. (0 members and 1 guests)