Академический Документы
Профессиональный Документы
Культура Документы
Activesync
Contents
Overview 1
Lesson 1: Managing Mobile Service
Components 2
Lesson 2: Microsoft Exchange ActiveSync 9
Lesson 3: Beneath the GUI 16
Lesson 4: Troubleshooting 32
Lesson 5: Tools 71
Lab A: Microsoft Server ActiveSync (MSAS) 74
Review 86
Appendix A 87
Appendix B 90
Appendix C 98
Appendix D 103
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious,
and no association with any real company, organization, product, domain name, e-mail address,
logo, person, place or event is intended or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part
of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted
in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or
for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
Module 11: Server Activesync 1
Overview
Introduction Microsoft® Exchange Server 2003 includes built-in mobile functionality, which
allows users to access Exchange data by using mobile devices. Exchange
Server 2003 offers two services for your mobile users: Microsoft® Exchange
ActiveSync® and Microsoft® Outlook® Mobile Access.
Objectives After completing this module, you will be able to:
Manage mobile service components.
Understand what Exchange ActiveSync can do.
Know the interworking and it interacts with other components.
Know how to troubleshoot Exchange ActiveSync and what tools you can
use.
2 Module 11: Server Activesync
Introduction This lesson introduces you to the mobile service components of Exchange
Server 2003. It explains how to administer and secure these mobile service
components.
Lesson objectives After completing this lesson, you will be able to:
Describe the mobile service components of Exchange Server 2003.
Explain the requirements for Exchange Server 2003 mobile service
components.
Explain the utilities that are needed to administer mobile components.
Identify the Mobile Services object properties that you can modify by using
Exchange System Manager.
Configure Exchange ActiveSync and up-to-date notifications.
Describe the considerations necessary for securing mobile components.
Module 11: Server Activesync 3
Exchange Server 2003 allows users of wireless and small devices, such as
mobile phones, personal digital assistants (PDAs), or smart phones (hybrid
devices that combine the functionality of mobile phones and PDAs), access to
Exchange data. Exchange ActiveSync and Outlook Mobile Access are two of
the mobile service components that are built into Exchange Server 2003. These
components enable mobile users to browse Exchange information, in addition
to synchronizing calendar, contact, and inbox information.
What Is Exchange Exchange ActiveSync is a service provided in Exchange Server 2003 that allows
ActiveSync? users to synchronize their Exchange information (inbox, subfolders, calendar,
contacts, and tasks) with their ActiveSync-enabled mobile device (such as
Pocket PC 2002, Smartphone 2002 and Microsoft® Windows Mobile™ 2003
devices).
The two types of client initiated remote synchronizations supported by
Exchange ActiveSync are:
Manual end-user driven. Allows users of mobile devices to perform a
manual synchronization.
Scheduled. Allows users of mobile devices to schedule synchronization.
How do up-to-date After a user completes the first successful synchronization from the Pocket PC,
notifications work? the device is automatically populated with the user’s mailbox folder tree,
exposing all mailbox folders available for synchronization. Each folder can be
selected for an up-to-date notification. After a folder is chosen for an up-to-date
notification, an event is set on the folder, which looks for new e-mail to be
delivered to the folder. When the new e-mail arrives, an event runs inside the
Exchange server mailbox store and creates a Simple Mail Transfer Protocol
(SMTP) notification. When the notification on the device is received (devices
receive notifications, based on the network type, the notification could be as a
Short Message Service–based message), the device will start an Exchange
ActiveSync session, enabling the device to become up to date. All this occurs
without waking the device.
What Is Outlook Mobile Outlook Mobile Access is a service provided in Exchange Server 2003 that
Access? allows your users to access their Exchange mailbox by using a browser-enabled
mobile device. Devices such as mobile phones and PDAs that use Extensible
Hypertext Markup Language (XHTML), compact HTML (cHTML), or
standard HTML browsers allow your users to connect to their inbox, calendar,
contacts, tasks, and perform global address list (GAL) searches. In addition to
mobile phones, Windows Mobile devices using Microsoft Pocket Internet
Explorer and desktop personal computers using Microsoft® Internet Explorer
6.0 or later also support Outlook Mobile Access.
Note If your Exchange server has Device Update 2 installed (the default),
Internet Explorer 6.0 will work but it will receive the following error message
“The device type you are using is not supported. Press OK to continue.”
Compatibility with If you have previously used Microsoft Mobile Information Server 2001
Microsoft Mobile Enterprise Edition or Microsoft Mobile Information Server 2002 Enterprise
Information Server Edition to provide mobile access to your users, you need to be aware of the
following compatibility issues with Exchange Server 2003 mobile components
to determine the requirements for co-existence:
Mobile Information Server can communicate with Microsoft® Exchange 5.5
mailbox servers to provide Outlook Mobile Access (real-time browse
access) and with Microsoft® Exchange Server 2000 mailbox servers to
provide Exchange ActiveSync and Outlook Mobile Access support for
browsing and new e-mail notifications.
Microsoft® Exchange Server 2003 mobile components can only
communicate with Exchange Server 2003 mailbox servers to provide
Exchange ActiveSync and Outlook Mobile Access.
Integrating Exchange Mobile Information Server can be installed in an ‘ActiveSync-only’
2003 with Mobile configuration. When installed in this manner, Mobile Information Server does
Information Server 2002 not require an Active Directory® schema change or any complicated auxiliary
forest topologies.
The recommended path for customers that want mobility on Exchange 2000
and want to ensure they will have a good migration path to Exchange 2003 is to
install Mobile Information Server in the ‘ActiveSync only’ configuration for
Exchange 2000. Then the same devices, PPC Phone and Smartphone, will work
with Exchange 2003 when they migrate. Then they do not have to be concerned
Module 11: Server Activesync 5
with a complex Active Directory schema change and auxiliary forest scenarios
pertinent to Mobile Information Server. Of course, this means they will not get
the browse and push features of Mobile Information Server. But past experience
shows Exchange ActiveSync is usually the feature driving Mobile Information
Server deployments.
In summary:
Mobile Information Server has not been tested against Exchange 2003
mailboxes. Using Mobile Information Server mobile browse or Mobile
Information Server ActiveSync against Exchange 2003 mailboxes is not a
supported scenario.
Coexistence: Mobile Information Server (browse, push and sync) used
against Exchange 2000 mailboxes can co-exist in the same environment as
Exchange 2003 Outlook Mobile Access and Exchange ActiveSync used
against Exchange 2003 mailboxes. Exchange 2003 does not reuse the Active
Directory attributes used by Mobile Information Server, and so they do not
conflict. For exact details about what Active Directory attributes are used by
Exchange 2003 Mobility, see the documentation that will be available by
launch.
If a customer wants to use Mobile Information Server for some users and
Exchange 2003 mobility for others, then using separate name spaces for
each is best.
Mobile Information Server /Exchange 2000 users URL = mis.corp.com
Exchange 2003 users URL = oma.corp.com
To configure Outlook The following table lists object properties available to access Exchange through
Mobile Access Outlook Mobile Access.
Object property Description
Enable Outlook Mobile This feature allows users to use mobile devices such as
Access a Windows Mobile powered device, an iMode device,
or any XHTML–compatible mobile phone to access
their e-mail, contacts, calendar, and tasks.
Enable unsupported This feature provides mobile access to Exchange Server
devices from devices that are not supported, such as Wireless
Application Protocol (WAP) 1.0 mobile phones. These
unsupported devices may have unexpected results when
using Outlook Mobile Access.
To configure a user 1. In Active Directory Users and Computers, navigate to a user and right-click
Properties.
2. On the Exchange Features tab on the user’s properties, choose from the
appropriate Mobile Services Options.
Module 11: Server Activesync 9
Introduction This lesson explains provides a general overview of Exchange ActiveSync and
some known issues.
Lesson objectives After completing this lesson, you will:
Have a basic understanding of how Exchange ActiveSync works and be
familiar with known issues.
10 Module 11: Server Activesync
General Overview
Overview Exchange ActiveSync allows you to synchronize data between your mobile
device and Exchange Server 2003. E-mail, contacts and calendar information
(PIM data) can be synchronized with the Exchange Server. This feature was
previously available through Mobile Information Server and was referred to as
Microsoft Exchange ActiveSync. It has now been integrated with Exchange
Server 2003.
With Mobile Information Server, devices running Microsoft® Windows®
Powered Pocket PC 2002, Microsoft Windows Powered Pocket PC 2002 Phone
Edition, and Microsoft Windows Powered Smartphone had the Exchange
ActiveSync client component installed and were supported.
With Exchange ActiveSync, devices running Pocket PC 2002, Pocket Phone
Edition and Smartphone are still supported. In addition, Microsoft Windows
Powered Pocket PC 2003 devices are supported. Pocket PC 2003 devices allow
more granularity in scheduling sync and also support the Always Up To Date
functionality that is introduced in Exchange Server 2003.
All users are enabled by default. The Exchange administrator can globally
disable sync for all users. This is configurable in Exchange System manager
under Global Settings/Mobile Services.
Files installed with The following files are installed into Exchsrvr\bin folder:
Exchange ActiveSync
Massync.dll - Outlook Mobile Access Sync ISAPI extension DLL
Masperf.dll - Outlook Mobile Access Sync Performance Counter DLL
MasPerf.ini - Outlook Mobile Access Sync Performance Counter INI
Masperf.h - Outlook Mobile Sync Performance Counter header
Exchsrvr\OMA\Sync is a blank folder so if someone tries to gain access to the
sync folder, it is mapped to a folder that does not give access to all of the
Exchange files.
Module 11: Server Activesync 11
Builds Exchange ActiveSync started life with Mobile Information Server 2002. Here
are the build numbers:
1806 Mobile Information Server 2002
2105 Mobile Information Server 2002 (NexusJ hotfix)
3274 Exchange 2003
Known Issues
Note If you have Secure Sockets Layer (SSL) and Forms Based Authentication
or are using the ExchangeVdir you need to exclude these from the SharePoint
Portal Server managed paths, too.
SSL and Forms Based Again like SharePoint Portal Server, this breaks Exchange ActiveSync. This
Authentication KB will help:
817379 Cannot Access Exchange Server 2003 by Using Outlook Mobile
Access When the Exchange Virtual Directory Requires SSL or Uses Forms-
Based Authentication
OR
822177 "Unable to Connect to Your Mailbox on Server <ServerName>" Error
Message and an Event ID 1805 Message Occur When You Try to Access
Outlook Mobile Access
ExchangeVdir By default, Exchange ActiveSync uses the /Exchange virtual directory to access
the users mailbox; it can only use a non-SSL connection with Kerberos
authentication. To change the virtual directory that Exchange ActiveSync uses,
there is a registry key
(HKLM\System\CurrentControlSet\Services\MasSync\Parameters\ExchangeV
Dir) that can be set to another virtual directory.
This setting affects both Outlook Mobile Access and Exchange ActiveSync and
is only available in the Exchange 2003 version of Exchange ActiveSync. There
Module 11: Server Activesync 13
are KB articles (817379/822177) that describe how to use this setting; this KB
only mentions Outlook Mobile Access but the same thing applies to Exchange
ActiveSync.
In order for Exchange ActiveSyncto work, Kerberos authentication has to be
enabled on the ExchangeVDir, make sure AuthFlags includes AuthNTLM and
that NTAuthenticationProviders includes Negotiate.
Microsoft® Windows This is a problem where IIS authentication using Kerberos fails every 30 days
2000® Service Pack 3 (depending on domain configuration); restarting the IIS Admin service on the
(SP3) Kerberos issue Exchange server fixes this problem. To verify if this is the problem, use a
Microsoft® Windows® XP machine in the same domain as the Exchange server.
Enable Kerberos logging in LSASS on the Windows XP machine (registry files
available on \\towelie\share), restart the machine and then try to access Outlook
Web Access on the Exchange server. It should fail to logon and a lsass.log will
be located in \Windows on the Windows XP machine.
SP3 Hotfix available, SP4 includes this one:
Q329938 is inaccurate; this problem can happen to non-clustered systems
running Exchange 2000 as well.
ISA/General Proxy Issue There is a bug in Internet Security and Acceleration Server (ISA) release to
manufacturing (RTM) where it reuses HTTP connection (including the
authentication). This only happens if the SSL connection is terminated on or
before the ISA server and then forwarded to the Exchange ActiveSync server as
regular HTTP. If this happens, users may get other users’ mailbox contents
when synchronizing.
This can happen on non-ISA proxies which reuse HTTP connections as well.
URLScan URLScan for IIS 5 with the Exchange template blocks some verbs used by
MSAS, check the URLScan.log to see if anything has been blocked.
Write access to TEMP Exchange ActiveSyncmay uses the %TMP% folder (usually Winnt\Temp) for
folder storing temporary files. When using SmartForwarding command the HTTP
request might get to large to handle in memory (undefined size, was around 90
kb on this writer’s system and 40-50 kb on customer’s system), this file is
written using the impersonated user account of the user synchronizing, if the
user is not able to write to the TMP folder the SmartForward will fail and no
error will be logged. The mail will be forwarded without attachments may
affect other commands as well.
Note Exchange ActiveSync uses the %TMP% environment variable to find the
temporary directory.
Note This problem has been seen on Mobile Information Server 2002; not sure
if it can happen on Exchange 2003.
Certificates KB Q308205 lists default trusted root certification authorities (CAs). If the
certificate has not been issued by one of these, the customer will have to install
the certificate on the PocketPC. There is a tool called Disable Certification
Verification available for download on the Exchange Web site, this disables all
14 Module 11: Server Activesync
Introduction This lesson explains what happens under GUI, and covers a number of subjects
in-depth. These include:
Overview
Sync Client Architecture
Object Management on the device
Sync Protocol Version
Sync Protocol Negotiation
SSL requirement
Synchronization and DAV Replication
Some of the topics may not be covered by the instructor, but are there for your
reference.
Module 11: Server Activesync 17
Note If you get proxy errors, look in IIS logs to see if IIS even received the
request.
Step 3 DSAccess is used for Active Directory caching (shared with other
components), detecting the domain topology.
• Look for DSAccess errors in logs for Active Directory problems.
• You only read from the directory, no writes.
User’s display name, e-mail address, back-end server name, version of the
back-end.
User and global wireless enable flags; otherwise HTTP 403.
DSAccess forces us to run in the local system account, member of Exchange
Domain Servers, member of Exchange Enterprise Servers account.
IIS 5 must run in process
IIS 6 can run in the Exchange Application pool which is already configured
Front End to Back End Mailbox name computed from the Left Hand Side (LHS) of user’s primary
SMTP address.
Authentication is Windows Integrated
• Kerberos if available, fall back to NTLM otherwise.
• All I/O done on user’s behalf.
Exchange ActiveSync is stateless
• State on back-end.
• No support for SSL to back-end, recommending Internet Protocol
Security (IPSec) for secure communications.
Module 11: Server Activesync 19
3. The sync server creates a response and sends it to the client as an HTTPS
POST response.
4. The client processes the response and, if necessary, updates the local
Personal Information Manager (PIM) data.
The following steps occur when the client sends a Sync command:
1. The client identifies any changes made to local Personal Information
Manager (PIM) data since the last sync.
2. The client creates a Sync command containing these changes.
3. The client sends the command to the sync server as an HTTPS POST.
4. The sync server identifies changes made to data on the server since the last
sync, communicating with the Exchange back-end server to access the
user’s data.
5. The sync server resolves any conflicts between changes made to items on
the client and on the server.
6. The sync server creates a response containing server changes to be
replicated on the client.
7. The sync server sends the response as an HTTPS POST response.
The client processes the response and updates the local Personal Information
Manager (PIM) data.
Module 11: Server Activesync 21
PIM data is stored in PIM data is stored in “collections” - one for contacts, one for calendar, and one
“collections” for each e-mail folder. The sync protocol supports syncing multiple e-mail
folders.
Sync Key for each For each collection, the client software stores a SyncKey, which contains 39-48
collection characters, 38 for the globally unique identifier (GUID), and 1-10 for the
incrementing number. The client also stores a CollectionId, which is a string
around 40 characters for each folder as a unique identifier for the folder. The
client sends the SyncKey to the server with each sync request.
Each Object has a Each object that is synced – message, contact or calendar item – has a unique
unique identifier identifier assigned by the server. This ServerId is a 48-character string that is
stored by the client. The identifier is used during sync to identify objects that
are stored on both the client and server.
22 Module 11: Server Activesync
Exchange ActiveSync requires that the client and the server use the same
protocol version.
Mobile Information Server uses the AirSync Protocol v1.0 for Exchange
ActiveSync. Exchange Server 2003 uses the new and improved AirSync
protocol v2.0 for Exchange ActiveSync, but also supports AirSync protocol
v1.0 for backward compatibility.
Server Protocols Supported
Pocket PC 2002 client uses AirSync protocol v1.0 for Exchange ActiveSync. It
can be used against MIS and Exchange Server 2003 using v1.0.
Pocket PC 2003 client supports v1.0 and v2.0 protocols. It can negotiate the
protocol to be used.
Device Protocols Supported
Therefore Pocket PC 2002 and Pocket 2003 devices can be used against Mobile
Information Server and Exchange 2003.
Server Devices Supported
Pocket PC 2002 The Exchange ActiveSync client on a PocketPC 2002 device is hard coded to
use Secure Sockets Layer (SSL). Therefore, an SSL certificate should be
installed on Exchange 2003 server or the Exchange 2003 front-end server to
terminate the SSL connection, unless the SSL session is terminated before it
reaches the Exchange server.
The Exchange ActiveSync client on Pocket PC 2002 also does certificate
validation. The following is a list of root certificates installed by default on
PocketPC 2002 devices:
Verisign/RSA Secure Server
Verisign Class 1 Public Primary certification authority (CA)
Verisign Class 2 Public Primary CA
Verisign Class 3 Public Primary CA
Verisign Class 3 Public Primary CA (2028)
GTE Cybertrust ROOT
GTE Cybertrust Solutions ROOT
Thawte Server CA
Thawte Premium Server CA
Entrust.net Secure Server
Entrust.net CA (2048 bit)
If you are using a certificate that is not signed by a CA listed above or not
trusted on the PocketPC 2002, you can either use the Addrootcert utility to add
your cert to the list of trusted root certificates or you can disable certificate
validation on the device by using a CAB file provided on the Microsoft Mobile
Information Server 2002 CD for PPC 2002 or certchk for PPC 2003 available in
the Exchange 2003 Web Releases.
26 Module 11: Server Activesync
See the readme that is provided with the CAB file for more information. Using
the CAB file does not remove the requirement for a certificate. It simply
disables certificate validation by changing a registry setting on the device.
To do this manually, use a registry editor on the device and navigate to:
HKEY_CURRENT_USER\Software\Microsoft\AirSync\Connection.
Choose New DWORD, type "Secure" for value name and 0 for
value data.
Pocket PC 2003 The Server ActiveSync client on a PocketPC 2003 does not require SSL. There
is a checkbox on the client “This server uses secure connections (SSL)” to
enable SSL. It is highly recommended that SSL be used to secure
communications. If SSL is not used, the user’s credentials are sent in clear text
across the wire, and this is clearly not a desirable option.
With Sync protocol v1.0, a typical sync session includes the following
commands.
GetHierarchy The GetHierarchy command is used to retrieve the entire hierarchy of folders.
GetItemEstimate GetItemEstimate is used by the client to get an estimate of the number of items
that need to be synchronized. The client passes a list of folders for which it
wants an estimate. This estimate facilitates the progress bar display on the
device.
Sync Sync command had other commands embedded within it (Add, Change, etc).
Sync protocol version 2.0 adds support for Folder sync and Up To Date.
Sync Command Format Protocol commands are sent using the HTTP POST mechanism. Some simple
commands are contained entirely in the client request Universal Resource
Indicator (URI), and more complex commands use the HTTP Body to convey
further information about the command.
A sync session may consist of multiple commands. In this case, the session will
be made up of multiple pairs of command requests and responses sent back and
forth between the client and server.
There are three parts to a request:
28 Module 11: Server Activesync
URI The HTTP Universal Resource Indicator. This part includes the
server address and several parameters, including the command
name.
HTTP Header Additional parameters used by the server are transmitted in
standard HTTP format.
HTTP Body Data needed by the command. The format varies by command,
and some commands have no body.
The parameters such as Cmd, User, and DeviceId are sent by the client with
each request. The most important parameter is the Cmd parameter, which
indicates to the server what operation it should perform. In this example, the
Sync argument passed in the Cmd parameter indicates to the server that a sync
operation should be performed. Additional data is contained in the HTTP POST
body.
Header In addition to the URI, the client also sends some general information in the
HTTP Header. The following example shows the entire HTTP POST request
Header, along with the URI:
POST Microsoft-Server-ActiveSync?User=johndoe&
DeviceId=789123456789012345&DeviceType=PocketPC&Cmd=Sync
Accept-Language: en-us
MS-ASProtocolVersion: 2.0
Content-Type: application/vnd.ms-sync.wbxml
The server responds with some general information in the Header. The
following entry contains the HTTP POST response Header:
HTTP/1.1 200 OK
Content-Length: 114
Date: Sat, 26 Apr 2003 23:46:17 GMT
Content-Type: application/vnd.ms-sync.wbxml
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Pragma: no-cache
MS-Server-ActiveSync: 2.0.3273.0
Body The request body contains data sent to the server. The type and format of the
data varies by command. The most common format is XML, and the details
depend on the command. Commands that send e-mail messages use RFC 822
format rather than XML. Some commands do not require extra data, so the
body is empty.
The response body contains data returned from the server. As with the request
body, the format varies by command. Usually it is in WBXML format. When
the body contains an e-mail attachment, the format depends on the type of the
attachment file. Some commands do not use the body.
Module 11: Server Activesync 29
Sync Command This section shows an example of a sync request from a client, and the
matching sync response that a server might return.
The example sync request contains those contacts that have been added,
deleted, or changed on the client. The request also asks the server to respond
with any contacts that have been changed there and specifies the number of
items to return.
In the example sync response, the server indicates the success of the requested
add, delete, and change operations and returns a list of its own adds, deletes,
and changes. It also notifies the client that there are more items remaining to be
synchronized.
For more information on sync requests from clients see Module 11 Appendix
B.
30 Module 11: Server Activesync
Definitions
Resource A resource is an object in the namespace that is referred to by a URI. Resources
include documents, collections, etc.
Repl-uid A repl-uid is a universally unique identifier that identifies a DAV resource. The
value of this property is a URI
Module 11: Server Activesync 31
Manifest of a collection A manifest of a collection is the list of changes for a collection that is provided
by the server to the client. The client obtains the manifest using the Search
method.
CollBlob A CollBlob is an opaque binary stream generated by the server that represents
the state of the contents of a collection. CollBlob is an XML element.
The CollBlob contains information about all the changes that the client has seen
in the collection’s contents and the query specified in the manifest request. The
CollBlob tracks only resources that match the search criteria specified as part of
the query in the manifest request.
The server returns the CollBlob data in the CollBlob XML element in response
to the client’s request for the manifest. On the other hand, if the client has
previously obtained a CollBlob for a collection, then the client includes the old
CollBlob in the CollBlob XML element as part of the manifest request for the
collection.
resourcetag A resourcetag is a token generated by the server that represents the current state
of a DAV resource (depth=0). The value of this property is a URI. Every time a
resource’s properties or contents change, the resourcetag associated with that
particular resource is updated.
resourcetaglist A resourcetaglist is a container for the client to use to include the list of
resourcetags when requesting the manifest of a collection from the server.
repl The repl is a XML Element that is a generic container for properties defined in
the replication namespace http://schemas.microsoft.com/repl related to the
resource.
32 Module 11: Server Activesync
Lesson 4: Troubleshooting
Introduction This lesson will look at a number of troubleshooting tips, tricks, and techniques
that will help you discover what is causing Exchange ActiveSync to fail and
how to fix it
Module 11: Server Activesync 33
Troubleshooting: General
With all issues, it would pay to make sure that Exchange ActiveSync is
configured correctly. In the following section we will discover some
troubleshooting steps for Exchange ActiveSync browse
Things to Try Exchange ActiveSync needs Outlook Web Access to work. The initial checks
should be to ensure the Global Setting for Exchange ActiveSync is enabled,
followed by ensuring the User has User Initiated Synchronization enabled as
well.
Next check that Outlook Web Access works using Internet Explorer. Connect to
the following Web pages:
http://<Exchange2003-backend>/exchange
http://<Exchange2003-frontend>/exchange
Next check that Outlook Mobile Access works, but using Internet Explorer.
Connect to the following Web pages:
http://<Exchange2003-backend>/oma
http://<Exchange2003-frontend>/oma
Next check what happens when you connect to the following Web page:
https://<exchange2003-frontend >/Microsoft-server-activesync
http://<exchange2003-frontend >/Microsoft-server-activesync
If you see the above error with HTTP and but not with HTTPS then it could be
a certificate issue.
330461 330461 HOW TO: Troubleshoot Exchange ActiveSync
Summary
This article discusses some basic troubleshooting steps that you can take to
determine the cause of synchronization failure between your PocketPC device
and a Microsoft Exchange server.
Synchronization Errors
When you synchronize your PocketPC device with an Exchange server, you
may receive error messages on your device. These error messages provide basic
information about the problem that you are encountering.
Several error messages may appear either on the PocketPC device or in the
NexTags log file. These error messages fall in one of the following categories:
CONNMGR_errorcode: Connection Manager Error
DEV_errorcode: This error code indicates that the error is from the Server
ActiveSync client update on the device (from the synchronization ROM on
the device).
HTTP_errorcode: Standard HTTP error (Internet related)
INTERNET_errorcode: Standard WinInet error (Internet related).
MIS_errorcode: This error code indicates that the error is from the Mobile
Information Server with the Exchange ActiveSync component installed.
Module 11: Server Activesync 35
Verbose Logging
You can also turn up logging on the device to gather more information for
troubleshooting purposes.
To enable logging on the device:
1. Click Start, point to Programs, and then click ActiveSync.
2. Click Tools, click Options, click Server, and then click Advanced.
3. Minimize the keyboard.
4. Change the logging level to "Verbose".
5. Close the Options dialog box.
The log is saved in text format in the Windows\ActiveSync folder.
The log file is cleared at the beginning of each synchronization session. To
retain the log file, copy or rename the log file before you start another
synchronization session. To copy the log file:
1. Synchronize your PocketPC device with the server. If the synchronization
fails, synchronize until the point of failure.
2. Disconnect your PocketPC device to prevent the log file from being
overwritten if an automatic synchronization is scheduled.
3. In Windows Explorer, expand My Device, expand Windows, and then
locate the log file that is in the ActiveSync folder.
4. Rename the log file.
Note For additional information about how to use Wfetch.exe, view the article
in the Microsoft Knowledge Base: KBLink:284285.KB.EN-US: HOW TO: Use
Wfetch.exe to Troubleshoot HTTP Connections.
The value for “Number of Logs” can be changed from the default of 1.
NexTags With Mobile Information Server 2002, NexTags was shipped on the CD and
enabled tracing of the entire sync session. With Exchange ActiveSync,
NexTags will not be shipped with Exchange Server 2003. It will be available to
Microsoft® Product Support Services to use as required.
To troubleshoot Exchange ActiveSync issues, enable all tags except DevMode
in NexTags.
To use NexTags, follow the steps below:
1. Run NexTags.exe on the server running Exchange ActiveSync.
2. On the Options tab, specify a location for the output file in the Trace File
field.
3. Set Trim Percentage to 30%.
4. Set the ‘Limit file size to:’ 10 mb.
5. Leave User Names: blank to capture all users. For individual users, enter
the user's alias or aliases, separated by a semi-colon (;).
6. For Mode, be sure Real Time is unchecked.
7. On the Tags tab, navigate down the whole tree and enable everything.
8. Click Enable Tracing.
9. Click Apply to confirm all settings and OK to exit.
When users specify an attempt to sync, Exchange ActiveSync will output all
logging information to the file specified on the 'Options' tab. This is useful for
troubleshooting and when working with Microsoft Product Support Services to
determine the cause for synchronization failures.
When you have finished, make sure that you click on ‘Disable Tracing’ to stop
NexTags.
Module 11: Server Activesync 41
The NexTags log can be read in conjunction with the IIS logs. A typical sync
session includes a GetHierarchy, GetItemEstimate and Sync.
For example the IIS log on the Exchange ActiveSync server will contain:
2002-01-16 19:52:15 192.168.97.6 lc1\sync2 157.57.157.29 443
POST /MSAS/MasSync.dll
User=sync2&DeviceId=D8000BF46AB950A138000050BF1977E0&DeviceTyp
e=PocketPC&Cmd=GetHierarchy&Log=NAC:0A0C0D0FS:0A0C0D0SP:1C2I13
52S4200R 200
A typical NexTags output will dump the transactions between the device and
Exchange ActiveSync server, and the transactions between the Exchange
ActiveSync server and the Exchange server.
The NexTags output corresponding to the entries in the IIS log as stated above
would be:
Dump of client message request for GetHierarchy
HTTP Request from Exchange ActiveSync to Exchange
HTTP Response from Exchange to Exchange ActiveSync
Dump of client message response
Dump of client message request for GetItemEstimate
HTTP Request from Exchange ActiveSync to Exchange
HTTP Response from Exchange to Exchange ActiveSync
Dump of client message response
Dump of client message request for Sync
HTTP Request from Exchange ActiveSync to Exchange
HTTP Response from Exchange to Exchange ActiveSync
Dump of client message response
InitServerManifestReque In the NexTags log, the InitServerManifestRequest function identifies the
st request to fetch the manifest of a collection. The following guidelines are used
in fetching the manifest of a collection.
A manifest of a collection is the list of changes in the collection that is provided
by the server to the client. The client obtains the manifest using the SEARCH
method.
42 Module 11: Server Activesync
If the client has never fetched the manifest of a collection, then the client
performs the following steps in order to fetch the manifest from the server:
Use the SEARCH method.
Include the searchrequest XML element in the SEARCH body.
Include the repl XML element within the searchrequest XML element.
Include the collblob XML tag, to request for the manifest.
Include the sql XML element to specify the criteria that the server must
evaluate in order to provide the appropriate manifest. The query specified in the
sql XML element will be associated by the server with the collblob and hence
cannot be changed for the lifetime of the collblob except for the columns or
properties list.
Send the completed request to the server.
In response to the request, the server provides the following in its response:
Multi-Status response for SEARCH
A repl XML element that has the collblob XML element within it. The
collblob XML element includes the opaque collblob binary stream. The server
associates the sql query provided in the SEARCH request with the collblob.
For each change that matches the criteria given by the client in the SEARCH
request, the server includes the change in a response XML element. The
response XML element includes:
href that identifies the resource
prop XML element that includes all the properties that the client requested for.
changetype XML element that describes the type of the change,ex change or
delete.
If the client has fetched the manifest of a collection previously, then the client
will perform the steps listed above with one change. It will include the
previously obtained collblob for the collection in collblob XML element in
order to request for the updated manifest.
The server provides the updated collblob.
Module 11: Server Activesync 43
The following pages go over a number of scenarios and look at the output
created in the NexTags logs
SCENARIO 1 NexTags log for an e-mail sync session where there are no changes:
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH to get the Manifest
01/14/02 18:30:41 Dump of HTTP request.
PROPFIND /exchange/sync1/ HTTP/1.1
Host: VANITHP1
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:d="urn:schemas:httpmail:" xmlns:c="xml:"
xmlns:e="urn:schemas-microsoft-com:office:office"
xmlns:a="DAV:">
<a:response>
<a:href>http://VANITHP1/exchange/sync1/</a:href>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<d:inbox>http://VANITHP1/exchange/sync1/Inbox</d:inbox>
<d:drafts>http://VANITHP1/exchange/sync1/Drafts</d:drafts>
<d:deleteditems>http://VANITHP1/exchange/sync1/Deleted%20Ite
ms</d:deleteditems>
<d:sentitems>http://VANITHP1/exchange/sync1/Sent%20Items</d:
sentitems>
<d:outbox>http://VANITHP1/exchange/sync1/Outbox</d:outbox>
<d:tasks>http://VANITHP1/exchange/sync1/Tasks</d:tasks>
<d:calendar>http://VANITHP1/exchange/sync1/Calendar</d:calen
dar>
<d:contacts>http://VANITHP1/exchange/sync1/Contacts</d:conta
cts>
<d:notes>http://VANITHP1/exchange/sync1/Notes</d:notes>
<d:sendmsg>http://VANITHP1/exchange/sync1/%23%23DavMailSubmi
ssionURI%23%23/</d:sendmsg>
<d:journal>http://VANITHP1/exchange/sync1/Journal</d:journal
>
</a:prop>
</a:propstat>
</a:response>
</a:multistatus>
Module 11: Server Activesync 45
<a:href>http://VANITHP1/exchange/sync1/Deleted%20Items/</a:h
ref>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<a:hassubs b:dt="boolean">0</a:hassubs>
<a:displayname>Deleted Items</a:displayname>
<d:permanenturl>http://VANITHP1/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-
5778</d:permanenturl>
<a:href>http://VANITHP1/exchange/sync1/Deleted%20Items/</a:h
ref>
</a:prop>
</a:propstat>
</a:response>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Drafts/</a:href>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<a:hassubs b:dt="boolean">0</a:hassubs>
<a:displayname>Drafts</a:displayname>
<d:permanenturl>http://VANITHP1/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-
4e50</d:permanenturl>
<a:href>http://VANITHP1/exchange/sync1/Drafts/</a:href>
</a:prop>
</a:propstat>
</a:response>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Inbox/</a:href>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<a:hassubs b:dt="boolean">0</a:hassubs>
<a:displayname>Inbox</a:displayname>
Module 11: Server Activesync 47
<d:permanenturl>http://VANITHP1/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-
5775</d:permanenturl>
<a:href>http://VANITHP1/exchange/sync1/Inbox/</a:href>
</a:prop>
</a:propstat>
</a:response>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Outbox/</a:href>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<a:hassubs b:dt="boolean">0</a:hassubs>
<a:displayname>Outbox</a:displayname>
<d:permanenturl>http://VANITHP1/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-
5776</d:permanenturl>
<a:href>http://VANITHP1/exchange/sync1/Outbox/</a:href>
</a:prop>
</a:propstat>
</a:response>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Sent%20Items/</a:href
>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<a:hassubs b:dt="boolean">0</a:hassubs>
<a:displayname>Sent Items</a:displayname>
<d:permanenturl>http://VANITHP1/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-
5777</d:permanenturl>
<a:href>http://VANITHP1/exchange/sync1/Sent%20Items/</a:href
>
</a:prop>
</a:propstat>
</a:response>
</a:multistatus>
In the above response, you can observe use of flat URLs (the long IDs) instead
of the normal named URLs (/exchange/sync1/inbox) because the user could
rename a folder or mail message. For ex. the flat URL for
http://VANITHP1/exchange/sync1/Inbox/ is:
80e4d0981f339e40a418e03fc924986e-5775.
48 Module 11: Server Activesync
Next you issue a GET command. The Exchange ActiveSync server does not
store any sync profile information for the users. The sync state is stored within
a hidden folder in the user’s mailbox on the Exchange server. The folder is
Microsoft-Server-ActiveSync within the non_ipm_subtree. For ex. the sync
profile for user sync1 is PocketPC/D8000BF46AB950A138000050BF1977E0.
This can be viewed using the PROFLCLN tool.
In the GET command below, the first long ID corresponds to the sync profile
and the second long ID corresponds to the flat URL for Inbox.
01/14/02 18:30:43 Dump of HTTP request.
GET /exchange/sync1/NON_IPM_SUBTREE/Microsoft-Server-
ActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80
e4d0981f339e40a418e03fc924986e-5775 HTTP/1.1
Host: VANITHP1
<D:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA
AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=</D:collblob> </D:repl>
<sql>SELECT "http://schemas.microsoft.com/repl/repl-uid"
FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"') </sql>
</searchrequest>
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:c="xml:" xmlns:e="urn:schemas-microsoft-
com:office:office"
xmlns:d="http://schemas.microsoft.com/repl/" xmlns:a="DAV:">
<d:repl>
<d:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA
AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=</d:collblob>
</d:repl>
</a:multistatus>
SCENARIO 2 NexTags log for an e-mail sync session where there is one email to be
synchronized to the device.
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH with Collblob.
A response is returned with the e-mail message.
GET (same as step 3)
50 Module 11: Server Activesync
SEARCH (Note that the SQL XML element query is different here. Details
of the message are requested. From, To, Body text, attachment information
etc). The SEARCH response returns this information.
PUT. The new sync profile is written.
Steps 1 through 3 are the same as in Scenario 1. Now look at step 4 onward.
In Scenario 1, there were no e-mail items to be returned. In Scenario 2, one e-
mail item is returned. For this e-mail item, the HTTP Response contains the
href that identifies the resource, the prop XML element that includes all the
properties that the client requested for, changetype XML element that
describes the type of the change.
01/14/02 20:52:21 Dump of HTTP request.
SEARCH /exchange/sync1/ HTTP/1.1
Host: VANITHP1
User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0
Brief: t
Accept-Language: en-us
Content-Type: text/xml
Content-Length: 702
Connection: Keep-Alive
<D:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA
AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=</D:collblob>
</D:repl>
<sql>SELECT "http://schemas.microsoft.com/repl/repl-uid"
FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"') </sql>
</searchrequest>
Module 11: Server Activesync 51
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:c="xml:" xmlns:e="urn:schemas-microsoft-
com:office:office"
xmlns:d="http://schemas.microsoft.com/repl/" xmlns:a="DAV:">
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Inbox/test%20message%
20%232.EML</a:href>
<d:changetype>change</d:changetype>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<d:repl-
uid>rid:80e4d0981f339e40a418e03fc924986e000000005bc0</d:repl-
uid>
</a:prop>
</a:propstat>
</a:response>
<d:repl>
<d:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARyuUAABAAUAAA
AAW1K8wFAAAQAEAAAAAFIAAV+/UAA=</d:collblob>
</d:repl>
</a:multistatus>
<D:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA
AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=</D:collblob>
</D:repl>
Module 11: Server Activesync 53
<sql>SELECT
"http://schemas.microsoft.com/repl/resourcetag","http://schema
s.microsoft.com/repl/repl-
uid","DAV:ishidden","DAV:isfolder","urn:schemas:mailheader:to"
,"urn:schemas:mailheader:cc","urn:schemas:mailheader:from","ur
n:schemas:mailheader:subject","urn:schemas:mailheader:reply-
to","urn:schemas:httpmail:datereceived","urn:schemas:httpmail:
displayto","urn:schemas:mailheader:thread-
topic","urn:schemas:httpmail:importance","urn:schemas:httpmail
:read","urn:schemas:httpmail:hasattachment","urn:schemas:httpm
ail:textdescription","http://schemas.microsoft.com/exchange/ou
tlookmessageclass","urn:schemas:calendar:alldayevent","urn:sch
emas-microsoft-
com:office:office#Keywords","urn:schemas:calendar:dtstart","ur
n:schemas:calendar:dtstamp","urn:schemas:calendar:dtend","urn:
schemas:calendar:instancetype","urn:schemas:calendar:location"
,"urn:schemas:calendar:organizer","urn:schemas:calendar:recurr
enceid","urn:schemas:calendar:reminderoffset","urn:schemas:cal
endar:responserequested","urn:schemas:calendar:rrule","http://
schemas.microsoft.com/exchange/sensitivity","http://schemas.mi
crosoft.com/mapi/intendedbusystatus","http://schemas.microsoft
.com/mapi/timezonestruct","http://schemas.microsoft.com/mapi/g
lobal_objid" FROM Scope('SHALLOW TRAVERSAL OF
"/exchange/sync1/-FlatUrlSpace-
/80e4d0981f339e40a418e03fc924986e-5775"') </sql>
</searchrequest>
54 Module 11: Server Activesync
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:j="http://schemas.microsoft.com/mapi/"
xmlns:f="urn:schemas:httpmail:"
xmlns:e="urn:schemas:mailheader:" xmlns:c="xml:"
xmlns:g="http://schemas.microsoft.com/exchange/"
xmlns:i="urn:schemas-microsoft-com:office:office"
xmlns:d="http://schemas.microsoft.com/repl/"
xmlns:h="urn:schemas:calendar:" xmlns:a="DAV:">
<a:contentrange>0-99</a:contentrange>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Inbox/test%20message%
20%232.EML</a:href>
<d:changetype>change</d:changetype>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<d:resourcetag>rt:80e4d0981f339e40a418e03fc924986e000000005b
c080e4d0981f339e40a418e03fc924986e000000011cae</d:resourcetag>
<d:repl-
uid>rid:80e4d0981f339e40a418e03fc924986e000000005bc0</d:repl-
uid>
<a:ishidden b:dt="boolean">0</a:ishidden>
<a:isfolder b:dt="boolean">0</a:isfolder>
<e:to>"sync1" <sync1@lc1.com></e:to>
<e:from>"sync1"
<sync1@lc1.com></e:from>
<e:subject>test message #2</e:subject>
<f:datereceived b:dt="dateTime.tz">2002-01-
14T20:51:46.116Z</f:datereceived>
<f:displayto>sync1</f:displayto>
<e:thread-topic>test message #2</e:thread-
topic>
<f:importance b:dt="int">1</f:importance>
<f:read b:dt="boolean">0</f:read>
<f:hasattachment
b:dt="boolean">0</f:hasattachment>
<f:textdescription>test
</f:textdescription>
<g:outlookmessageclass>IPM.Note</g:outlookmessageclass>
<h:organizer>"sync1"
<sync1@lc1.com></h:organizer>
Module 11: Server Activesync 55
<g:sensitivity b:dt="int">0</g:sensitivity>
</a:prop>
</a:propstat>
</a:response>
<d:repl>
<d:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARyuUAABAAUAAA
AAW1K8wFAAAQAEAAAAAFIAAV+/UAA=</d:collblob>
</d:repl>
</a:multistatus>
SCENARIO 3 NexTags log for an e-mail sync session where one mail message is composed
and sent from the device:
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH with Collblob.
PROPFIND – The client sends a sendmsg request. Response contains the
DAV Mail Submission URI.
POST. The client posts a message.
GET (same as step 3)
SEARCH - The SEARCH response returns information on the new message
(in this case the message was posted to self).
PUT writes the new sync profile information.
Steps 1 through 3 are the same as in Scenario 1. Now look at Step 4 onward.
56 Module 11: Server Activesync
<D:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA
AAW1K8yVAAAQADAAAAUgAAAQElNlAA</D:collblob>
</D:repl>
<sql>SELECT "http://schemas.microsoft.com/repl/repl-uid"
FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/-
FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"') </sql>
</searchrequest>
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:c="xml:" xmlns:e="urn:schemas-microsoft-
com:office:office"
xmlns:d="http://schemas.microsoft.com/repl/" xmlns:a="DAV:">
<d:repl>
<d:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA
AAW1K8yVAAAQADAAAAUgAAAQElNlAA</d:collblob>
</d:repl>
</a:multistatus>
Module 11: Server Activesync 57
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:d="urn:schemas:httpmail:" xmlns:c="xml:"
xmlns:e="urn:schemas-microsoft-com:office:office"
xmlns:a="DAV:">
<a:response>
<a:href>http://VANITHP1/exchange/sync1/</a:href>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<d:inbox>http://VANITHP1/exchange/sync1/Inbox</d:inbox>
<d:sendmsg>http://VANITHP1/exchange/sync1/%23%23DavMailSubmi
ssionURI%23%23/</d:sendmsg>
</a:prop>
</a:propstat>
</a:response>
</a:multistatus>
Module 11: Server Activesync 59
<D:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA
AAW1K8yVAAAQADAAAAUgAAAQElNlAA</D:collblob>
</D:repl>
<sql>SELECT
"http://schemas.microsoft.com/repl/resourcetag","http://schema
s.microsoft.com/repl/repl-
uid","DAV:ishidden","DAV:isfolder","urn:schemas:mailheader:to"
,"urn:schemas:mailheader:cc","urn:schemas:mailheader:from","ur
n:schemas:mailheader:subject","urn:schemas:mailheader:reply-
to","urn:schemas:httpmail:datereceived","urn:schemas:httpmail:
displayto","urn:schemas:mailheader:thread-
topic","urn:schemas:httpmail:importance","urn:schemas:httpmail
:read","urn:schemas:httpmail:hasattachment","urn:schemas:httpm
ail:textdescription","http://schemas.microsoft.com/exchange/ou
tlookmessageclass","urn:schemas:calendar:alldayevent","urn:sch
emas-microsoft-
com:office:office#Keywords","urn:schemas:calendar:dtstart","ur
n:schemas:calendar:dtstamp","urn:schemas:calendar:dtend","urn:
schemas:calendar:instancetype","urn:schemas:calendar:location"
,"urn:schemas:calendar:organizer","urn:schemas:calendar:recurr
enceid","urn:schemas:calendar:reminderoffset","urn:schemas:cal
endar:responserequested","urn:schemas:calendar:rrule","http://
schemas.microsoft.com/exchange/sensitivity","http://schemas.mi
crosoft.com/mapi/intendedbusystatus","http://schemas.microsoft
.com/mapi/timezonestruct","http://schemas.microsoft.com/mapi/g
lobal_objid" FROM Scope('SHALLOW TRAVERSAL OF
"/exchange/sync1/-FlatUrlSpace-
/80e4d0981f339e40a418e03fc924986e-5775"') </sql>
</searchrequest>
62 Module 11: Server Activesync
<?xml version="1.0"?>
<a:multistatus xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-
00aa00c14882/" xmlns:j="http://schemas.microsoft.com/mapi/"
xmlns:f="urn:schemas:httpmail:"
xmlns:e="urn:schemas:mailheader:" xmlns:c="xml:"
xmlns:g="http://schemas.microsoft.com/exchange/"
xmlns:i="urn:schemas-microsoft-com:office:office"
xmlns:d="http://schemas.microsoft.com/repl/"
xmlns:h="urn:schemas:calendar:" xmlns:a="DAV:">
<a:contentrange>0-99</a:contentrange>
<a:response>
<a:href>http://VANITHP1/exchange/sync1/Inbox/Abcdef-
2.EML</a:href>
<d:changetype>change</d:changetype>
<a:propstat>
<a:status>HTTP/1.1 200 OK</a:status>
<a:prop>
<d:resourcetag>rt:80e4d0981f339e40a418e03fc924986e000000005b
ca80e4d0981f339e40a418e03fc924986e000000012549</d:resourcetag>
<d:repl-
uid>rid:80e4d0981f339e40a418e03fc924986e000000005bca</d:repl-
uid>
<a:ishidden b:dt="boolean">0</a:ishidden>
<a:isfolder b:dt="boolean">0</a:isfolder>
<e:to><sync1></e:to>
<e:from>"sync1"
<sync1@lc1.com></e:from>
<e:subject>Abcdef</e:subject>
<f:datereceived b:dt="dateTime.tz">2002-01-
16T17:59:46.161Z</f:datereceived>
<f:displayto>sync1</f:displayto>
<f:importance b:dt="int">1</f:importance>
<f:read b:dt="boolean">0</f:read>
<f:hasattachment
b:dt="boolean">0</f:hasattachment>
<f:textdescription>I love my Pocket PC!
</f:textdescription>
<g:outlookmessageclass>IPM.Note</g:outlookmessageclass>
<h:organizer>"sync1"
<sync1@lc1.com></h:organizer>
<g:sensitivity b:dt="int">0</g:sensitivity>
</a:prop>
Module 11: Server Activesync 63
</a:propstat>
</a:response>
<d:repl>
<d:collblob>toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA
DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVJUAABAAUAAA
AAW1K8ylAAAQADAAAAUgAAAQElNlAA</d:collblob>
</d:repl>
</a:multistatus>
Diagnostic Logging to the Event Log is enabled by default. The graphic above
shows two event log entries that you may see.
Module 11: Server Activesync 65
Errors received after a synchronization attempt on the device have error codes
appended to them. These codes help determine the source of the error. They are
of the following types:
DEV_errorcode This error code indicates that the error was from the Exchange ActiveSync
client on the device.
Exchange Mailbox The number of Exchange mailbox server item changes (within the sync
Server Item command) processed per second by Exchange ActiveSync.
Changes/Sec
Exchange Mailbox The number of Exchange mailbox server item deletes (within the sync
Server Item Deletes/Sec command) processed per second by Exchange ActiveSync.
Exchange Mailbox The number of Exchange mailbox server item soft deletes processed per second
Server Item Soft by Exchange ActiveSync. Soft deletes occur when items move out of filter
Deletes/Sec range.
Outstanding Exchange The number of pending connection requests from Exchange ActiveSync to the
Mailbox Server Exchange mailbox server(s).
Connection Requests
Outstanding Exchange The number of pending input/output requests from Exchange ActiveSync to the
Mailbox Server I/O Exchange mailbox server(s).
Requests
Exchange Mailbox The number of input/output requests sent per second to the Exchange mailbox
Server I/O Requests/Sec server(s) from Exchange ActiveSync.
Total Users The total number of users who have accessed Exchange ActiveSync.
Total Exchange Mailbox The total number of Exchange mailbox server adds, changes, and deletes
Server Sync Items (within the sync command) sent to the client.
Total SendMail The total number of SendMail commands processed by Exchange ActiveSync.
Commands The SendMail command is called when a user sends mail from the client.
Total SmartForward The total number of SmartForward commands processed by Exchange
Commands ActiveSync. The SmartForward command is called when a user forwards an
existing mail item from the client.
Total SmartReply The total number of SmartReply commands processed by Exchange
Commands ActiveSync. The SmartReply command is called when a user replies to mail
from the client.
Total GetAttachment The total number of GetAttachment commands processed by Exchange
Commands ActiveSync. The GetAttachment command is called when a user retrieves a
mail attachment from the client.
Total GetHierarchy The total number of GetHierarchy commands processed by Exchange
Commands ActiveSync. The GetHierarchy command is called when a user fetches their
folder hierarchy.
Total CreateCollection The total number of CreateCollection commands processed by Exchange
Commands ActiveSync. The CreateCollection command is called when a user creates a
folder from the client.
Total DeleteCollection The total number of DeleteCollection commands processed by Exchange
Commands ActiveSync. The DeleteCollection command is called when a user deletes a
folder from the client.
Total MoveCollection The total number of MoveCollection commands processed by Exchange
Commands ActiveSync. The MoveCollection command is called when a user moves a
folder from the client.
Module 11: Server Activesync 69
Total Client Sync Items The total number of client item adds, changes, and deletes (within the sync
command) sent from the client.
Client Sync Items/Sec The number of client item adds, changes, deletes, and fetches (within the sync
command) processed per second by Exchange ActiveSync.
Module 11: Server Activesync 71
Lesson 5: Tools
Wfetch Wfetch.exe enables you to test HTTP requests. See the following KB article for
more information: Q284285 HOW TO: Use Wfetch.exe to Troubleshoot HTTP
Connections.
72 Module 11: Server Activesync
Tools
Note This lab focuses on concepts, and may not comply with Microsoft
security recommendations.
Scenario In this lab, you will use the new mobility features in Exchange Server 2003 by
configuring and using Exchange ActiveSync with a Pocket PC Emulator.
First, you will configure the Pocket PC to synchronize with the Exchange
Server 2003 server by using TCP/IP. You will then synchronize the Inbox,
Calendar, and Contacts with the Exchange Server. Finally, you will send and
receive e-mail and work with the calendar.
Exercise 1
Exchange ActiveSync
In this exercise you will get up-to-date notifications to work and look at some troubleshooting.
5. Initialize PocketPC’s a. Open Internet Explorer and log into Outlook Web Access. In the
mailbox by logging into Address bar type http://denver/exchange/pocketpc.
OWA. b. Log in as Contoso\PocketPC with password Passw0rd1.
c. Once logged in, click the Log Off button.
d. Close Internet Explorer.
7. Connect to the workplace a. In the Pocket PC Emulator, click the Establishing Connection icon,
using a VPN. click Work, and then click OK.
complete.
Note: All Steps to be performed on DENVER VPC.
9. Open the Administrator’s a. Switch to DENVER and start Microsoft Internet Explorer.
mailbox using Outlook Web b. In the Address field, type http://Denver/exchange and press Enter.
Access.
c. If prompted, log in as Contoso\Administrator with password
Passw0rd1.
d. Compose a new message by clicking New, and then in the To field,
type PocketPC.
e. Type a Subject and a brief message, and then click Send.
Note: All Steps to be performed on Atlanta VPC.
11. Using OWA, check to see a. In Outlook Web Access (logged in as Contoso\Administrator), click
that the Pocket PC the Check for New Messages button, and then confirm that the
synchronized and sent any message from Pocket PC was received.
queued emails to the
Exchange Server.
12. Accept a meeting by using a. In Outlook Web Access (logged in as Contoso\Administrator) on
the Pocket PC Emulator. DENVER, click Calendar, and then click New.
b. For the appointment, leave the Start time as today’s date.
c. Click Invite Attendees, and then in the Required field, type
PocketPC.
d. Type a subject and a brief message, and then click Send.
e. Switch to the Pocket PC Emulator on Atlanta.
f. At the bottom of the Inbox, click the Send/Receive Mail button .
g. After the Inbox is in sync, click the meeting request at the top of the
message list.
h. Click the Accept, Decline, and Tentative button at the bottom of the
Messaging window .
i. Click Accept.
80 Module 11: Server Activesync
Exercise 2
Browsing Using Outlook Mobile Access
In this lab, you will access Outlook Mobile Access by using the Pocket PC Emulator. This new way
to access a mailbox over the Internet is especially suited for hand-held devices, including mobile
telephones. One advantage of using Outlook Mobile Access on a Pocket PC that has Exchange
ActiveSync enabled is the ability to search the Global Address List.
1. View Outlook Mobile Access a. Click Start, and then click Internet Explorer.
by using the Pocket PC b. In the Address field, type http://Denver/oma, and press Enter.
Emulator.
c. Type a User name of Contoso\PocketPC and a Password of
Passw0rd1.
d. Click Save Password, and then press OK.
2. View and reply to a message a. Click Inbox.
by using Outlook Mobile. b. Open a message from the Administrator.
c. Click Reply.
d. Click Message: [].
e. Type a message.
f. Click OK, and then click Send.
3. Find a user using Outlook a. Click Home.
Mobile Access. b. Click Find Someone.
c. In the Search For box, type Don, and then click OK.
d. Click Don Hall.
e. Click donh@contoso.com.
f. Click Message: [].
g. Type a short message, and then click OK.
h. Click Send.
i. Close the Pocket PC Emulator and Internet Explorer.
j. Click Start, Log Off, Log Off.
k. Press Right Alt-Del (instead of Ctrl-Alt-Del) to open the Logon
dialog box.
l. Type the following information:
m. User name: DonH
n. Password: Passw0rd1.
o. Click OK.
p. Open Microsoft Internet Explorer.
q. In the Address field, type http://Denver/exchange, and press Enter.
82 Module 11: Server Activesync
Exercise 3
Debugging using NexTags
In this exercise, you will a Microsoft internal only tool called NexTags. Using NexTags you will
capture ActiveSync traffic between a Pocket PC device and the Exchange 2003 Server ActiveSync.
When users specify an attempt to sync, Exchange ActiveSync will output all logging information to
the specified log file. This information is useful for troubleshooting and when working with
Microsoft Product Support Services to determine the cause for synchronization failures.
1. Start the NexTags a. Log onto Denver VPC as Administrator with password Passw0rd1.
configuration program. b. Open Windows Explorer and navigate to C:\Tools\Labs\Tools\Other
Tools\Nextags (This has to be run on the server running Exchange
ActiveSync).
c. Double click Nextags.exe to execute the configuration program.
5. Using the Pocket PC a. On the Atlanta VPC, log in as Administrator with a password of
Emulator, you will write Passw0rd1.
some emails and then use b. Launch the Pocket PC 2003 Second Edition. From the task bar click
ActiveSync to transfer them Start | Run | type C:\StartPPC.lnk | click OK.
to the Exchange Server.
c. It may take a few minutes for the Pocket PC Emulator to boot. Please
be patient while it loads.
d. In the Pocket PC Emulator, click the Establishing Connection icon,
84 Module 11: Server Activesync
6. Send the queued message. a. In the Pocket PC Emulator, click the Send/Receive Mail button.
Note: As the ActiveSync connection talks to the Exchange Server, all the selected logging options are being
logged out to C:\NexTagsSync.log on Denver.
7. View the NexTags log file. a. On the Denver VPC, open Windows Explorer, navigate to C:\.
b. Double-click NexTagsSync.log to open in Notepad.
8. Stop the NexTags from a. Open Windows Explorer and navigate to C:\Tools\Labs\Tools\Other
logging. Tools\Nextags (This has to be run on the server running Exchange
Module 11: Server Activesync 85
ActiveSync).
b. Double-click Nextags.exe to execute the configuration program.
c. Click the Tags tab.
d. Click the Disable Tracing button.
e. Click the Apply button to confirm all settings and the OK button to
exit the NexTags window.
9. Close all Virtual PCs. a. On the Virtual PC 2004 menu, click Action, Close on each Virtual
PC.
86 Module 11: Server Activesync
Review
1. What error message do you get on the device if Exchange ActiveSync is not
enabled?
3. What version of the AirSync Protocol does Mobile Information Server work
with?
Appendix A
Click on the Server Tab, and enter your FrontEnd Exchange 2003 Server, and
select what you want to synchronize.
88 Appendix A
Now click on the Options Button and enter your username, domain and
password.
If Exchange ActiveSync
is not enabled on the
server
Your first On your first sync, if you are using a Windows Mobile 2003 device, you will
synchronization see the Always Up To Date configuration popup.
When you start to sync, you will see a screen similar to this:
90 Appendix B
Appendix B
</Commands>
</Collection>
</Collections>
</Sync>
Example Sync Response from the Server
The following example shows the response sent by the server.
</Responses>
<Commands> This section contains commands from
<Add> the server. These commands are similar
<ServerId>666666666</ServerId> to the ones sent from the client to the
server, and contain additions, deletions,
<ApplicationData>
and changes resulting from contacts
data modified on the server. Each contact is
</ApplicationData> identified by a ServerId. For an Add, this
</Add> is a new identifier and must be stored by
<Delete> the client along with the new contact. For
<ServerId>777777777</ServerId> Delete and Change, the identifier refers
</Delete> to an existing contact. For Add and
<Change> Change, the ApplicationData contains
the new or changed contact. Upon
<ServerId>888888888/ServerId>
receiving this data, it is up to the client to
<ApplicationData> update the local store to match the
data server.
</ApplicationData>
</Change>
</Commands>
</Collection>
</Collections>
</Sync>
In addition to the Sync command described above, the sync protocol defines
commands to facilitate tasks such as replying to messages and managing
folders.
Synchronization Commands
Command Description
GetItemEstimate Used by the client to get an estimate of the number of items that need to be
synchronized.
Sync Synchronizes data between the client and server. Data is included in the body
of the request and response.
Appendix B 93
Messaging Commands
Command Description
SendMail Used by clients to send MIME formatted e-mail messages to the server. The
body of the request contains the message. A command parameter provides the
option of storing a copy of the message in the Sent Items folder.
SmartReply This command is similar to SendMail, but the outgoing message consists of
the new message followed by the text of the original message. The full original
message is sent, even if only a truncated copy exists on the client. Using the
server copy of the original message saves network bandwidth by avoiding the
need to download the original message and upload it with the reply. The
SmartReply command lists the message recipients, so it is used to implement
both “reply” and “reply all” functionality.
SmartForward This command is similar to SmartReply, but the original message is included
as an attachment to the outgoing message. Any attachments contained in the
original message are also forwarded.
MeetingResponse This command is similar to SendMail and sends a meeting response message
accepting or declining a meeting request.
GetAttachment This command downloads an e-mail attachment from the server. Attachments
are not downloaded automatically with e-mail messages; they must be
explicitly retrieved using this command.
Notification Commands
Command Description
Notify This command enables server notifications for one or more collections. It also
provisions the device for notifications by telling the server the device’s
address.
94 Appendix B
Folder Sync Sync protocol version 2.0 adds support for Folder sync. With sync protocol
v2.0, a FolderSync command is used instead of the GetHierarchy command.
The FolderSync command synchronizes the collection hierarchy in the same
way as individual folders are synchronized.
The folder hierarchy has a Sync Key associated with it. The initial folder list is
obtained by sending a SyncKey of zero. Thereafter, individual folder changes
are sent from the server. Folder sync is one-way, meaning that the server sends
changes to the client, but the client does not send changes to the server.
During the initial sync, the user’s mailbox is traversed to retrieve the folder
hierarchy. Then an Exchange Search folder is created to cache the user’s
hierarchy. Subsequent FolderSync commands use the Search folder to retrieve
the hierarchy. In certain cases, the Search folder may take a while to get
populated. In these cases, a traversal is done until the Search folder gets
populated. The Exchange information store updates the Search folder.
If the user is moved to another server, this search folder gets emptied out.
When sync encounters an empty Search folder, Search folder is deleted and
recreated. The SyncKey is not affected. No changes are sent to the client unless
there were any changes since the last sync.
Folder sync is performed at the beginning of every sync session. In order to get
the hierarchy changes from the server, a PROPFIND is used to retrieve the
folders, then a GET is used to retrieve the FolderSync state and finally a Search
is used to retrieve the information from the Search folder.
The Search folder and the folder sync file are stored in the
NON_IPM_SUBTREE of a user’s mailbox. The user can get to these files by
opening the NON_IPM_SUBTREE as a Web folder through Internet Explorer.
This is, however, not recommended.
Appendix B 95
The response from the server returns a list of folders. The permanent URL of
the folder (long ID) is included along with the display name. This is used
instead of the normal named URLs (/exchange/johndoe/inbox) because the end
user could rename a folder or mail message.
Each folder is associated with a type number.
96 Appendix B
Type Definition
In Version 1.0 of the protocol user-created mail folders had type value 1; in this
version they have type value 12.
Exchange ActiveSync The synchronization state is stored in a hidden folder in the user’s mailbox on
Profile the Exchange server. The sync state for e-mail, calendar and contacts and
FolderSync is located in the Microsoft-Server-ActiveSync/PocketPC/DeviceId
folder in the NON_IPM_SUBTREE of a user’s mailbox. The Search folder
containing the folder hierarchy is stored here as well.
Appendix B 97
98 Appendix C
Appendix C
IIS Settings from The default setting from Exchange System Manager should look like this:
Exchange System
Manager
Application Pool The ExchangeApplicationPool settings from IIS Manager should look like this:
Settings from Internet
Service Manager
Appendix C 99
100 Appendix C
Virtual Server Setting The Exchange ActiveSync virtual server settings should look like this:
from Internet Service
Manager
Configuration Button:
Appendix C 101
Authentication Control
Button
Device Issues If you suspect you have a device issue, look at the following:
On the device can you access Outlook Web Access? Desktop Pass-
Through?
• Verify Settings.
• Connectivity – can you reach the Internet?
• Sync Settings – server name (no http://).
Warm Boot (Power Cycle Smartphone).
Unselect and re-select PIM types from Sync.
• Always select to delete the device data!
• Low free space? Instruct users to use more restrictive filter.
102 Appendix C
Flow Chart
Appendix D 103
Appendix D
Error Codes
DEV_1 E_SYNC_OUTOFDISK: Run out of storage even after system closed other
processes.
Error Message: Synchronization failed. You do not have enough free memory
on your device to synchronize information. Delete unused files from your
device or close programs that are running to free up memory, and then try
again.
Explanation: Insufficient memory.
User Action: The storage memory holds all the applications that are loaded in
RAM on the device. The program memory is used by programs that are
running. The shell adjusts allocation of storage and program memory. The shell
will close applications to free program memory. You can also close applications
manually by clicking Settings, System, Memory, Running Programs and
stopping the unnecessary applications. To free up storage memory, remove
unnecessary programs that have been loaded.
DEV_6 E_FAIL_SERVER: Sync failed due to server side reason but no server
originated error code received, or any other unknown server errors.
DEV_8 E_PURGE_ERROR: Sync key data is not valid since a data purge failed.
DEV_10 Error Message: Synchronization failed because the device timed out waiting
for the server to respond. Try again later.
Explanation: This error is reported when the device times out while trying to
establish a connection with the server. The error is reported after around four
minutes.
NexTags logging can cause this to happen (since it slows down synchronization
and the device times out waiting for a response). This has been observed once
or twice when synchronizing a large number of items.
User Action: Attempt the sync later or stop NexTags.
MIS_errorcode These error codes indicate that the error was from the Exchange Server with the
Exchange ActiveSync component installed.
MIS_0 SYNC_STATUS_CODE_INVALID
MIS_1 SYNC_STATUS_CODE_SUCCESS
performing sync does not have access to the TMP/TEMP folder on the
Exchange server. For large sync requests, IIS uses temporary storage.
d) Large sync requests could exceed the default size limits for requests sent to
IIS.
e) Sync state on the device is corrupt.
f) There is a corrupt item in the mailbox.
User Action:
a) To enable Integrated Windows Authentication on the Exchange virtual
root:
i. Start Exchange System Manager.
ii. Expand Servers, expand Server Name, and then expand Protocols.
Expand HTTP, and then expand Exchange Virtual Server.
iii. Right-click Exchange, and then click Properties.
iv. Click the Access tab, click Authentication, and then click to select
the Integrated Windows Authentication check box.
v. Click OK, and then click OK again.
b) Re-enable Kerberos on the Exchange server by following the instructions in
the KB Article 215383. HOW TO: Configure IIS to Support Both Kerberos
and NTLM Authentication ID: 215383
c) Obtain the hot fix outlined in KB 329938 by calling Microsoft Product
Support Services.
d) Verify the TMP/TEMP configuration.
e) The MaxClientRequestBuffer can be increased as outlined in the KB
260694 Description of the MaxClientRequestBuffer Registry Value
f) Deselect the data type (usually calendar) and then reselect the data type.
g) Identify the corrupt item using NexTags log and delete it.
Explanation:
a) This error can occur if the synchronization server is unable to open the
inbox folder on the Exchange server. This can occur with calendar and
contacts as well.
b) The PUT verb is blocked on the Exchange server.
User Action:
a) A recovery sync will be performed automatically during a subsequent sync.
b) If URLSCAN is configured on the Exchange server, make sure that this
verb is allowed on the Exchange server.
HTTP_401 Error Message: Unable to connect to sync server due to authentication failure.
Check your connection configuration.
Explanation: The credentials provided to access the server are incorrect or you
are not enabled for synchronization or your password has expired.
User Action: On the device, go to ActiveSync, Tools, Server, verify that the
server name is correct. Click on Advanced and verify the username, password
108 Appendix D
and domain information. Please contact your administrator and make sure that
you are enabled for synchronization.
HTTP_500 Error Message: Synchronization failed due to an error on the server. Try again.
Explanation:
a) Windows Integrated Authentication is not enabled on the Exchange virtual
directory on the Exchange server. The Exchange ActiveSync component
uses Kerberos authentication when communicating with the Exchange
server.
b) Windows Integrated Authentication is enabled on the Exchange virtual
directory on the Exchange server, but Kerberos is disabled via the IIS
metabase.
c) Kerberos is enabled, but Kerberos authentication fails every 30 days or so.
d) Sync is attempted while the mailbox is being moved.
e) User attempting sync is a member of more than 200 groups.
f) The Left Hand Side (LHS) and Right Hand Side (RHS) of the user’s
primary SMTP address are both different from the SMTP address based on
the default recipient policy.
g) The Exchange virtual directory on the Exchange Server is configured to
require Secure Sockets Layer (SSL). Server ActiveSync communicates
with the Exchange Server over port 80.
h) The administrator enabled NexTags logging on the Mobile Information
Server and selected the DevMode check box under the DevOnly category.
i) The user composes email on the device and attempts a sync when mailbox
limits have been reached on the Exchange server.
User Action:
a) To enable Integrated Windows Authentication on the Exchange virtual
root:
i. Start Exchange System Manager.
ii. Expand Servers, expand Server Name, and then expand Protocols.
Expand HTTP, and then expand Exchange Virtual Server.
iii. Right-click Exchange, and then click Properties.
iv. Click the Access tab, click Authentication, and then click to select
the Integrated Windows Authentication check box.
v. Click OK, and then click OK again.
Appendix D 109
HTTP_503 Error Message: Synchronization failed due to an error on the server. Try again.
Explanation: The Web service is unavailable. The service may have been
stopped temporarily.
User Action: Attempt sync later.
110 Appendix D
Explanation:
a) There is no connection available for the device to communicate with the
server.
b) The user has more than 372 top level folders in their mailbox.
User Action:
a) Verify the connectivity settings on your device.
b) Reduce the number of top level folders to 372 or less by moving some top
level folders to be subfolders.
INTERNET_7 Explanation: Domain Name System (DNS) problem for the carrier
User Action: Warm Reset and try sync again. Try desktop pass-through.
112 Appendix D
INTERNET_19 Error Message: Synchronization failed due to a device software error. Contact
your network administrator.
Explanation: This could be caused by transient network issues.
User Action: Attempt the sync later.
INTERNET_31 Error Message: The connection with the server has been reset.
Explanation: The connection to the server was lost. If you are using a wireless
card, the card could have lost its association with the Access Point. If you are
using a modem, the network coverage was lost.
User Action: Ensure that you have connectivity and then attempt a sync.
INTERNET_37 Error Message: Synchronization failed. The security certificate on the server
has expired. Check that the date and time on your device are correct and try
again.
Explanation: The date and time on the device are incorrect.
User Action: On your device, click Start, Settings, System, Clock and set the
correct date and time.
Appendix D 113
INTERNET_45 Error Message: Synchronization failed. The security certificate on the server is
invalid. Contact your system administrator or ISP to install a valid certificate on
the server and try again.
Explanation: The sync client does certificate validation and has detected that
an invalid certificate is installed.
User Action: Attempt sync after a valid certificate is installed on the server.
The following root certificates are installed by default on PocketPC 2002
devices.
• Verisign/RSA Secure Server
• Verisign Class 1 Public Primary CA
• Verisign Class 2 Public Primary CA
• Verisign Class 3 Public Primary CA
• Verisign Class 3 Public Primary CA (2028)
• GTE Cybertrust ROOT
• GTE Cybertrust Solutions ROOT
• Thawte Server CA
• Thawte Premium Server CA
• Entrust.net Secure Server
• Entrust.net CA (2048 bit)
If you are using a certificate that is not trusted, you can disable certificate
validation on the device by using a CAB file provided on the Microsoft Mobile
Information CD. Please see the readme that is provided with the CAB file for
more information.
Root certificates can also be added to the Pocket PC 2002 device by using the
process outlined in KB 322956 Sample to Add Root Certificates to Pocket PC
2002.
User Action: Attempt the sync again. If the default Web site was stopped click
Start, Programs, Administrative Tools, and then click Internet Services
Manager. Click to expand your server object, right-click Default Web site, and
then click Start.
User Action: In Exchange ActiveSync, click Sync to initiate the server sync.
0x80070008 Error Message: Synchronization failed. If the problem continues, contact your
network administrator.
Explanation: Unknown
User Action: Obtain the latest Pocket PC End User Update from your service
provider.
0x8007000e Error Message: Synchronization failed. You do not have enough free memory
on your device to synchronize information. Delete unused files from your
device or close programs that are running to free up memory, and then try
again.
Explanation: Attempt to sync a meeting request that contains an attendee list
that exceeds 16 K characters.
Attempt to sync a calendar item that contains a large number of exceptions.
User Action: Obtain the latest Pocket PC End User Update from your service
provider.
Identify the item using the NexTags log and delete it.
0x80004005 Error Message: Synchronization failed due to a device software error. Contact
your network administrator.
Explanation: Unknown
User Action: Obtain the latest Pocket PC End User Update from your service
provider.