AutoDiscover ActiveSync Setup Not Working (Full Version)

All Forums >> [Microsoft Exchange 2007] >> Mobility



Message


jason331 -> AutoDiscover ActiveSync Setup Not Working (21.Sep.2008 9:32:26 PM)

Hey everyone,

I'm having trouble getting AutoDiscover to work with our WM6.1 devices in our Exchange 2007 environment. If I try to automatically detect settings the handheld device just sits there forever trying to get settings until the cancel button us pressed. Manual setup works fine from that point.

I was referred to a handy website while on a support call with Microsoft one time called http://www.testexchangeconnectivity.com that will simulate various kinds of connections to an Exchange environment. I did the Microsoft Exchange ActiveSync Autodiscover Test from that site and got the following error:

"Active Directory currently not available"

The full text of the test is here:
===================================
Connectivity Test Failed
Test Details
Copy to Clipboard    Expand/Collapse    
   Attempting Autodiscover and Exchange Activesync Test (if requested)
    Failed to test Autodiscover for Exchange Activesync
   Test Steps
   
   Attempting each method of contacting the Autodiscover Service
    Failed to contact the Autodiscover service successfully by any method
   Test Steps
   
   Attempting to test potential Autodiscover URL https://mydomain.com/Autodiscover/Autodiscover.xml
    Failed testing this potential Autodiscover URL
   Test Steps
   
   Attempting to Resolve the host name mydomain.com in DNS.
    Host successfully Resolved
   Additional Details
    IP(s) returned: xx.xx.xx.xx
   Testing TCP Port 443 on host mydomain.com to ensure it is listening/open.
    The port was opened successfully.
   Testing SSLCertificate for validity.
    The SSLCertificate failed one or more certificate validation checks. If the certificate is not trusted by our server, please select the box to skip this check.
   Additional Details
    The SSL Certificate failed validation Exception Details:
Message: The remote certificate is invalid according to the validation procedure.
Type: System.Security.Authentication.AuthenticationException
Stack Trace:
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRCA.Tests.SSLCertificateTest.PerformTestReally()

:
   Attempting to test potential Autodiscover URL https://autodiscover.mydomain.com/Autodiscover/Autodiscover.xml
    Failed testing this potential Autodiscover URL
   Test Steps
   
   Attempting to Resolve the host name autodiscover.mydomain.com in DNS.
    Host successfully Resolved
   Additional Details
    IP(s) returned: xx.xx.xx.xx
   Testing TCP Port 443 on host autodiscover.mydomain.com to ensure it is listening/open.
    The port was opened successfully.
   Testing SSLCertificate for validity.
    The SSLCertificate failed one or more certificate validation checks. If the certificate is not trusted by our server, please select the box to skip this check.
   Additional Details
    Could not connect to remote host: Exception Details:
Message: Authentication failed because the remote party has closed the transport stream.
Type: System.IO.IOException
Stack Trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRCA.Tests.SSLCertificateTest.PerformTestReally()

   Attempting to contact the Autodiscover service using the HTTP redirect method.
    Failed to contact Autodiscover using the HTTP Redirect method
   Test Steps
   
   Checking Host autodiscover.mydomain.com for an HTTP redirect to Autodiscover
    Received Redirect (HTTP 301/302) Response successfully.
   Additional Details
    Redirect URL: https://portal.sslcertdomain.com/autodiscover/autodiscover.xml
   Attempting to test potential Autodiscover URL https://portal.sslcertdomain.com/autodiscover/autodiscover.xml
    Failed testing this potential Autodiscover URL
   Test Steps
   
   Attempting to Resolve the host name portal.sslcertdomain.com in DNS.
    Host successfully Resolved
   Additional Details
    IP(s) returned: xx.xx.xx.xx
   Testing TCP Port 443 on host portal.sslcertdomain.com to ensure it is listening/open.
    The port was opened successfully.
   Testing SSLCertificate for validity.
    The certificate passed all validation requirements.
   Additional Details
    Subject: CN=portal.sslcertdomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)08, OU=GT60785400, O=portal.sslcertdomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
   Attempting to Retrieve XML Autodiscover Response from url https://portal.sslcertdomain.com/autodiscover/autodiscover.xml for user JoeUser@mydomain.com
    Failed to obtain Autodiscover XML response.
   Additional Details
    An error was returned from the Autodiscover query:
<?xml version="1.0"?>
<Autodiscover xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
<Culture>en:en</Culture>
<User>
<DisplayName>Jose User</DisplayName>
<EMailAddress>JoeUser@mydomain.com</EMailAddress>
</User>
<Action>
<Error>
<Status>1</Status>
<Message>Active Directory currently not available</Message>
<DebugData>UserMailbox</DebugData>
</Error>
</Action>
</Response>
</Autodiscover>
   Attempting to contact the Autodiscover service using the DNS SRV redirect method.
    Failed to contact Autodiscover using the DNS SRV redirect method.
   Test Steps
   
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com in DNS.
    Failed to find Autodiscover SRV record in DNS.
===================================

What is wierd about this is it picks up the user's display name correctly so I know it is at least on some level communicating with Active Directory successfully.

Any thoughts?




jveldh -> RE: AutoDiscover ActiveSync Setup Not Working (22.Sep.2008 6:42:37 AM)

Hi,

It looks like a certificate issue. Have you trusted the root certificate of rapidssl ? As far as I know it's not installed by default which could result in certificate checks.

Also make sure the following DNS SRV-record exists:

_autodiscover._tcp.mydomain.com







jason331 -> RE: AutoDiscover ActiveSync Setup Not Working (22.Sep.2008 9:49:04 AM)

Sorry, yes the RapidSSL certificate is trusted on the device. Would the Microsoft test fail because of a certificate issue as well?




jason331 -> RE: AutoDiscover ActiveSync Setup Not Working (22.Sep.2008 9:52:58 AM)

...And actually, the Microsoft test has a section to allow you to ignore the SSL cert trust, but whenever I perform the test the certificate trust always passes anyway.




jveldh -> RE: AutoDiscover ActiveSync Setup Not Working (22.Sep.2008 1:09:55 PM)

Hi,

Yes the test checks everything even the certificate. But have you made sure the dns record exist which I mentioned ?





Page: [1]