I inherited an Exchange 2013 issue and trying to figure it out. Basically Active Sync is not working, but OWA works. This is an internal test lab environment and all user access is done internally, so no access from the internet.
Environment:
9 CAS Servers | emm-load13-cas1 thorugh 9
3 Mailbox Servers
---------------------------------
To troubleshoot, I tried running "Test-ActiveSyncConnectivity | fl" and found that its trying to connect to the mailbox server instead of CAS and errors out. I figured there is an issue with Autodiscover or my internal URI configs on the ActiveSync Virtual Directory. I checked the SCP in AD and ActiveSync Virtual Directory, they all are pointing to the respective CAS Servers.
[PS] C:\>Test-ActiveSyncConnectivity | flRunspaceId : bdb399fd-5c0f-4e65-ba08-f09b9f38a617
LocalSite : Default-First-Site-Name
SecureAccess : True
VirtualDirectoryName :
Url :
UrlType : Unknown
Port : 0
ConnectionType : Plaintext
ClientAccessServerShortName : emm-load13-mbx2
LocalSiteShortName : Default-First-Site-Name
ClientAccessServer : emm-load13-mbx2.load13.local
Scenario : Options
ScenarioDescription : Issue an HTTP OPTIONS command to retrieve the Exchange ActiveSync protocol version.
PerformanceCounterName : DirectPush Latency
Result : Failure
Error : The OPTIONS command returned HTTP 200, but the Exchange ActiveSync header
(MS-Server-ActiveSync) wasn't returned. The request likely did not reach a Client Access
server, either because
- A proxy server intervened (check the headers below for any that may have been
returned by a proxy)
-The virtual directory could not be reached:
https://emm-load13-mbx2.load13.local/Microsoft-Server-ActiveSync
- The virtual directory does not point to a Client Access server:
https://emm-load13-mbx2.load13.local/Microsoft-Server-ActiveSync
HTTP response headers:
Allow: OPTIONS, TRACE, GET, HEAD, POST
Public: OPTIONS, TRACE, GET, HEAD, POST
Content-Length: 0
Date: Sun, 05 Jan 2014 03:14:49 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
UserName : extest_908b7d86c9534
StartTime : 1/4/2014 7:14:49 PM
Latency : -00:00:01
EventType : Error
LatencyInMillisecondsString :
Identity :
IsValid : True
ObjectState : New
-------------------------
At this point I wonder if pointing my Test-ActiveSyncConnectivity to a specific CAS Server will be successful.
[PS] C:\>Test-ActiveSyncConnectivity -URL https://emm-load13-cas1/Microsoft-Server-ActiveSync | flRunspaceId : bdb399fd-5c0f-4e65-ba08-f09b9f38a617
LocalSite : Default-First-Site-Name
SecureAccess : True
VirtualDirectoryName :
Url :
UrlType : Unknown
Port : 0
ConnectionType : Plaintext
ClientAccessServerShortName : emm-load13-cas1
LocalSiteShortName : Default-First-Site-Name
ClientAccessServer : emm-load13-cas1
Scenario : Options
ScenarioDescription : Issue an HTTP OPTIONS command to retrieve the Exchange ActiveSync protocol version.
PerformanceCounterName : DirectPush Latency
Result : Failure
Error : [System.Net.WebException]: The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel. Inner error
[System.Security.Authentication.AuthenticationException]: The remote certificate is
invalid according to the validation procedure.
UserName : extest_908b7d86c9534
StartTime : 1/4/2014 6:28:55 PM
Latency : -00:00:01
EventType : Error
LatencyInMillisecondsString :
Identity :
IsValid : True
ObjectState : New
---------------------------------------------------------------------------
Although the above error points out to Certificate error but when I log on to OWA, I do not get any cert error.
Following is the ActiveSync directory screenshot.
Here is the screenshot for the OWA.
Now I'm puzzled and need some direction....