Module 11: Server Activesync Contents Overview
1
Lesson 1: Managing Mobile Service Components
2
Lesson 2: Microsoft Exchange ActiveSync
9
Lesson 3: Beneath the GUI
16
Lesson 4: Troubleshooting
32
Lesson 5: Tools
71
Lab A: Microsoft Server ActiveSync (MSAS) 74 Review
86
Appendix A
87
Appendix B
90
Appendix C
98
Appendix D
103
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. © 2005 Microsoft Corporation. All rights reserved. Microsoft, MS-DOS, Windows, Windows 2000, Active Directory, ActiveX, BackOffice, FrontPage, Hotmail, Jscript, MSN, NetMeeting, Outlook, PowerPoint, SQL Server, Visual Studio, and Windows Media are either registered trademarks or trademarks of Microsoft Corporation in the United States, and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Module 11: Server Activesync
Overview
*****************************illegal for non-trainer use******************************
Introduction
Microsoft® Exchange Server 2003 includes built-in mobile functionality, which allows users to access Exchange data by using mobile devices. Exchange Server 2003 offers two services for your mobile users: Microsoft® Exchange ActiveSync® and Microsoft® Outlook® Mobile Access.
Objectives
After completing this module, you will be able to:
Manage mobile service components.
Understand what Exchange ActiveSync can do.
Know the interworking and it interacts with other components.
Know how to troubleshoot Exchange ActiveSync and what tools you can use.
1
2
Module 11: Server Activesync
Lesson 1: Managing Mobile Service Components
*****************************illegal for non-trainer use******************************
Introduction
This lesson introduces you to the mobile service components of Exchange Server 2003. It explains how to administer and secure these mobile service components.
Lesson objectives
After completing this lesson, you will be able to:
Describe the mobile service components of Exchange Server 2003.
Explain the requirements for Exchange Server 2003 mobile service components.
Explain the utilities that are needed to administer mobile components.
Identify the Mobile Services object properties that you can modify by using Exchange System Manager.
Configure Exchange ActiveSync and up-to-date notifications.
Describe the considerations necessary for securing mobile components.
Module 11: Server Activesync
3
What Are the Mobile Service Components of Exchange Server 2003?
*****************************illegal for non-trainer use******************************
Exchange Server 2003 allows users of wireless and small devices, such as mobile phones, personal digital assistants (PDAs), or smart phones (hybrid devices that combine the functionality of mobile phones and PDAs), access to Exchange data. Exchange ActiveSync and Outlook Mobile Access are two of the mobile service components that are built into Exchange Server 2003. These components enable mobile users to browse Exchange information, in addition to synchronizing calendar, contact, and inbox information. What Is Exchange ActiveSync?
Exchange ActiveSync is a service provided in Exchange Server 2003 that allows users to synchronize their Exchange information (inbox, subfolders, calendar, contacts, and tasks) with their ActiveSync-enabled mobile device (such as Pocket PC 2002, Smartphone 2002 and Microsoft® Windows Mobile™ 2003 devices). The two types of client initiated remote synchronizations supported by Exchange ActiveSync are:
What is up-to-date notification?
Manual end-user driven. Allows users of mobile devices to perform a manual synchronization.
Scheduled. Allows users of mobile devices to schedule synchronization.
In addition, Exchange supports server initiated synchronization though Exchange ActiveSync and up-to-date notifications. Up-to-date notifications allow synchronization of mobile devices to be automated by using an up-to-date notification. This option in the Mobile Services Properties dialog box sends a notification to the mobile device to initiate an automatic synchronization through Exchange ActiveSync.
4
Module 11: Server Activesync
How do up-to-date notifications work?
After a user completes the first successful synchronization from the Pocket PC, the device is automatically populated with the user’s mailbox folder tree, exposing all mailbox folders available for synchronization. Each folder can be selected for an up-to-date notification. After a folder is chosen for an up-to-date notification, an event is set on the folder, which looks for new e-mail to be delivered to the folder. When the new e-mail arrives, an event runs inside the Exchange server mailbox store and creates a Simple Mail Transfer Protocol (SMTP) notification. When the notification on the device is received (devices receive notifications, based on the network type, the notification could be as a Short Message Service–based message), the device will start an Exchange ActiveSync session, enabling the device to become up to date. All this occurs without waking the device. Note The up-to-date notification feature is only supported on the Windows Mobile 2003 devices.
What Is Outlook Mobile Access?
Outlook Mobile Access is a service provided in Exchange Server 2003 that allows your users to access their Exchange mailbox by using a browser-enabled mobile device. Devices such as mobile phones and PDAs that use Extensible Hypertext Markup Language (XHTML), compact HTML (cHTML), or standard HTML browsers allow your users to connect to their inbox, calendar, contacts, tasks, and perform global address list (GAL) searches. In addition to mobile phones, Windows Mobile devices using Microsoft Pocket Internet Explorer and desktop personal computers using Microsoft® Internet Explorer 6.0 or later also support Outlook Mobile Access. Note If your Exchange server has Device Update 2 installed (the default), Internet Explorer 6.0 will work but it will receive the following error message “The device type you are using is not supported. Press OK to continue.”
Compatibility with Microsoft Mobile Information Server
If you have previously used Microsoft Mobile Information Server 2001 Enterprise Edition or Microsoft Mobile Information Server 2002 Enterprise Edition to provide mobile access to your users, you need to be aware of the following compatibility issues with Exchange Server 2003 mobile components to determine the requirements for co-existence:
Integrating Exchange 2003 with Mobile Information Server 2002
Mobile Information Server can communicate with Microsoft® Exchange 5.5 mailbox servers to provide Outlook Mobile Access (real-time browse access) and with Microsoft® Exchange Server 2000 mailbox servers to provide Exchange ActiveSync and Outlook Mobile Access support for browsing and new e-mail notifications. Microsoft® Exchange Server 2003 mobile components can only communicate with Exchange Server 2003 mailbox servers to provide Exchange ActiveSync and Outlook Mobile Access.
Mobile Information Server can be installed in an ‘ActiveSync-only’ configuration. When installed in this manner, Mobile Information Server does not require an Active Directory® schema change or any complicated auxiliary forest topologies. The recommended path for customers that want mobility on Exchange 2000 and want to ensure they will have a good migration path to Exchange 2003 is to install Mobile Information Server in the ‘ActiveSync only’ configuration for Exchange 2000. Then the same devices, PPC Phone and Smartphone, will work with Exchange 2003 when they migrate. Then they do not have to be concerned
Module 11: Server Activesync
5
with a complex Active Directory schema change and auxiliary forest scenarios pertinent to Mobile Information Server. Of course, this means they will not get the browse and push features of Mobile Information Server. But past experience shows Exchange ActiveSync is usually the feature driving Mobile Information Server deployments. In summary:
Mobile Information Server has not been tested against Exchange 2003 mailboxes. Using Mobile Information Server mobile browse or Mobile Information Server ActiveSync against Exchange 2003 mailboxes is not a supported scenario.
Coexistence: Mobile Information Server (browse, push and sync) used against Exchange 2000 mailboxes can co-exist in the same environment as Exchange 2003 Outlook Mobile Access and Exchange ActiveSync used against Exchange 2003 mailboxes. Exchange 2003 does not reuse the Active Directory attributes used by Mobile Information Server, and so they do not conflict. For exact details about what Active Directory attributes are used by Exchange 2003 Mobility, see the documentation that will be available by launch.
If a customer wants to use Mobile Information Server for some users and Exchange 2003 mobility for others, then using separate name spaces for each is best. Mobile Information Server /Exchange 2000 users URL = mis.corp.com Exchange 2003 users URL = oma.corp.com
Note In a mixed Exchange environment where you deploy a front-end and back-end topology, you must use Exchange Server 2003 for both the front-end and back-end servers to gain access to mailboxes through Outlook Mobile Access and Exchange ActiveSync. For more information on Windows Mobile devices, see the Windows Mobile page on the Microsoft Web site at http://www.microsoft.com/windowsmobile.
6
Module 11: Server Activesync
Utilities That You Can Use to Administer Mobile Components
*****************************illegal for non-trainer use******************************
You use utilities such as Exchange System Manager, Internet Information Services (IIS) Manager, and Active Directory Users and Computers to configure Exchange mobile components. Exchange System Manager
Exchange System Manager is used when configuring Mobile Services objects. These objects are a part of the global settings for the Exchange organization. These objects allow you to define how Exchange ActiveSync and Outlook Mobile Access are enabled for all users in your organization. You can also define the domain name for mobile carriers that are used by up-to-date notifications. Exchange System Manager is also used to configure an SMTP connector that is used for up-to-date notifications. You define the SMTP connector to connect your corporate SMTP bridgehead server to your mobile carrier, such as Microsoft MSN® Mobile or your mobile operator.
IIS Manager
IIS Manager is used to configure settings such as the security of Outlook Mobile Access and the Exchange ActiveSync virtual directories. Configuring Outlook Mobile Access and Exchange ActiveSync is similar to how you configure options for Microsoft Office Outlook Web Access by using the IIS Manager.
Active Directory Users and Computers
Active Directory Users and Computers allows you to control mobile access on a user-by-user basis. By default, Exchange ActiveSync and Outlook Mobile Access are enabled on all user accounts but Outlook Mobile Access is disabled globally by default for Exchange Server 2003.
Module 11: Server Activesync
7
How to Configure Mobile Services Object Properties Using Exchange System Manager
*****************************illegal for non-trainer use******************************
By default, Exchange Server 2003 global settings for Exchange ActiveSync allow all users to initiate synchronization and receive up-to-date notifications. Exchange ActiveSync can be configured on a Global and Per user basis with the on/off switch in Exchange System Manager and Active Directory Users and Computers. By Default Exchange ActiveSync is enabled for all users but is enabled globally by default through the Mobile Services object settings. Using Exchange System Manager, expand Global Settings, right-click Wireless Services, and then click Properties. Then on the General Tab of the Mobile Services Properties, in the Outlook Mobile Access pane, enable Outlook Mobile Access. To modify your global settings for Exchange ActiveSync and Outlook Mobile Access, use the Mobile Services object in Exchange System Manager. To configure Exchange ActiveSync
The following table lists the object properties available for Exchange ActiveSync. Object property
Description
Enable user-initiated synchronization
Users can use their mobile carrier connection to synchronize their Exchange information to their ActiveSync-enabled device and then access this information while offline.
Enable up-to-date notifications
Mobile devices will be able to receive notifications sent to the device that will initiate synchronization between a user’s device and their Exchange mailbox. (Note: Currently only Windows Mobile 2003 devices support the up-to-date notifications.)
Enable notifications to user-specified SMTP addresses
Users can use any mobile carrier with the wireless synchronization feature of Exchange. Enable this feature if you have users who are using mobile devices to
8
Module 11: Server Activesync synchronize their Exchange information, and you do not want to specify the mobile carrier in Exchange.
To configure Outlook Mobile Access
To configure a user
The following table lists object properties available to access Exchange through Outlook Mobile Access. Object property
Description
Enable Outlook Mobile Access
This feature allows users to use mobile devices such as a Windows Mobile powered device, an iMode device, or any XHTML–compatible mobile phone to access their e-mail, contacts, calendar, and tasks.
Enable unsupported devices
This feature provides mobile access to Exchange Server from devices that are not supported, such as Wireless Application Protocol (WAP) 1.0 mobile phones. These unsupported devices may have unexpected results when using Outlook Mobile Access.
1. In Active Directory Users and Computers, navigate to a user and right-click Properties. 2. On the Exchange Features tab on the user’s properties, choose from the appropriate Mobile Services Options.
Module 11: Server Activesync
Lesson 2: Microsoft Exchange ActiveSync
*****************************illegal for non-trainer use******************************
Introduction
This lesson explains provides a general overview of Exchange ActiveSync and some known issues.
Lesson objectives
After completing this lesson, you will:
Have a basic understanding of how Exchange ActiveSync works and be familiar with known issues.
9
10
Module 11: Server Activesync
General Overview
*****************************illegal for non-trainer use******************************
Overview
Exchange ActiveSync allows you to synchronize data between your mobile device and Exchange Server 2003. E-mail, contacts and calendar information (PIM data) can be synchronized with the Exchange Server. This feature was previously available through Mobile Information Server and was referred to as Microsoft Exchange ActiveSync. It has now been integrated with Exchange Server 2003. With Mobile Information Server, devices running Microsoft® Windows® Powered Pocket PC 2002, Microsoft Windows Powered Pocket PC 2002 Phone Edition, and Microsoft Windows Powered Smartphone had the Exchange ActiveSync client component installed and were supported. With Exchange ActiveSync, devices running Pocket PC 2002, Pocket Phone Edition and Smartphone are still supported. In addition, Microsoft Windows Powered Pocket PC 2003 devices are supported. Pocket PC 2003 devices allow more granularity in scheduling sync and also support the Always Up To Date functionality that is introduced in Exchange Server 2003. All users are enabled by default. The Exchange administrator can globally disable sync for all users. This is configurable in Exchange System manager under Global Settings/Mobile Services.
Files installed with Exchange ActiveSync
The following files are installed into Exchsrvr\bin folder:
Massync.dll - Outlook Mobile Access Sync ISAPI extension DLL
Masperf.dll - Outlook Mobile Access Sync Performance Counter DLL
MasPerf.ini - Outlook Mobile Access Sync Performance Counter INI
Masperf.h
- Outlook Mobile Sync Performance Counter header
Exchsrvr\OMA\Sync is a blank folder so if someone tries to gain access to the sync folder, it is mapped to a folder that does not give access to all of the Exchange files.
Module 11: Server Activesync
Builds
Exchange ActiveSync started life with Mobile Information Server 2002. Here are the build numbers:
1806
Mobile Information Server 2002
2105
Mobile Information Server 2002 (NexusJ hotfix)
3274
Exchange 2003
For more information on configuring Microsoft Pocket PC Active Sync see Module 11 Appendix A.
11
12
Module 11: Server Activesync
Known Issues
*****************************illegal for non-trainer use******************************
Here is a list of some of the known issues affecting Exchange ActiveSync: SharePoint Portal Server
As with other Exchange 2003 components, Microsoft® SharePoint™ Portal Server also stops Exchange ActiveSync from working. This Knowledge Base (KB) article will help: 823265 "Page Not Found" Error Message When You Browse Exchange Server 2003. Note If you have Secure Sockets Layer (SSL) and Forms Based Authentication or are using the ExchangeVdir you need to exclude these from the SharePoint Portal Server managed paths, too.
SSL and Forms Based Authentication
Again like SharePoint Portal Server, this breaks Exchange ActiveSync. This KB will help: 817379 Cannot Access Exchange Server 2003 by Using Outlook Mobile Access When the Exchange Virtual Directory Requires SSL or Uses FormsBased Authentication OR 822177 "Unable to Connect to Your Mailbox on Server <ServerName>" Error Message and an Event ID 1805 Message Occur When You Try to Access Outlook Mobile Access
ExchangeVdir
By default, Exchange ActiveSync uses the /Exchange virtual directory to access the users mailbox; it can only use a non-SSL connection with Kerberos authentication. To change the virtual directory that Exchange ActiveSync uses, there is a registry key (HKLM\System\CurrentControlSet\Services\MasSync\Parameters\ExchangeV Dir) that can be set to another virtual directory. This setting affects both Outlook Mobile Access and Exchange ActiveSync and is only available in the Exchange 2003 version of Exchange ActiveSync. There
Module 11: Server Activesync
13
are KB articles (817379/822177) that describe how to use this setting; this KB only mentions Outlook Mobile Access but the same thing applies to Exchange ActiveSync. In order for Exchange ActiveSyncto work, Kerberos authentication has to be enabled on the ExchangeVDir, make sure AuthFlags includes AuthNTLM and that NTAuthenticationProviders includes Negotiate. Microsoft® Windows 2000® Service Pack 3 (SP3) Kerberos issue
This is a problem where IIS authentication using Kerberos fails every 30 days (depending on domain configuration); restarting the IIS Admin service on the Exchange server fixes this problem. To verify if this is the problem, use a Microsoft® Windows® XP machine in the same domain as the Exchange server. Enable Kerberos logging in LSASS on the Windows XP machine (registry files available on \\towelie\share), restart the machine and then try to access Outlook Web Access on the Exchange server. It should fail to logon and a lsass.log will be located in \Windows on the Windows XP machine. SP3 Hotfix available, SP4 includes this one: Q329938 is inaccurate; this problem can happen to non-clustered systems running Exchange 2000 as well.
ISA/General Proxy Issue
There is a bug in Internet Security and Acceleration Server (ISA) release to manufacturing (RTM) where it reuses HTTP connection (including the authentication). This only happens if the SSL connection is terminated on or before the ISA server and then forwarded to the Exchange ActiveSync server as regular HTTP. If this happens, users may get other users’ mailbox contents when synchronizing. This can happen on non-ISA proxies which reuse HTTP connections as well.
URLScan
URLScan for IIS 5 with the Exchange template blocks some verbs used by MSAS, check the URLScan.log to see if anything has been blocked.
Write access to TEMP folder
Exchange ActiveSyncmay uses the %TMP% folder (usually Winnt\Temp) for storing temporary files. When using SmartForwarding command the HTTP request might get to large to handle in memory (undefined size, was around 90 kb on this writer’s system and 40-50 kb on customer’s system), this file is written using the impersonated user account of the user synchronizing, if the user is not able to write to the TMP folder the SmartForward will fail and no error will be logged. The mail will be forwarded without attachments may affect other commands as well. Note Exchange ActiveSync uses the %TMP% environment variable to find the temporary directory. To verify if there is a permissions problem, run SysInternals Filemon on the Exchange ActiveSyncserver. Note This problem has been seen on Mobile Information Server 2002; not sure if it can happen on Exchange 2003.
Certificates
KB Q308205 lists default trusted root certification authorities (CAs). If the certificate has not been issued by one of these, the customer will have to install the certificate on the PocketPC. There is a tool called Disable Certification Verification available for download on the Exchange Web site, this disables all
14
Module 11: Server Activesync
verification of certificates and should only be used for testing or troubleshooting. On the Mobile Information Server 2002 CD there is a tool called DisableSSL that does the same thing. It does not disable SSL though. The server name specified on the device must match the certificate, Internet_29 or Internet_55 errors are common certificate errors. SMTPProxy
Exchange ActiveSync uses the Left Hand Side (LHS) of the primary SMTP address to build the WebDAV request (e.g. mailaddress ”
[email protected]” will cause MSAS to use ”/Exchange/ctornq” for accessing the mailbox), if this is not the correct alias, an SMTP proxy address can be specified to resolve this problem. Set the registry setting HKLM\System\CurrentControlSet\Services\MasSync\Parameters\SMTPProxy to the Right Hand Side (RHS) of the proxy domain you want to use. This setting is similar to the Mobile Information Server Proxy fix included on the Mobile Information Server2002 CD (used by Outlook Mobile Access in 2002). This registry setting requires build 2105 or higher. The following KB article describes this in more detail: 324306 XADM: How Exchange 2000 Web Storage System and Exchange 2000 Installable.
SSL Related
SSL and certificates can cause lots of issues. Some things to look out for are:
Certificate Not Trusted. Needs to disable certificate verification or addrootcert (Internet_45).
Name of the certificate does not match name specified in device. Name needs to match (Internet_29).
SSL required. PPC3 device (checkbox clear) HTTP_403.
SSL on Exchange VDir. ActiveSync disabled. (HTTP_403).
No certificate installed. (Internet_152, Internet_2). Device communication error.
SSL setup KB articles:
231881 HOW TO: How to Install/Uninstall a Public Key Certificate Authority for Windows 2000
290625 HOW TO: Configure SSL in a Windows 2000 IIS 5.0 Test Environment by Using Certificate Server 2.0
Server ActiveSync related SSL articles:
308205 XCCC: Valid SSL Certificate Is Required When You Use Server ActiveSync
322956 Sample to Add Root Certificates to Pocket PC 2002 • Use download link: http://www.microsoft.com/downloads/details.aspx?FamilyId=ECFDE1C 7-36C9-4C13-986E-8A46790F61E4&displaylang=en
318883 XCCC: "Synchronization failed" Error Message Occurs with an INTERNET_29 Error Code
323077 XCCC: Server ActiveSync Fails with HTTP_500 If SSL Is Enabled on Exchange Server Virtual Directory
Module 11: Server Activesync
318160 XCCC: "Internet_45" Error Message When You Use Server ActiveSync
Disable Certificate Verification
15
• http://www.microsoft.com/downloads/details.aspx?FamilyId=D88753B8 -8B3A-4F1D-8E94-530A67614DF1&displaylang=en
16
Module 11: Server Activesync
Lesson 3: Beneath the GUI
*****************************illegal for non-trainer use******************************
Introduction
This lesson explains what happens under GUI, and covers a number of subjects in-depth. These include:
Overview
Sync Client Architecture
Object Management on the device
Sync Protocol Version
Sync Protocol Negotiation
SSL requirement
Synchronization and DAV Replication
Some of the topics may not be covered by the instructor, but are there for your reference.
Module 11: Server Activesync
Beneath the GUI: Overview
*****************************illegal for non-trainer use******************************
Client Request to a Front-end Server
Uses Microsoft Exchange Sync Protocol (Airsync) • wbXML = XML with compressed tags • If using SSL, sniff of network will be unreadable
HTTP POST and HTTP OPTIONS
Be aware of network hops to Exchange front-end • Proxy Servers • Internet Security and Acceleration Firewall • Wireless Operator Network (proxies, gateways, etc.)
OPTIONS
The HTTP OPTIONS command is very important as it is used to differentiate exchange and Mobile Information Server. It must be able to get this through ISA or a firewall.
Step 1
IIS authenticates the user, grabbing a Kerberos Ticket Granting Ticket (TGT) for user
IIS gets responds first: • HTTP 401s come from IIS. • HTTP 403s when device is using HTTP but IIS forces SSL.
Note If you get proxy errors, look in IIS logs to see if IIS even received the request.
Step 2
IIS then loads up the .dll. • The URI is parsed and requested.
17
18
Module 11: Server Activesync
Step 3
DSAccess is used for Active Directory caching (shared with other components), detecting the domain topology. • Look for DSAccess errors in logs for Active Directory problems. • You only read from the directory, no writes.
Front End to Back End
User’s display name, e-mail address, back-end server name, version of the back-end.
User and global wireless enable flags; otherwise HTTP 403.
DSAccess forces us to run in the local system account, member of Exchange Domain Servers, member of Exchange Enterprise Servers account.
IIS 5 must run in process
IIS 6 can run in the Exchange Application pool which is already configured
Mailbox name computed from the Left Hand Side (LHS) of user’s primary SMTP address.
Authentication is Windows Integrated • Kerberos if available, fall back to NTLM otherwise. • All I/O done on user’s behalf.
Exchange ActiveSync is stateless • State on back-end. • No support for SSL to back-end, recommending Internet Protocol Security (IPSec) for secure communications.
Module 11: Server Activesync
19
Beneath the GUI: Sync Client Architecture
*****************************illegal for non-trainer use******************************
The sync protocol is a request/response protocol built on a client/server communications model. It is built on the HTTP protocol, using the HTTP POST request/response mechanism and the HTTP OPTIONS command. The HTTP POST header specifies a protocol command and, if the command requires it, command data is sent in the HTTP POST body. The data is usually formatted as compressed Wireless Binary XML (WBXML), which makes efficient use of the constrained bandwidth of mobile clients. The client initiates communication by posting a request. When the server receives the request, it parses the request and then sends an HTTP POST response containing the requested data in its body. The sync protocol requires a TCP/IP connection between the client and server. The underlying network layers, however, are implementation-specific. Three common transport layers that support the protocol are GPRS, CDMA 1xRTT and IEEE 802.11. The sync protocol requires that any transmission errors be handled by the networking software, and that the protocol messages sent between the client and server be complete and error-free. The sync protocol is designed to enable any mobile client to efficiently synchronize Personal Information Manager (PIM) data with data stored on an Exchange server. To achieve this, the client uses the sync protocol to talk to the Exchange front-end server component, which provides the synchronization engine as well as the means to retrieve data from the Exchange stores. Figure 1 above shows the functional components of the client/server communications model used by the sync protocol. The following steps occur for all commands the client sends to the server: 1. The client creates a request and sends it to the sync server as an HTTPS POST. 2. The sync server processes the request, communicating with the Exchange back-end server to access the user’s Personal Information Manager (PIM) data.
20
Module 11: Server Activesync
3. The sync server creates a response and sends it to the client as an HTTPS POST response. 4. The client processes the response and, if necessary, updates the local Personal Information Manager (PIM) data. The following steps occur when the client sends a Sync command: 1. The client identifies any changes made to local Personal Information Manager (PIM) data since the last sync. 2. The client creates a Sync command containing these changes. 3. The client sends the command to the sync server as an HTTPS POST. 4. The sync server identifies changes made to data on the server since the last sync, communicating with the Exchange back-end server to access the user’s data. 5. The sync server resolves any conflicts between changes made to items on the client and on the server. 6. The sync server creates a response containing server changes to be replicated on the client. 7. The sync server sends the response as an HTTPS POST response. The client processes the response and updates the local Personal Information Manager (PIM) data.
Module 11: Server Activesync
21
Beneath the GUI: Object Management on the Device
*****************************illegal for non-trainer use******************************
PIM data is stored in “collections”
PIM data is stored in “collections” - one for contacts, one for calendar, and one for each e-mail folder. The sync protocol supports syncing multiple e-mail folders.
Sync Key for each collection
For each collection, the client software stores a SyncKey, which contains 39-48 characters, 38 for the globally unique identifier (GUID), and 1-10 for the incrementing number. The client also stores a CollectionId, which is a string around 40 characters for each folder as a unique identifier for the folder. The client sends the SyncKey to the server with each sync request.
Each Object has a unique identifier
Each object that is synced – message, contact or calendar item – has a unique identifier assigned by the server. This ServerId is a 48-character string that is stored by the client. The identifier is used during sync to identify objects that are stored on both the client and server.
22
Module 11: Server Activesync
Beneath the GUI: Sync Protocol Versions and Device Support
*****************************illegal for non-trainer use******************************
Exchange ActiveSync requires that the client and the server use the same protocol version. Mobile Information Server uses the AirSync Protocol v1.0 for Exchange ActiveSync. Exchange Server 2003 uses the new and improved AirSync protocol v2.0 for Exchange ActiveSync, but also supports AirSync protocol v1.0 for backward compatibility. Server
Protocols Supported
Mobile Information Server 2002
1.0
Exchange Server 2003
1.0 and 2.0
Pocket PC 2002 client uses AirSync protocol v1.0 for Exchange ActiveSync. It can be used against MIS and Exchange Server 2003 using v1.0. Pocket PC 2003 client supports v1.0 and v2.0 protocols. It can negotiate the protocol to be used. Device
Protocols Supported
Pocket PC 2002
1.0
Pocket PC 2003
1.0 and 2.0
Therefore Pocket PC 2002 and Pocket 2003 devices can be used against Mobile Information Server and Exchange 2003. Server
Devices Supported
Mobile Information Server 2002
Pocket PC 2002 and Pocket PC 2003
Exchange Server 2003
Pocket PC 2002 and Pocket PC 2003
Module 11: Server Activesync
23
Beneath the GUI: Sync Protocol Negotiation
*****************************illegal for non-trainer use******************************
If a Pocket PC 2003 device is configured to connect to Mobile Information Server, on the first sync, the device automatically configures the client to sync using v1 protocol. If it is configured to connect to Exchange 2003 server, on the first sync, the device automatically configures the client to sync using v2 protocol. This protocol negotiation is done when: 1. The device is cold booted. 2. When the server name on the device is changed, a sync is attempted first. If the server returns a Sync Key error, protocol negotiation is done. 3. PIM information on the device is deleted. The data types inbox, contacts and calendar are unselected, thereby deleting PIM information on the device. 4. When a Mobile Information Server 2002 deployment has been upgraded to Exchange 2003 deployment. To optimize performance, this negotiation is only done if the client protocol version is not already set to the higher protocol version it can support. The negotiation is done automatically. There is no user interface (UI) to enable this. During the negotiation, the client sends an OPTIONS command to the server. The OPTIONS response from the server returns information about all the protocol versions it can support in a comma delimited format. This information is returned in the MS-ASProtocolVersions parameter. If the response contains v1, the ClientProtocolVersion is set to v1. If the response returns both, the ClientProtocolVersion is set to v2. The client maintains the protocolversion and also another parameter to indicate whether negotiation has taken place
24
Module 11: Server Activesync =-=-=-= Client Request =-=-=-= OPTIONS Microsoft-ServerActiveSync?User=vanithp&DeviceId=3DC1E291F008003188000050BF325 173&DeviceType=PocketPC Accept-Language: en-us -=-=-=- Start of Body -=-=-==-=- [26/4/2003 23:45:59.0] -=-= =-=-=-= Server Response =-=-=HTTP/1.1 200 OK Content-Length: 0 Date: Sat, 26 Apr 2003 23:45:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET Pragma: no-cache Public: OPTIONS, POST Allow: OPTIONS, POST MS-Server-ActiveSync: 2.0.3273.0 MS-ASProtocolVersions: 1.0,2.0 MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarc hy,CreateCollection,DeleteCollection,MoveCollection,FolderSync ,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstim ate,MeetingResponse,Notify
Module 11: Server Activesync
25
Beneath the GUI: SSL Requirement
*****************************illegal for non-trainer use******************************
Pocket PC 2002
The Exchange ActiveSync client on a PocketPC 2002 device is hard coded to use Secure Sockets Layer (SSL). Therefore, an SSL certificate should be installed on Exchange 2003 server or the Exchange 2003 front-end server to terminate the SSL connection, unless the SSL session is terminated before it reaches the Exchange server. The Exchange ActiveSync client on Pocket PC 2002 also does certificate validation. The following is a list of root certificates installed by default on PocketPC 2002 devices:
Verisign/RSA Secure Server
Verisign Class 1 Public Primary certification authority (CA)
Verisign Class 2 Public Primary CA
Verisign Class 3 Public Primary CA
Verisign Class 3 Public Primary CA (2028)
GTE Cybertrust ROOT
GTE Cybertrust Solutions ROOT
Thawte Server CA
Thawte Premium Server CA
Entrust.net Secure Server
Entrust.net CA (2048 bit)
If you are using a certificate that is not signed by a CA listed above or not trusted on the PocketPC 2002, you can either use the Addrootcert utility to add your cert to the list of trusted root certificates or you can disable certificate validation on the device by using a CAB file provided on the Microsoft Mobile Information Server 2002 CD for PPC 2002 or certchk for PPC 2003 available in the Exchange 2003 Web Releases.
26
Module 11: Server Activesync
See the readme that is provided with the CAB file for more information. Using the CAB file does not remove the requirement for a certificate. It simply disables certificate validation by changing a registry setting on the device. To do this manually, use a registry editor on the device and navigate to: HKEY_CURRENT_USER\Software\Microsoft\AirSync\Connection. Choose New DWORD, type "Secure" for value name and 0 for value data.
Pocket PC 2003
The Server ActiveSync client on a PocketPC 2003 does not require SSL. There is a checkbox on the client “This server uses secure connections (SSL)” to enable SSL. It is highly recommended that SSL be used to secure communications. If SSL is not used, the user’s credentials are sent in clear text across the wire, and this is clearly not a desirable option.
Authentication in a Front End/Back End configuration
The device sends the credentials using basic authentication (over SSL if the option “This server uses secure connections (SSL) is checked to the frontend server. The front end authenticates the user.
Exchange ActiveSync queries the Active Directory to obtain the user’s display name, primary SMTP address and the Exchange server name.
A Kerberos ticket is obtained from the Kerberos Distribution Center (KDC) and Exchange ActiveSync presents the ticket to the back-end Exchange server.
Information is retrieved from the back end and returned to the device.
Module 11: Server Activesync
27
Beneath the GUI: Sync Protocol Commands
*****************************illegal for non-trainer use******************************
With Sync protocol v1.0, a typical sync session includes the following commands. GetHierarchy
The GetHierarchy command is used to retrieve the entire hierarchy of folders.
GetItemEstimate
GetItemEstimate is used by the client to get an estimate of the number of items that need to be synchronized. The client passes a list of folders for which it wants an estimate. This estimate facilitates the progress bar display on the device.
Sync
Sync command had other commands embedded within it (Add, Change, etc). Sync protocol version 2.0 adds support for Folder sync and Up To Date.
Sync Command Format
Protocol commands are sent using the HTTP POST mechanism. Some simple commands are contained entirely in the client request Universal Resource Indicator (URI), and more complex commands use the HTTP Body to convey further information about the command. A sync session may consist of multiple commands. In this case, the session will be made up of multiple pairs of command requests and responses sent back and forth between the client and server. There are three parts to a request:
28
URI
Module 11: Server Activesync URI
The HTTP Universal Resource Indicator. This part includes the server address and several parameters, including the command name.
HTTP Header
Additional parameters used by the server are transmitted in standard HTTP format.
HTTP Body
Data needed by the command. The format varies by command, and some commands have no body.
The following example shows a typical sync request URI: POST /Microsoft-Server-ActiveSync?User=johndoe& DeviceId=789123456789012345&DeviceType=PocketPC&Cmd=Sync
The parameters such as Cmd, User, and DeviceId are sent by the client with each request. The most important parameter is the Cmd parameter, which indicates to the server what operation it should perform. In this example, the Sync argument passed in the Cmd parameter indicates to the server that a sync operation should be performed. Additional data is contained in the HTTP POST body. Header
In addition to the URI, the client also sends some general information in the HTTP Header. The following example shows the entire HTTP POST request Header, along with the URI: POST Microsoft-Server-ActiveSync?User=johndoe& DeviceId=789123456789012345&DeviceType=PocketPC&Cmd=Sync Accept-Language: en-us MS-ASProtocolVersion: 2.0 Content-Type: application/vnd.ms-sync.wbxml
The server responds with some general information in the Header. The following entry contains the HTTP POST response Header: HTTP/1.1 200 OK Content-Length: 114 Date: Sat, 26 Apr 2003 23:46:17 GMT Content-Type: application/vnd.ms-sync.wbxml Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET Pragma: no-cache MS-Server-ActiveSync: 2.0.3273.0
Body
The request body contains data sent to the server. The type and format of the data varies by command. The most common format is XML, and the details depend on the command. Commands that send e-mail messages use RFC 822 format rather than XML. Some commands do not require extra data, so the body is empty. The response body contains data returned from the server. As with the request body, the format varies by command. Usually it is in WBXML format. When the body contains an e-mail attachment, the format depends on the type of the attachment file. Some commands do not use the body.
Module 11: Server Activesync
Sync Command
29
This section shows an example of a sync request from a client, and the matching sync response that a server might return. The example sync request contains those contacts that have been added, deleted, or changed on the client. The request also asks the server to respond with any contacts that have been changed there and specifies the number of items to return. In the example sync response, the server indicates the success of the requested add, delete, and change operations and returns a list of its own adds, deletes, and changes. It also notifies the client that there are more items remaining to be synchronized.
For more information on sync requests from clients see Module 11 Appendix B.
30
Module 11: Server Activesync
Beneath the GUI: Synchronization and DAV Replication
*****************************illegal for non-trainer use******************************
Synchronization or Replication in the Document Authoring and Versioning (DAV) context is the client-initiated process of fetching the manifest of a collection, downloading the changed resources from the server, and uploading the changed resources to the server. A set of methods, headers, and properties extend the HTTP and World Wide Web Document Authoring and Versioning (WebDAV) protocols to support replication of Web resources. For example, PROPFIND method is used to fetch the properties of an existing DAV resource. PROPFIND method in DAV Replication context is used to download the property changes for a particular DAV resource. The Front End issues a normal PROPFIND or Search command and includes an additional XML element tree that requests the replication semantics. This XML contains the client’s current CollBlob. This CollBlob represents the current state of the client's data. The server then returns the PROPFIND or Search results as normal except that it only returns items that the client does not already have the current version of, as well as information about how those items have changed. Every replicated resource has a resource tag associated with it, which reflects the current state of that particular resource. Every time a resource’s properties or contents change, the resource tag associated with that particular resource is updated.
Definitions Resource
A resource is an object in the namespace that is referred to by a URI. Resources include documents, collections, etc.
Repl-uid
A repl-uid is a universally unique identifier that identifies a DAV resource. The value of this property is a URI
Module 11: Server Activesync
31
Manifest of a collection
A manifest of a collection is the list of changes for a collection that is provided by the server to the client. The client obtains the manifest using the Search method.
CollBlob
A CollBlob is an opaque binary stream generated by the server that represents the state of the contents of a collection. CollBlob is an XML element. The CollBlob contains information about all the changes that the client has seen in the collection’s contents and the query specified in the manifest request. The CollBlob tracks only resources that match the search criteria specified as part of the query in the manifest request. The server returns the CollBlob data in the CollBlob XML element in response to the client’s request for the manifest. On the other hand, if the client has previously obtained a CollBlob for a collection, then the client includes the old CollBlob in the CollBlob XML element as part of the manifest request for the collection.
resourcetag
A resourcetag is a token generated by the server that represents the current state of a DAV resource (depth=0). The value of this property is a URI. Every time a resource’s properties or contents change, the resourcetag associated with that particular resource is updated.
resourcetaglist
A resourcetaglist is a container for the client to use to include the list of resourcetags when requesting the manifest of a collection from the server.
repl
The repl is a XML Element that is a generic container for properties defined in the replication namespace http://schemas.microsoft.com/repl related to the resource.
32
Module 11: Server Activesync
Lesson 4: Troubleshooting
*****************************illegal for non-trainer use******************************
Introduction
This lesson will look at a number of troubleshooting tips, tricks, and techniques that will help you discover what is causing Exchange ActiveSync to fail and how to fix it
Module 11: Server Activesync
33
Troubleshooting: General
*****************************illegal for non-trainer use******************************
With all issues, it would pay to make sure that Exchange ActiveSync is configured correctly. In the following section we will discover some troubleshooting steps for Exchange ActiveSync browse Things to Try
Exchange ActiveSync needs Outlook Web Access to work. The initial checks should be to ensure the Global Setting for Exchange ActiveSync is enabled, followed by ensuring the User has User Initiated Synchronization enabled as well. Next check that Outlook Web Access works using Internet Explorer. Connect to the following Web pages: http://<Exchange2003-backend>/exchange http://<Exchange2003-frontend>/exchange
Next check that Outlook Mobile Access works, but using Internet Explorer. Connect to the following Web pages: http://<Exchange2003-backend>/oma http://<Exchange2003-frontend>/oma
Next check what happens when you connect to the following Web page: https://<exchange2003-frontend >/Microsoft-server-activesync http://<exchange2003-frontend >/Microsoft-server-activesync
You should get one of the following after supplying credentials:
“Error 501/505 - Not implemented or not supported” “HTTP/1.1 501 Not Implemented”
34
Module 11: Server Activesync
If you see the above error with HTTP and but not with HTTPS then it could be a certificate issue. 330461
330461 HOW TO: Troubleshoot Exchange ActiveSync
Summary This article discusses some basic troubleshooting steps that you can take to determine the cause of synchronization failure between your PocketPC device and a Microsoft Exchange server.
About Server ActiveSync Microsoft Mobile Information Server 2002 includes a component named Microsoft Server ActiveSync. Server ActiveSync supports data synchronization between your PocketPC device and an Exchange server. In the past, it was possible to synchronize information with a desktop computer by using ActiveSync. With Server ActiveSync, you can synchronize personal information such as messages, contacts and calendar information with the Exchange server. You can synchronize information for a message class (e-mail, contacts or calendar) with either the desktop computer or the server but not both. For example, if you synchronize your Inbox with an Exchange server, you cannot also synchronize it with your desktop computer by running Exchange ActiveSync. Synchronization with a server is not supported on all devices. It is only supported on devices that are running Pocket PC 2002 with the Exchange ActiveSync client update installed. Exchange ActiveSync uses industry standard technologies, including HTTP and XML, to enable synchronization. Users who use Exchange ActiveSync to synchronize their information authenticate the PocketPC device by using their standard enterprise credentials. Synchronization traffic between the device and the Mobile Information Server computer is encrypted using Secure Sockets Layer (SSL).
Synchronization Errors When you synchronize your PocketPC device with an Exchange server, you may receive error messages on your device. These error messages provide basic information about the problem that you are encountering. Several error messages may appear either on the PocketPC device or in the NexTags log file. These error messages fall in one of the following categories:
CONNMGR_errorcode: Connection Manager Error
DEV_errorcode: This error code indicates that the error is from the Server ActiveSync client update on the device (from the synchronization ROM on the device).
HTTP_errorcode: Standard HTTP error (Internet related)
INTERNET_errorcode: Standard WinInet error (Internet related).
MIS_errorcode: This error code indicates that the error is from the Mobile Information Server with the Exchange ActiveSync component installed.
Module 11: Server Activesync
35
Verbose Logging You can also turn up logging on the device to gather more information for troubleshooting purposes. To enable logging on the device: 1. Click Start, point to Programs, and then click ActiveSync. 2. Click Tools, click Options, click Server, and then click Advanced. 3. Minimize the keyboard. 4. Change the logging level to "Verbose". 5. Close the Options dialog box. The log is saved in text format in the Windows\ActiveSync folder. The log file is cleared at the beginning of each synchronization session. To retain the log file, copy or rename the log file before you start another synchronization session. To copy the log file: 1. Synchronize your PocketPC device with the server. If the synchronization fails, synchronize until the point of failure. 2. Disconnect your PocketPC device to prevent the log file from being overwritten if an automatic synchronization is scheduled. 3. In Windows Explorer, expand My Device, expand Windows, and then locate the log file that is in the ActiveSync folder. 4. Rename the log file.
How to Use NexTags for Server Tracing You can use NexTags to set the type and level of server tracing (logging) that is performed by the Exchange ActiveSync component of Microsoft Mobile Information Server 2002. NexTags is located in the Support folder on the Mobile Information Server 2002 CD-ROM. To use NexTags: 1. Run NexTags.exe on the server that is running Exchange ActiveSync. 2. Click Options, and then in the Trace File box, type a location for the output file. 3. Set Trim Percentage to 30%. 4. Set Limit file size to 10 MB. 5. To capture logs for all users leave User Names blank , or to capture logs for individual users, type the user aliases separated by a semicolon (;). 6. Click to clear the Real Time check box. 7. Click Tags, and then enable all items in the tree. 8. Click Enable Tracing. 9. Click OK. After you complete this configuration, the Exchange server records all the logging information to the file that you specified on the "Options" tab. This log can be useful to troubleshoot synchronization failures. When you have finished troubleshooting the error, make sure you turn off tracing to stop NexTags from recording log files.
36
Module 11: Server Activesync
How to Troubleshoot Connectivity by Using Wfetch Wfetch.exe helps you troubleshoot connectivity issues between Microsoft Mobile Information Server and the Exchange server. Wfetch sends data directly to the Exchange server by impersonating the Exchange ActiveSync Process. Basically, you can send a propfind command or any HTML command and see the HTTP data that is sent and received. Note For additional information about how to use Wfetch.exe, view the article in the Microsoft Knowledge Base: KBLink:284285.KB.EN-US: HOW TO: Use Wfetch.exe to Troubleshoot HTTP Connections. For additional information on troubleshooting Microsoft Server Active Sync see Module 11 Appendix C.
Module 11: Server Activesync
37
Troubleshooting: Debug Tracing
*****************************illegal for non-trainer use******************************
Steps to enable logging on the device: 1. Click Start, ActiveSync, Tools, Options, Server, Advanced. 2. Minimize the keyboard. 3. Change the logging level to Brief or Verbose. 4. Close the Options dialog. Setting the logging level to brief logs the headers whereas setting it to verbose logs sync requests and responses in addition to the headers. The log is saved in text format in the Windows\ActiveSync folder, for example: windows\ActiveSync\serverlog0. By default the log file gets cleared at the beginning of a sync session. It is important to rename the file before you start another sync. If you have configured automatic synchronization, it is especially important to rename this file to prevent it from being overwritten. With PocketPC 2003 devices, it is possible to specify the number of log files to generate before overwriting. This can be specified through a registry key on the device. HKEY_CURRENT_USER\Software\Microsoft\AirSync\Logging.
The value for “Number of Logs” can be changed from the default of 1.
Steps to retrieve the log file:
1. Sync till the point of failure. 2. Disconnect the device. This is to prevent the log file from getting overwritten by the next automatic sync. If you have Up To Date set up, disconnecting the device will force a sync wirelessly to re-enable
38
Module 11: Server Activesync
notifications. Notifications are disabled when the device is cradled. If Up To Date is used, it is best to change the number of log files as indicated before to avoid disconnecting the device. 3. Click on Start, Programs, File Explorer. 4. In File Explorer, browse to the My Device\Windows\ActiveSync folder. 5. Tap and hold on the file “ServerLog0” and rename it to some other name (for example, “Log0”). 6. Connect to the desktop. 7. In the desktop Exchange ActiveSync program, choose Explore, browse to the ActiveSync folder, and copy the log file to a folder on the desktop. 8. Turn the logging back to Brief or None. Here is an Example Device Log:
Module 11: Server Activesync
39
=-= Build 13100 =-= =-= No XIP Information Available =-= alone =-=- [17/2/2004 1:25:39.0] -=-= =-=-=-= Client Request =-=-=-= POST Microsoft-ServerActiveSync?User=wypfl9&DeviceId=EXN1JXGBB&DeviceType=PocketPC& Cmd=FolderSync Accept-Language: en-us MS-ASProtocolVersion: 2.0 Content-Type: application/vnd.ms-sync.wbxml -=-=-=- Start of Body -=-=-=
<SyncKey>{DE58A70F-3B27-4D02-8FACA89D16748C81}1 =-=- [17/2/2004 1:25:39.0] -=-= =-=-=-= Server Response =-=-=HTTP/1.1 401 Unauthorized Content-Length: 83 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="alone" X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 6.0.2.5530 Date: Tue, 17 Feb 2004 09:30:53 GMT
-=-=-=- Start of Body -=-=-=
<SyncKey>{DE58A70F-3B27-4D02-8FACA89D16748C81}1 =-=- [17/2/2004 1:25:39.0] -=-= =-=-=-= Server Response =-=-=HTTP/1.1 401 Unauthorized Content-Length: 83 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACQAJADgAAAAGgokCs17SbT0taK4AAAAAAAAAAJoAmgBBAA AABQLODgAAAA9IT01FQUxPTkUCABIASABPAE0ARQBBAEwATwBOAEUAAQAKAEEA TABPAE4ARQAEAB4AaABvAG0AZQBhAGwAbwBuAGUALgBsAG8AYwBhAGwAAwAqAG EAbABvAG4AZQAuAGgAbwBtAGUAYQBsAG8AbgBlAC4AbABvAGMAYQBsAAUAHgBo AG8AbQBlAGEAbABvAG4AZQAuAGwAbwBjAGEAbAAAAAAA X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 6.0.2.5530 Date: Tue, 17 Feb 2004 09:30:53 GMT
40
Module 11: Server Activesync
Troubleshooting: Debug Tracing
NexTags
With Mobile Information Server 2002, NexTags was shipped on the CD and enabled tracing of the entire sync session. With Exchange ActiveSync, NexTags will not be shipped with Exchange Server 2003. It will be available to Microsoft® Product Support Services to use as required. To troubleshoot Exchange ActiveSync issues, enable all tags except DevMode in NexTags. To use NexTags, follow the steps below: 1. Run NexTags.exe on the server running Exchange ActiveSync. 2. On the Options tab, specify a location for the output file in the Trace File field. 3. Set Trim Percentage to 30%. 4. Set the ‘Limit file size to:’ 10 mb. 5. Leave User Names: blank to capture all users. For individual users, enter the user's alias or aliases, separated by a semi-colon (;). 6. For Mode, be sure Real Time is unchecked. 7. On the Tags tab, navigate down the whole tree and enable everything. 8. Click Enable Tracing. 9. Click Apply to confirm all settings and OK to exit. When users specify an attempt to sync, Exchange ActiveSync will output all logging information to the file specified on the 'Options' tab. This is useful for troubleshooting and when working with Microsoft Product Support Services to determine the cause for synchronization failures. When you have finished, make sure that you click on ‘Disable Tracing’ to stop NexTags.
Module 11: Server Activesync
41
The NexTags log can be read in conjunction with the IIS logs. A typical sync session includes a GetHierarchy, GetItemEstimate and Sync. For example the IIS log on the Exchange ActiveSync server will contain: 2002-01-16 19:52:15 192.168.97.6 lc1\sync2 157.57.157.29 443 POST /MSAS/MasSync.dll User=sync2&DeviceId=D8000BF46AB950A138000050BF1977E0&DeviceTyp e=PocketPC&Cmd=GetHierarchy&Log=NAC:0A0C0D0FS:0A0C0D0SP:1C2I13 52S4200R 200 2002-01-16 19:52:17 192.168.97.6 lc1\sync2 157.57.157.29 443 POST /MSAS/MasSync.dll User=sync2&DeviceId=D8000BF46AB950A138000050BF1977E0&DeviceTyp e=PocketPC&Cmd=GetItemEstimate&Log=NAC:0A0C0D0FS:0A0C0D0SP:1C2 I1218S2121R 200 2002-01-16 19:52:19 192.168.97.6 lc1\sync2 157.57.157.29 443 POST /MSAS/MasSync.dll User=sync2&DeviceId=D8000BF46AB950A138000050BF1977E0&DeviceTyp e=PocketPC&Cmd=Sync&Log=EmC:0A0C0D0FS:1A0C0D0SP:1C3I3332S4023R 200 Microsoft-AirSync/1.0
A typical NexTags output will dump the transactions between the device and Exchange ActiveSync server, and the transactions between the Exchange ActiveSync server and the Exchange server. The NexTags output corresponding to the entries in the IIS log as stated above would be: Dump of client message request for GetHierarchy HTTP Request from Exchange ActiveSync to Exchange HTTP Response from Exchange to Exchange ActiveSync Dump of client message response Dump of client message request for GetItemEstimate HTTP Request from Exchange ActiveSync to Exchange HTTP Response from Exchange to Exchange ActiveSync Dump of client message response Dump of client message request for Sync HTTP Request from Exchange ActiveSync to Exchange HTTP Response from Exchange to Exchange ActiveSync Dump of client message response InitServerManifestReque st
In the NexTags log, the InitServerManifestRequest function identifies the request to fetch the manifest of a collection. The following guidelines are used in fetching the manifest of a collection. A manifest of a collection is the list of changes in the collection that is provided by the server to the client. The client obtains the manifest using the SEARCH method.
42
Module 11: Server Activesync
If the client has never fetched the manifest of a collection, then the client performs the following steps in order to fetch the manifest from the server: Use the SEARCH method. Include the searchrequest XML element in the SEARCH body. Include the repl XML element within the searchrequest XML element. Include the collblob XML tag, to request for the manifest. Include the sql XML element to specify the criteria that the server must evaluate in order to provide the appropriate manifest. The query specified in the sql XML element will be associated by the server with the collblob and hence cannot be changed for the lifetime of the collblob except for the columns or properties list. Send the completed request to the server. In response to the request, the server provides the following in its response: Multi-Status response for SEARCH A repl XML element that has the collblob XML element within it. The collblob XML element includes the opaque collblob binary stream. The server associates the sql query provided in the SEARCH request with the collblob. For each change that matches the criteria given by the client in the SEARCH request, the server includes the change in a response XML element. The response XML element includes: href that identifies the resource prop XML element that includes all the properties that the client requested for. changetype XML element that describes the type of the change,ex change or delete. If the client has fetched the manifest of a collection previously, then the client will perform the steps listed above with one change. It will include the previously obtained collblob for the collection in collblob XML element in order to request for the updated manifest. The server provides the updated collblob.
Module 11: Server Activesync
Troubleshooting: Debug Tracing: NexTags
*****************************illegal for non-trainer use******************************
The following pages go over a number of scenarios and look at the output created in the NexTags logs SCENARIO 1
NexTags log for an e-mail sync session where there are no changes:
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH to get the Manifest
01/14/02 18:30:41 Dump of HTTP request. PROPFIND /exchange/sync1/ HTTP/1.1 Host: VANITHP1 <propfind xmlns="DAV:" xmlns:A="urn:schemas:httpmail:"> <prop>
43
44
Module 11: Server Activesync 01/14/02 18:30:41 Dump of HTTP response. HTTP/1.1 207 Multi-Status http://VANITHP1/exchange/sync1/ HTTP/1.1 200 OK http://VANITHP1/exchange/sync1/Inbox http://VANITHP1/exchange/sync1/Drafts http://VANITHP1/exchange/sync1/Deleted%20Ite ms http://VANITHP1/exchange/sync1/Sent%20Items http://VANITHP1/exchange/sync1/Outbox http://VANITHP1/exchange/sync1/Tasks http://VANITHP1/exchange/sync1/Calendar http://VANITHP1/exchange/sync1/Contacts http://VANITHP1/exchange/sync1/Notes http://VANITHP1/exchange/sync1/%23%23DavMailSubmi ssionURI%23%23/ http://VANITHP1/exchange/sync1/Journal
Module 11: Server Activesync
45
01/14/02 18:30:41 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 Host: VANITHP1 …. <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="http://schemas.microsoft.com/mapi/proptag/" xmlns:F="urn:schemas-microsoft-com:office:office"> <sql>SELECT "DAV:hassubs", "DAV:displayname", "http://schemas.microsoft.com/exchange/permanenturl", "DAV:href" FROM Scope('HIERARCHICAL TRAVERSAL OF ""') WHERE (("DAV:ishidden" = FALSE) AND (("DAV:contentclass" = 'urn:content-classes:mailfolder') OR ("DAV:contentclass" = 'urn:content-classes:folder')))
46
Module 11: Server Activesync 01/14/02 18:30:41 Dump of HTTP response. HTTP/1.1 207 Multi-Status ….. http://VANITHP1/exchange/sync1/Deleted%20Items/ HTTP/1.1 200 OK 0 Deleted Items http://VANITHP1/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e5778 http://VANITHP1/exchange/sync1/Deleted%20Items/ http://VANITHP1/exchange/sync1/Drafts/ HTTP/1.1 200 OK 0 Drafts http://VANITHP1/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e4e50 http://VANITHP1/exchange/sync1/Drafts/ http://VANITHP1/exchange/sync1/Inbox/ HTTP/1.1 200 OK 0 Inbox
Module 11: Server Activesync
47
http://VANITHP1/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e5775 http://VANITHP1/exchange/sync1/Inbox/ http://VANITHP1/exchange/sync1/Outbox/ HTTP/1.1 200 OK 0 Outbox http://VANITHP1/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e5776 http://VANITHP1/exchange/sync1/Outbox/ http://VANITHP1/exchange/sync1/Sent%20Items/ HTTP/1.1 200 OK 0 Sent Items http://VANITHP1/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e5777 http://VANITHP1/exchange/sync1/Sent%20Items/
In the above response, you can observe use of flat URLs (the long IDs) instead of the normal named URLs (/exchange/sync1/inbox) because the user could rename a folder or mail message. For ex. the flat URL for http://VANITHP1/exchange/sync1/Inbox/ is: 80e4d0981f339e40a418e03fc924986e-5775.
48
Module 11: Server Activesync
Next you issue a GET command. The Exchange ActiveSync server does not store any sync profile information for the users. The sync state is stored within a hidden folder in the user’s mailbox on the Exchange server. The folder is Microsoft-Server-ActiveSync within the non_ipm_subtree. For ex. the sync profile for user sync1 is PocketPC/D8000BF46AB950A138000050BF1977E0. This can be viewed using the PROFLCLN tool. In the GET command below, the first long ID corresponds to the sync profile and the second long ID corresponds to the flat URL for Inbox. 01/14/02 18:30:43 Dump of HTTP request.
GET /exchange/sync1/NON_IPM_SUBTREE/Microsoft-ServerActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80 e4d0981f339e40a418e03fc924986e-5775 HTTP/1.1 Host: VANITHP1 01/14/02 18:30:43 Dump of HTTP response. HTTP/1.1 200 OK Unknown body content type of application/octet-stream with length of 492
Next, perform a SEARCH to get the Manifest.
Module 11: Server Activesync
49
01/14/02 18:30:43 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 … <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="http://schemas.microsoft.com/mapi/proptag/" xmlns:F="urn:schemas-microsoft-com:office:office"> toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA AAW1K8v1AAAQAEAAAAAFIAAV+/UAA= <sql>SELECT "http://schemas.microsoft.com/repl/repl-uid" FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"') 01/14/02 18:30:43 Dump of HTTP response. HTTP/1.1 207 Multi-Status Server: Microsoft-IIS/5.0 Date: Mon, 14 Jan 2002 18:30:43 GMT Content-Type: text/xml Accept-Ranges: rows MS-WebStorage: 6.0.4712 Transfer-Encoding: chunked
toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=
SCENARIO 2
NexTags log for an e-mail sync session where there is one email to be synchronized to the device.
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH with Collblob.
A response is returned with the e-mail message.
GET (same as step 3)
50
Module 11: Server Activesync
SEARCH (Note that the SQL XML element query is different here. Details of the message are requested. From, To, Body text, attachment information etc). The SEARCH response returns this information.
PUT. The new sync profile is written.
Steps 1 through 3 are the same as in Scenario 1. Now look at step 4 onward. In Scenario 1, there were no e-mail items to be returned. In Scenario 2, one email item is returned. For this e-mail item, the HTTP Response contains the href that identifies the resource, the prop XML element that includes all the properties that the client requested for, changetype XML element that describes the type of the change. 01/14/02 20:52:21 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: text/xml Content-Length: 702 Connection: Keep-Alive <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="http://schemas.microsoft.com/mapi/proptag/" xmlns:F="urn:schemas-microsoft-com:office:office"> toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA AAW1K8v1AAAQAEAAAAAFIAAV+/UAA= <sql>SELECT "http://schemas.microsoft.com/repl/repl-uid" FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"')
Module 11: Server Activesync
51
01/14/02 20:52:21 Dump of HTTP response. HTTP/1.1 207 Multi-Status Server: Microsoft-IIS/5.0 Date: Mon, 14 Jan 2002 20:52:21 GMT Content-Type: text/xml Accept-Ranges: rows MS-WebStorage: 6.0.4712 Transfer-Encoding: chunked
http://VANITHP1/exchange/sync1/Inbox/test%20message% 20%232.EML change HTTP/1.1 200 OK rid:80e4d0981f339e40a418e03fc924986e000000005bc0 toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARyuUAABAAUAAA AAW1K8wFAAAQAEAAAAAFIAAV+/UAA= 01/14/02 20:52:23 Dump of HTTP request. GET /exchange/sync1/NON_IPM_SUBTREE/Microsoft-ServerActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80e4d0981 f339e40a418e03fc924986e-5775 HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Translate: f Content-Length: 0 Connection: Keep-Alive
52
Module 11: Server Activesync 01/14/02 20:52:23 Dump of HTTP response. HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Mon, 14 Jan 2002 20:52:23 GMT WWW-Authenticate: Negotiate oYIBLDCCASigAwoBAKELBgkqhkiC9xIBAgKigYgEgYVggYIGCSqGSIb3EgECAg IAb3MwcaADAgEFoQMCAQ+iZTBjoAMCAReiXARaM8teRyeGVZKtNZgHntHheWsc ah5aDYn/rf6b+tR1Zp8mARKBloD21l8qZfvVX/Kec7aCuVxgSOH0Xqp8TiIVSN 7Gpm9KaZNnaCBHaLcEPW7ZQsciPamrMovVo4GIBIGFYIGCBgkqhkiG9xIBAgIC AG9zMHGgAwIBBaEDAgEPomUwY6ADAgEXolwEWjPLXkcnhlWSrTWYB57R4XlrHG oeWg2J/63+m/rUdWafJgESgZaA9tZfKmX71V/ynnO2grlcYEjh9F6qfE4iFUje xqZvSmmTZ2ggR2i3BD1u2ULHIj2pqzKL1Q== Content-Type: application/octet-stream Content-Length: 492 ETag: "80e4d0981f339e40a418e03fc924986e000000011caa" Last-Modified: Mon, 14 Jan 2002 18:29:51 GMT Accept-Ranges: bytes ResourceTag: MS-WebStorage: 6.0.4712
Unknown body content type of application/octet-stream with length of 492 01/14/02 20:52:23 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: text/xml Content-Length: 2010 Connection: Keep-Alive Range: rows=0-99 <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="urn:schemas:httpmail:" xmlns:F="urn:schemas:mailheader:" xmlns:G="http://schemas.microsoft.com/mapi/proptag/" xmlns:H="urn:schemas:calendar:" xmlns:I="urn:schemasmicrosoft-com:office:office" xmlns:J="http://schemas.microsoft.com/mapi/"> toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARymUAABAAUAAA AAW1K8v1AAAQAEAAAAAFIAAV+/UAA=
Module 11: Server Activesync
53
<sql>SELECT "http://schemas.microsoft.com/repl/resourcetag","http://schema s.microsoft.com/repl/repluid","DAV:ishidden","DAV:isfolder","urn:schemas:mailheader:to" ,"urn:schemas:mailheader:cc","urn:schemas:mailheader:from","ur n:schemas:mailheader:subject","urn:schemas:mailheader:replyto","urn:schemas:httpmail:datereceived","urn:schemas:httpmail: displayto","urn:schemas:mailheader:threadtopic","urn:schemas:httpmail:importance","urn:schemas:httpmail :read","urn:schemas:httpmail:hasattachment","urn:schemas:httpm ail:textdescription","http://schemas.microsoft.com/exchange/ou tlookmessageclass","urn:schemas:calendar:alldayevent","urn:sch emas-microsoftcom:office:office#Keywords","urn:schemas:calendar:dtstart","ur n:schemas:calendar:dtstamp","urn:schemas:calendar:dtend","urn: schemas:calendar:instancetype","urn:schemas:calendar:location" ,"urn:schemas:calendar:organizer","urn:schemas:calendar:recurr enceid","urn:schemas:calendar:reminderoffset","urn:schemas:cal endar:responserequested","urn:schemas:calendar:rrule","http:// schemas.microsoft.com/exchange/sensitivity","http://schemas.mi crosoft.com/mapi/intendedbusystatus","http://schemas.microsoft .com/mapi/timezonestruct","http://schemas.microsoft.com/mapi/g lobal_objid" FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/-FlatUrlSpace/80e4d0981f339e40a418e03fc924986e-5775"')
54
Module 11: Server Activesync 01/14/02 20:52:23 Dump of HTTP response. HTTP/1.1 207 Multi-Status Server: Microsoft-IIS/5.0 Date: Mon, 14 Jan 2002 20:52:23 GMT Content-Type: text/xml Accept-Ranges: rows Content-Range: rows 0-99; total=* MS-WebStorage: 6.0.4712 Transfer-Encoding: chunked
0-99 http://VANITHP1/exchange/sync1/Inbox/test%20message% 20%232.EML change HTTP/1.1 200 OK rt:80e4d0981f339e40a418e03fc924986e000000005b c080e4d0981f339e40a418e03fc924986e000000011cae rid:80e4d0981f339e40a418e03fc924986e000000005bc0 0 0 <e:to>"sync1" <[email protected]> <e:from>"sync1" <[email protected]> <e:subject>test message #2 2002-0114T20:51:46.116Z sync1 <e:thread-topic>test message #2 1 0 0 test IPM.Note "sync1" <[email protected]>
Module 11: Server Activesync
55
0 toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA4AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABARyuUAABAAUAAA AAW1K8wFAAAQAEAAAAAFIAAV+/UAA= 01/14/02 20:52:23 Dump of HTTP request. PUT /exchange/sync1/NON_IPM_SUBTREE/Microsoft-ServerActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80e4d0981 f339e40a418e03fc924986e-5775 HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: application/octet-stream Content-Length: 514 Connection: Keep-Alive Unknown body content type of application/octet-stream with length of 514 01/14/02 20:52:23 Dump of HTTP response. HTTP/1.1 100 Continue Server: Microsoft-IIS/5.0 Date: Mon, 14 Jan 2002 20:52:23 GMT
SCENARIO 3
NexTags log for an e-mail sync session where one mail message is composed and sent from the device:
PROPFIND
SEARCH (to get flatURLs)
GET
SEARCH with Collblob.
PROPFIND – The client sends a sendmsg request. Response contains the DAV Mail Submission URI.
POST. The client posts a message.
GET (same as step 3)
SEARCH - The SEARCH response returns information on the new message (in this case the message was posted to self).
PUT writes the new sync profile information.
Steps 1 through 3 are the same as in Scenario 1. Now look at Step 4 onward.
56
Module 11: Server Activesync 01/16/02 17:59:43 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 Host: VANITHP1 <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="http://schemas.microsoft.com/mapi/proptag/" xmlns:F="urn:schemas-microsoft-com:office:office"> toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA AAW1K8yVAAAQADAAAAUgAAAQElNlAA <sql>SELECT "http://schemas.microsoft.com/repl/repl-uid" FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/FlatUrlSpace-/80e4d0981f339e40a418e03fc924986e-5775"') 01/16/02 17:59:43 Dump of HTTP response. HTTP/1.1 207 Multi-Status
toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA AAW1K8yVAAAQADAAAAUgAAAQElNlAA
Module 11: Server Activesync 01/16/02 17:59:46 Dump of HTTP request. PROPFIND /exchange/sync1/ HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: text/xml Depth: 0 Content-Length: 139 Connection: Keep-Alive <propfind xmlns="DAV:" xmlns:A="urn:schemas:httpmail:"> <prop>
57
58
Module 11: Server Activesync 01/16/02 17:59:46 Dump of HTTP response. HTTP/1.1 207 Multi-Status Server: Microsoft-IIS/5.0 Date: Wed, 16 Jan 2002 17:59:46 GMT WWW-Authenticate: Negotiate oYIBLjCCASqgAwoBAKELBgkqhkiC9xIBAgKigYkEgYZggYMGCSqGSIb3EgECAg IAb3QwcqADAgEFoQMCAQ+iZjBkoAMCAReiXQRbWcf4oV2eXJAoWmBmGmiyZu1B 0bsoS8EIleYYRyqRY4781ItTppWwqfY/tW39N6EHgbOg9/ioUgJK1domlzyoDQ +tmd4JTU8BJPzmbJFLsTydE63ZpUXi2dHi4qOBiQSBhmCBgwYJKoZIhvcSAQIC AgBvdDByoAMCAQWhAwIBD6JmMGSgAwIBF6JdBFtZx/ihXZ5ckChaYGYaaLJm7U HRuyhLwQiV5hhHKpFjjvzUi1OmlbCp9j+1bf03oQeBs6D3+KhSAkrV2iaXPKgN D62Z3glNTwEk/OZskUuxPJ0TrdmlReLZ0eLi Content-Type: text/xml Accept-Ranges: rows MS-WebStorage: 6.0.4712 Transfer-Encoding: chunked
http://VANITHP1/exchange/sync1/ HTTP/1.1 200 OK http://VANITHP1/exchange/sync1/Inbox http://VANITHP1/exchange/sync1/%23%23DavMailSubmi ssionURI%23%23/
Module 11: Server Activesync
59
01/16/02 17:59:46 Dump of HTTP request. POST http://VANITHP1/exchange/sync1/%23%23DavMailSubmissionURI%23%2 3/ HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: message/rfc821 Translate: t SaveInSent: t Content-Length: 333 Connection: Keep-Alive MAIL FROM: <[email protected]> RCPT TO: <sync1> From: "sync1" <[email protected]> To: <sync1> Subject: Abcdef Date: Wed, 16 Jan 2002 11:51:50 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 I love my Pocket PC! 01/16/02 17:59:46 Dump of HTTP response. HTTP/1.1 100 Continue Server: Microsoft-IIS/5.0 Date: Wed, 16 Jan 2002 17:59:46 GMT 01/16/02 17:59:48 Dump of HTTP request. GET /exchange/sync1/NON_IPM_SUBTREE/Microsoft-ServerActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80e4d0981 f339e40a418e03fc924986e-5775 HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Translate: f Content-Length: 0 Connection: Keep-Alive
60
Module 11: Server Activesync 01/16/02 17:59:48 Dump of HTTP response. HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Wed, 16 Jan 2002 17:59:48 GMT WWW-Authenticate: Negotiate oYIBLjCCASqgAwoBAKELBgkqhkiC9xIBAgKigYkEgYZggYMGCSqGSIb3EgECAg IAb3QwcqADAgEFoQMCAQ+iZjBkoAMCAReiXQRbeeLQisd0ZSv1TZrZxpK7b9YF sLSMvqMX6IJbqJbJ6TUyJSt1lzqN2IULWHimCWts29jczV1rmrejNpKCui5Myz DruKajjrSWnCompftOwPeWMvpVFzXMWrpd2qOBiQSBhmCBgwYJKoZIhvcSAQIC AgBvdDByoAMCAQWhAwIBD6JmMGSgAwIBF6JdBFt54tCKx3RlK/VNmtnGkrtv1g WwtIy+oxfogluolsnpNTIlK3WXOo3YhQtYeKYJa2zb2NzNXWuat6M2koK6LkzL MOu4pqOOtJacKial+07A95Yy+lUXNcxaul3a Content-Type: application/octet-stream Content-Length: 685 ETag: "80e4d0981f339e40a418e03fc924986e000000012546" Last-Modified: Wed, 16 Jan 2002 17:56:52 GMT Accept-Ranges: bytes ResourceTag: MS-WebStorage: 6.0.4712
Unknown body content type of application/octet-stream with length of 685
Module 11: Server Activesync
61
01/16/02 17:59:48 Dump of HTTP request. SEARCH /exchange/sync1/ HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: text/xml Content-Length: 2010 Connection: Keep-Alive Range: rows=0-99 <searchrequest xmlns="DAV:" xmlns:A="xml:" xmlns:B="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" xmlns:C="http://schemas.microsoft.com/exchange/" xmlns:D="http://schemas.microsoft.com/repl/" xmlns:E="urn:schemas:httpmail:" xmlns:F="urn:schemas:mailheader:" xmlns:G="http://schemas.microsoft.com/mapi/proptag/" xmlns:H="urn:schemas:calendar:" xmlns:I="urn:schemasmicrosoft-com:office:office" xmlns:J="http://schemas.microsoft.com/mapi/"> toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVBUAABAAUAAA AAW1K8yVAAAQADAAAAUgAAAQElNlAA <sql>SELECT "http://schemas.microsoft.com/repl/resourcetag","http://schema s.microsoft.com/repl/repluid","DAV:ishidden","DAV:isfolder","urn:schemas:mailheader:to" ,"urn:schemas:mailheader:cc","urn:schemas:mailheader:from","ur n:schemas:mailheader:subject","urn:schemas:mailheader:replyto","urn:schemas:httpmail:datereceived","urn:schemas:httpmail: displayto","urn:schemas:mailheader:threadtopic","urn:schemas:httpmail:importance","urn:schemas:httpmail :read","urn:schemas:httpmail:hasattachment","urn:schemas:httpm ail:textdescription","http://schemas.microsoft.com/exchange/ou tlookmessageclass","urn:schemas:calendar:alldayevent","urn:sch emas-microsoftcom:office:office#Keywords","urn:schemas:calendar:dtstart","ur n:schemas:calendar:dtstamp","urn:schemas:calendar:dtend","urn: schemas:calendar:instancetype","urn:schemas:calendar:location" ,"urn:schemas:calendar:organizer","urn:schemas:calendar:recurr enceid","urn:schemas:calendar:reminderoffset","urn:schemas:cal endar:responserequested","urn:schemas:calendar:rrule","http:// schemas.microsoft.com/exchange/sensitivity","http://schemas.mi crosoft.com/mapi/intendedbusystatus","http://schemas.microsoft .com/mapi/timezonestruct","http://schemas.microsoft.com/mapi/g lobal_objid" FROM Scope('SHALLOW TRAVERSAL OF "/exchange/sync1/-FlatUrlSpace/80e4d0981f339e40a418e03fc924986e-5775"')
62
Module 11: Server Activesync 01/16/02 17:59:49 Dump of HTTP response. HTTP/1.1 207 Multi-Status Server: Microsoft-IIS/5.0 Date: Wed, 16 Jan 2002 17:59:48 GMT Content-Type: text/xml Accept-Ranges: rows Content-Range: rows 0-99; total=* MS-WebStorage: 6.0.4712 Transfer-Encoding: chunked
0-99 http://VANITHP1/exchange/sync1/Inbox/Abcdef2.EML change HTTP/1.1 200 OK rt:80e4d0981f339e40a418e03fc924986e000000005b ca80e4d0981f339e40a418e03fc924986e000000012549 rid:80e4d0981f339e40a418e03fc924986e000000005bca 0 0 <e:to><sync1> <e:from>"sync1" <[email protected]> <e:subject>Abcdef 2002-0116T17:59:46.161Z sync1 1 0 0 I love my Pocket PC! IPM.Note "sync1" <[email protected]> 0
Module 11: Server Activesync
63
toCTAAMAAACA5NCYHzOeQKQY4D/JJJhuEgAAAAAAAAAPAAAA DQAAAA8AAAABAIDk0JgfM55ApBjgP8kkmG4BAAMAAABSAAABASVJUAABAAUAAA AAW1K8ylAAAQADAAAAUgAAAQElNlAA 01/16/02 17:59:49 Dump of HTTP request. PUT /exchange/sync1/NON_IPM_SUBTREE/Microsoft-ServerActiveSync/PocketPC/D8000BF46AB950A138000050BF1977E0/80e4d0981 f339e40a418e03fc924986e-5775 HTTP/1.1 Host: VANITHP1 User-Agent: Microsoft-Server-ActiveSync/1.0.1806.0 Brief: t Accept-Language: en-us Content-Type: application/octet-stream Content-Length: 697 Connection: Keep-Alive Unknown body content type of application/octet-stream with length of 697 01/16/02 17:59:49 Dump of HTTP response. HTTP/1.1 100 Continue Server: Microsoft-IIS/5.0 Date: Wed, 16 Jan 2002 17
64
Module 11: Server Activesync
Troubleshooting: Event Logs
Diagnostic Logging to the Event Log is enabled by default. The graphic above shows two event log entries that you may see.
Module 11: Server Activesync
65
Troubleshooting: Error Codes
Errors received after a synchronization attempt on the device have error codes appended to them. These codes help determine the source of the error. They are of the following types: DEV_errorcode
This error code indicates that the error was from the Exchange ActiveSync client on the device. Note Also see 330464 MMIS: Troubleshooting Exchange ActiveSync: DEV_errorcode. For a complete list of error codes see Module 11 Appendix D.
66
Module 11: Server Activesync
Troubleshooting: Performance Monitor Counters
*****************************illegal for non-trainer use******************************
Exchange ActiveSync has a performance counter object that provides very helpful information is determining the status of Exchange ActiveSync and the Exchange server itself Current Active Directory Requests
Current outstanding requests to Active Directory.
Current Users
The number of users currently accessing Exchange ActiveSync.
Total Unrecognized Requests Sync Commands/Sec
The total number of unrecognized requests received by Exchange ActiveSync.
SendMail Commands/Sec
The number of SendMail commands processed per second by Exchange ActiveSync. The SendMail command is called when a user sends mail from the client.
SmartForward Commands/Sec
The number of SmartForward commands processed per second by Exchange ActiveSync. The SmartForward command is called when a user forwards an existing mail item from the client.
SmartReply Commands/Sec
The number of SmartReply commands processed per second by Exchange ActiveSync. The SmartReply command is called when a user replies to mail from the client.
GetAttachment Commands/Sec
The number of GetAttachment commands processed per second by Exchange ActiveSync. The GetAttachment command is called when a user retrieves a mail attachment from the client.
GetHierarchy Commands/Sec
The number of GetHierarchy commands processed per second by Exchange ActiveSync. The GetHierarchy command is called when a user fetches their folder hierarchy.
The number of Sync commands processed per second by Exchange ActiveSync.
Module 11: Server Activesync
67
CreateCollection Commands/Sec
The number of CreateCollection commands processed per second by Exchange ActiveSync. The CreateCollection command is called when a user creates a folder from the client.
DeleteCollection Commands/Sec
The number of DeleteCollection commands processed per second by Exchange ActiveSync. The DeleteCollection command is called when a user deletes a folder from the client.
MoveCollection Commands/Sec
The number of MoveCollection commands processed per second by Exchange ActiveSync. The MoveCollection command is called when a user moves a folder from the client.
FolderSync Commands/Sec
The number of FolderSync commands processed per second by Exchange ActiveSync. The FolderSync command is called when a user synchronizes their folder hierarchy.
FolderCreate Commands/Sec
The number of FolderCreate commands processed per second by Exchange ActiveSync. The FolderCreate command is called when a user creates a folder from the client.
FolderDelete Commands/Sec
The number of FolderDelete commands processed per second by Exchange ActiveSync. The FolderDelete command is called when a user deletes a folder from the client.
FolderUpdate Commands/Sec
The number of FolderUpdate commands processed per second by Exchange ActiveSync. The FolderUpdate command is called when a user moves/renames a folder from the client.
MoveItems Commands/Sec
The number of MoveItems commands processed per second by Exchange ActiveSync. The MoveItem command is called when a user moves an item between folders from the client.
GetItemEstimate Commands/Sec
The number of GetItemEstimate commands processed per second by Exchange ActiveSync. The GetItemEstimate command checks for the number of items that need to be synchronized.
MeetingResponse Commands/Sec
The number of MeetingResponse commands processed per second by Exchange ActiveSync. The MeetingResponse command is called when a user responds to a meeting request from the client.
Notify Commands/Sec
The number of Notify commands processed per second by Exchange ActiveSync. The Notify command is called by the client to provision itself to receive notifications.
Client Item Adds/Sec
The number of client item adds (within the sync command) processed per second by Exchange ActiveSync.
Client Item Changes/Sec
The number of client item changes (within the sync command) processed per second by Exchange ActiveSync.
Client Item Deletes/Sec
The number of client item deletes (within the sync command) processed per second by Exchange ActiveSync.
Client Item Fetches/Sec
The number of client item fetches (within the sync command) processed per second by Exchange ActiveSync.
Exchange Mailbox Server Item Adds/Sec
The number of Exchange mailbox server item adds (within the sync command) processed per second by Exchange ActiveSync.
68
Module 11: Server Activesync
Exchange Mailbox Server Item Changes/Sec
The number of Exchange mailbox server item changes (within the sync command) processed per second by Exchange ActiveSync.
Exchange Mailbox Server Item Deletes/Sec
The number of Exchange mailbox server item deletes (within the sync command) processed per second by Exchange ActiveSync.
Exchange Mailbox Server Item Soft Deletes/Sec
The number of Exchange mailbox server item soft deletes processed per second by Exchange ActiveSync. Soft deletes occur when items move out of filter range.
Outstanding Exchange Mailbox Server Connection Requests
The number of pending connection requests from Exchange ActiveSync to the Exchange mailbox server(s).
Outstanding Exchange Mailbox Server I/O Requests
The number of pending input/output requests from Exchange ActiveSync to the Exchange mailbox server(s).
Exchange Mailbox Server I/O Requests/Sec
The number of input/output requests sent per second to the Exchange mailbox server(s) from Exchange ActiveSync.
Total Users
The total number of users who have accessed Exchange ActiveSync.
Total Exchange Mailbox Server Sync Items
The total number of Exchange mailbox server adds, changes, and deletes (within the sync command) sent to the client.
Total SendMail Commands
The total number of SendMail commands processed by Exchange ActiveSync. The SendMail command is called when a user sends mail from the client.
Total SmartForward Commands
The total number of SmartForward commands processed by Exchange ActiveSync. The SmartForward command is called when a user forwards an existing mail item from the client.
Total SmartReply Commands
The total number of SmartReply commands processed by Exchange ActiveSync. The SmartReply command is called when a user replies to mail from the client.
Total GetAttachment Commands
The total number of GetAttachment commands processed by Exchange ActiveSync. The GetAttachment command is called when a user retrieves a mail attachment from the client.
Total GetHierarchy Commands
The total number of GetHierarchy commands processed by Exchange ActiveSync. The GetHierarchy command is called when a user fetches their folder hierarchy.
Total CreateCollection Commands
The total number of CreateCollection commands processed by Exchange ActiveSync. The CreateCollection command is called when a user creates a folder from the client.
Total DeleteCollection Commands
The total number of DeleteCollection commands processed by Exchange ActiveSync. The DeleteCollection command is called when a user deletes a folder from the client.
Total MoveCollection Commands
The total number of MoveCollection commands processed by Exchange ActiveSync. The MoveCollection command is called when a user moves a folder from the client.
Module 11: Server Activesync
69
Total FolderSync Commands
The total number of FolderSync commands processed by Exchange ActiveSync. The FolderSync command is called when a user synchronizes their folder hierarchy.
Total FolderCreate Commands
The total number of FolderCreate commands processed by Exchange ActiveSync. The FolderCreate command is called when a user creates a folder from the client.
Total FolderDelete Commands
The total number of FolderDelete commands processed by Exchange ActiveSync. The FolderDelete command is called when a user deletes a folder from the client.
Total FolderUpdate Commands
The total number of FolderUpdate commands processed by Exchange ActiveSync. The FolderUpdate command is called when a user moves/renames a folder from the client.
Total MoveItems Commands
The total number of MoveItems commands processed by Exchange ActiveSync. The MoveItem command is called when a user moves an item between folders from the client.
Total GetItemEstimate Commands
The total number of GetItemEstimate commands processed by Exchange ActiveSync. The GetItemEstimate command checks for the number of items that need to be synchronized.
Total MeetingResponse Commands
The total number of MeetingResponse commands processed by Exchange ActiveSync. The MeetingResponse command is called when a user responds to a meeting request from the client.
Total Notify Commands
The total number of Notify commands processed by Exchange ActiveSync. The Notify command is called by the client to provision itself to receive notifications.
Total Client Item Adds
The total number of client item adds (within the sync command) processed by Exchange ActiveSync.
Total Client Item Changes
The total number of client item changes (within the sync command) processed by Exchange ActiveSync.
Total Client Item Deletes
The total number of client item deletes (within the sync command) processed by Exchange ActiveSync.
Total Client Item Fetches
The total number of client item fetches (within the sync command) processed by Exchange ActiveSync.
Total Exchange Mailbox Server Item Adds
The total number of Exchange mailbox server item adds (within the sync command) processed by Exchange ActiveSync.
Total Exchange Mailbox Server Item Changes
The total number of Exchange mailbox server item changes (within the sync command) processed by Exchange ActiveSync.
Total Exchange Mailbox Server Item Deletes
The total number of Exchange mailbox server item deletes (within the sync command) processed by Exchange ActiveSync.
Total Exchange Mailbox Server Item Soft Deletes
The total number of Exchange mailbox server item soft deletes processed by Exchange ActiveSync. Soft deletes occur when items move out of filter range.
Total Sync Commands
The total number of Sync commands processed by Exchange ActiveSync.
Exchange Mailbox Server Sync Items/Sec
The number of Exchange mailbox server adds, changes, deletes, and soft deletes (within the sync command) sent to the client per second by Exchange ActiveSync.
70
Module 11: Server Activesync
Total Client Sync Items
The total number of client item adds, changes, and deletes (within the sync command) sent from the client.
Client Sync Items/Sec
The number of client item adds, changes, deletes, and fetches (within the sync command) processed per second by Exchange ActiveSync.
Module 11: Server Activesync
71
Lesson 5: Tools
*****************************illegal for non-trainer use******************************
Wfetch
Wfetch.exe enables you to test HTTP requests. See the following KB article for more information: Q284285 HOW TO: Use Wfetch.exe to Troubleshoot HTTP Connections.
72
Module 11: Server Activesync
Tools
*****************************illegal for non-trainer use******************************
PocketPC Emulators
A Pocket PC Emulator is basically a development platform for PocketPC developers. It is very good tool to troubleshoot issues, the only problem is it is difficult to set up. Below are the steps you need to do, to install the PocketPC emulator. Note You CANNOT install a PocketPC emulator on to a virtual machine (VM) as the PocketPC emulators themselves are virtual machines. You must first install Microsoft ActiveSync 3.7
Go to http://www.microsoft.com/windowsmobile/resources/downloads/pocketpc/a ctivesync37.mspx
You must install the Pocket PC SDK 2003
Go to http://www.microsoft.com/downloads/details.aspx?FamilyID=9996b3140364-4623-9ede-0b5fbb133652&DisplayLang=en
You must install the Pocket PC SDK 2003 Emulator Images
Go to http://www.microsoft.com/downloads/details.aspx?FamilyID=5726540247a8-4ce4-9aa7-5fe85b95de72&DisplayLang=en
You must then install Microsoft® Visual Studio®.NET 2003
Module 11: Server Activesync
73
If Visual Studio has been installed without the Smart Device Programmability option (and thus without the emulator files), you can update your installation using the following procedure. To load emulator files if Visual Studio has been installed 1. In Windows Control Panel, click Add or Remove Programs. 2. Select your installation of Microsoft Visual Studio .NET, and then click Change/Remove. 3. In the Visual Studio .NET Setup wizard, click Visual Studio .NET. 4. On the Visual Studio .NET Maintenance page, click Add or Remove Features. 5. On the Visual Studio .NET Options page, select the Smart Device Programmability check box under either Microsoft® Visual Basic®.NET or Visual C# .NET. 6. Click Update Now. After the Visual Studio update is finished, install the emulator using either of the procedures in "Installing the Emulator" earlier in this section. Installing the Emulator You must have Administrator permissions to install or remove the emulator. On some operating systems (for example, Microsoft® Windows Server™ 2003), you must accept the driver security certificate if prompted. To install the emulator by trying to connect to it: 1. On the Visual Studio Tools menu, click Connect to Device. 2. In the Connect to Device dialog box, click any emulator (for example, Pocket PC 2003 Emulator (Virtual Radio). 3. Click Connect. 4. If prompted to accept the emulator driver security certificate, click OK. 5. View the results on the screen. Installation is successful if: a. The emulator appears. b. The status bar in the IDE displays "Device Connected" or "Ready." Installation is not successful if: a. The screen displays "Emulator driver installation failed. Most common cause: user does not have administrator permissions." b. The status bar displays "Emulator driver installation failed."
74
Module 11: Server Activesync
Lab A: Microsoft Server ActiveSync (MSAS)
Module 11: Server Activesync
Lab A: Microsoft Server ActiveSync (MSAS) Objectives
After completing this lab, you will be able to:
Connect Exchange Server 2003 to a Pocket PC Emulator using Exchange ActiveSync.
Use Outlook Mobile Access from a Pocket PC Emulator.
Note This lab focuses on concepts, and may not comply with Microsoft security recommendations. Prerequisites
Scenario
Before working on this lab, you must have:
DENVER VPC running.
ATLANTA VPC running.
In this lab, you will use the new mobility features in Exchange Server 2003 by configuring and using Exchange ActiveSync with a Pocket PC Emulator. First, you will configure the Pocket PC to synchronize with the Exchange Server 2003 server by using TCP/IP. You will then synchronize the Inbox, Calendar, and Contacts with the Exchange Server. Finally, you will send and receive e-mail and work with the calendar.
Estimated time to complete this lab: 60 minutes
75
76
Module 11: Server Activesync
Exercise 1 Exchange ActiveSync In this exercise you will get up-to-date notifications to work and look at some troubleshooting.
Tasks
Detailed steps
Note: All Steps to be performed on DENVER VPC.
1.
2.
3.
Start Denver and Atlanta Virtual machines.
Log on to DENVER and make sure Exchange ActiveSync is enabled globally.
Configure Windows Authentication on the IIS Web server for which the Pocket PC connects to.
a.
Open the Virtual PC Console.
b.
Click on Atlanta and then click Start.
c.
Click on Denver and then click Start.
d.
Wait for both images to completely load before continuing.
a.
Log onto Denver VPC as Administrator with password Passw0rd1.
b.
From the task bar click, Start | All Programs | Microsoft Exchange | System Manager.
c.
Expand Global Settings.
d.
Right-click Mobile Services | Properties.
e.
Verify that ALL the Exchange ActiveSync checkboxes are checked.
f.
Click OK.
a.
From the task bar click, Start | All Programs | Administrative Tools | Internet Information Servers (IIS) Manager.
b.
Expand DENVER, and then expand Web Sites.
c.
Right-click Default Web Site and then click Properties.
d.
Click the Directory Security tab.
e.
On the Directory Security tab, in the Authentication and access control box, click Edit.
f.
In the Authentication Methods box, ensure the Enable anonymous access check box is cleared.
g.
Click to clear the Digest authentication for Windows domain servers check box.
h.
In the Authenticated access area, confirm that only Integrated Windows authentication is selected.
i.
Click OK to close the Authentication Methods box, and then click OK to close the Default Web Site Properties.
j.
In the Inheritance Overrides box, click OK.
k.
Click on Default Web Site. In the detail pane, right-click MicrosoftServer-ActiveSync and then click Properties.
l.
Click the Directory Security tab.
m. On the Directory Security tab, in the Authentication and access
control box, click Edit. n.
In the Authentication Methods box, ensure the Enable anonymous access check box is cleared.
o.
Make sure the Digest authentication for Windows domain servers
Module 11: Server Activesync
77
check box is cleared.
4.
5.
Create a new mail enabled user and make sure they are enabled to use Exchange ActiveSync.
Initialize PocketPC’s mailbox by logging into OWA.
p.
Ensure that only Basic authentication (password is sent in clear text) is selected (Click Yes to the Security Warning if it appears).
q.
Click OK to close the Authentication Methods box, and then click OK to close the Default Web Site Properties.
a.
From the task bar click, Start | All Programs | Microsoft Exchange | Active Directory Users and Computers.
b.
Right click on the Users container | New | User.
c.
Create user PocketPC, and click the Next button.
d.
Set the password to Passw0rd1, clear the checkbox for User must change password at next logon and click the Next button.
e.
On the mailbox screen, leave the defaults to create a mail enabled user, click the Next button, and then click the Finish button to complete the creation of a mail enabled user.
f.
Right click on the user you just created and choose Properties.
g.
Click the Exchange Features tab and verify that Enabled is indicated in the Mobile Services section for all services listed.
h.
Click OK to close PocketPC Properties.
a.
Open Internet Explorer and log into Outlook Web Access. In the Address bar type http://denver/exchange/pocketpc.
b.
Log in as Contoso\PocketPC with password Passw0rd1.
c.
Once logged in, click the Log Off button.
d.
Close Internet Explorer.
Note: All Steps to be performed on Atlanta VPC.
6.
Start the Pocket PC Emulator.
a.
On Atlanta, log in as Administrator with the Password of Passw0rd1.
b.
From the task bar click Start | Run | type C:\StartPPC.lnk | click OK.
c.
It may take a few minutes for the Pocket PC Emulator to boot. Please be patient while it loads.
78
Module 11: Server Activesync
7.
Connect to the workplace using a VPN.
a.
In the Pocket PC Emulator, click the Establishing Connection icon, click Work, and then click OK.
8.
Configure the ActiveSync connection to the Exchange Server.
a.
In the Pocket PC Emulator, click Start | ActiveSync.
b.
After ActiveSync starts, click Tools, and then click Options.
c.
Click the Server tab.
d.
In the Sync with this Server box, type DENVER.
e.
Click to clear the This server uses an SSL connection check box, and then click OK to acknowledge the Security Warning.
f.
Click Options.
g.
Type a User name of PocketPC.
h.
Type a Password of Passw0rd1
i.
Type a Domain name of CONTOSO
j.
Click to select the Save password check box, and then click OK in the upper right corner.
k.
In the Sync these items box, click to select the Calendar, Contacts, and Inbox check boxes.
l.
In the Sync these items box, click Calendar, and then click Settings.
m. In the Synchronize only the past drop-down list box, click All, and
then click OK in the upper right corner. n.
In the Sync these items box, click Inbox, and then click Settings.
o.
In the Amount of messages to copy drop-down list box, click All, and then click OK in the upper right corner.
p.
In the ActiveSync dialog box, click OK to close ActiveSync Options.
q.
In the ActiveSync dialog box, click Sync. ActiveSync will synchronize with the Exchange Server. This may take several minutes.
r.
Click No on the ActiveSync pop-up.
s.
Click the X in the upper right corner to close ActiveSync when
Module 11: Server Activesync
79
complete. Note: All Steps to be performed on DENVER VPC.
9.
Open the Administrator’s mailbox using Outlook Web Access.
a.
Switch to DENVER and start Microsoft Internet Explorer.
b.
In the Address field, type http://Denver/exchange and press Enter.
c.
If prompted, log in as Contoso\Administrator with password Passw0rd1.
d.
Compose a new message by clicking New, and then in the To field, type PocketPC.
e.
Type a Subject and a brief message, and then click Send.
Note: All Steps to be performed on Atlanta VPC.
10. View your messages on the
Pocket PC Emulator.
a.
Switch to Atlanta.
b.
On the Pocket PC Emulator, click Start | Messaging.
c.
Click the Send/Receive Mail button at the bottom of the Inbox.
d.
After the message from the Administrator has been received, click the message.
e.
Click the Reply button at the bottom of the message window, and then click Reply.
f.
Type a short message, and then click Send.
g.
Click the Send/Receive Mail button at the bottom of the Inbox.
h.
Switch to DENVER.
Note: All Steps to be performed on DENVER VPC.
11. Using OWA, check to see
a.
In Outlook Web Access (logged in as Contoso\Administrator), click the Check for New Messages button, and then confirm that the message from Pocket PC was received.
a.
In Outlook Web Access (logged in as Contoso\Administrator) on DENVER, click Calendar, and then click New.
b.
For the appointment, leave the Start time as today’s date.
c.
Click Invite Attendees, and then in the Required field, type PocketPC.
d.
Type a subject and a brief message, and then click Send.
e.
Switch to the Pocket PC Emulator on Atlanta.
f.
At the bottom of the Inbox, click the Send/Receive Mail button
g.
After the Inbox is in sync, click the meeting request at the top of the message list.
h.
Click the Accept, Decline, and Tentative button at the bottom of the Messaging window .
i.
Click Accept.
that the Pocket PC synchronized and sent any queued emails to the Exchange Server. 12. Accept a meeting by using
the Pocket PC Emulator.
.
80
Module 11: Server Activesync
j.
Click OK to send the response.
k.
Click OK in the upper right corner to close the message.
l.
At the bottom of the Inbox, click the Send/Receive Mail button.
m. Click the X in the upper right corner to close the Inbox. The meeting
should now appear in the Calendar. Click Start, Calendar to view the appointment. n.
Switch to Denver VPC.
Note: All Steps to be performed on DENVER VPC.
13.
a.
In Outlook Web Access (logged in as Administrator), click the Check for New Messages button, and then confirm that the meeting request from Pocket PC was accepted.
b.
Log off Outlook Web Access, and close Internet Explorer.
c.
Close all open windows.
Module 11: Server Activesync
81
Exercise 2 Browsing Using Outlook Mobile Access In this lab, you will access Outlook Mobile Access by using the Pocket PC Emulator. This new way to access a mailbox over the Internet is especially suited for hand-held devices, including mobile telephones. One advantage of using Outlook Mobile Access on a Pocket PC that has Exchange ActiveSync enabled is the ability to search the Global Address List.
Tasks
Detailed steps
Note: All Steps to be performed on Atlantis VPC. 1.
View Outlook Mobile Access by using the Pocket PC Emulator.
2. View and reply to a message
by using Outlook Mobile.
3. Find a user using Outlook
Mobile Access.
a.
Click Start, and then click Internet Explorer.
b.
In the Address field, type http://Denver/oma, and press Enter.
c.
Type a User name of Contoso\PocketPC and a Password of Passw0rd1.
d.
Click Save Password, and then press OK.
a.
Click Inbox.
b.
Open a message from the Administrator.
c.
Click Reply.
d.
Click Message: [].
e.
Type a message.
f.
Click OK, and then click Send.
a.
Click Home.
b.
Click Find Someone.
c.
In the Search For box, type Don, and then click OK.
d.
Click Don Hall.
e.
Click [email protected].
f.
Click Message: [].
g.
Type a short message, and then click OK.
h.
Click Send.
i.
Close the Pocket PC Emulator and Internet Explorer.
j.
Click Start, Log Off, Log Off.
k.
Press Right Alt-Del (instead of Ctrl-Alt-Del) to open the Logon dialog box.
l.
Type the following information:
m. User name: DonH n.
Password: Passw0rd1.
o.
Click OK.
p.
Open Microsoft Internet Explorer.
q.
In the Address field, type http://Denver/exchange, and press Enter.
82
Module 11: Server Activesync
r.
If prompted, log in as Contoso\DonH with a password of Passw0rd1.
s.
Verify that the message from PocketPC was received.
t.
Log off Outlook Web Access and close Internet Explorer.
u.
Log off Atlanta.
Module 11: Server Activesync
83
Exercise 3 Debugging using NexTags In this exercise, you will a Microsoft internal only tool called NexTags. Using NexTags you will capture ActiveSync traffic between a Pocket PC device and the Exchange 2003 Server ActiveSync. When users specify an attempt to sync, Exchange ActiveSync will output all logging information to the specified log file. This information is useful for troubleshooting and when working with Microsoft Product Support Services to determine the cause for synchronization failures.
Tasks
Detailed steps
Note: All Steps to be performed on Denver VPC.
1.
Start the NexTags configuration program.
a.
Log onto Denver VPC as Administrator with password Passw0rd1.
b.
Open Windows Explorer and navigate to C:\Tools\Labs\Tools\Other Tools\Nextags (This has to be run on the server running Exchange ActiveSync).
c.
Double click Nextags.exe to execute the configuration program.
2.
Configure NexTags.
a.
Click the Options tab.
3.
Create some test e-mails, calendar items and contacts. Watch the sync.
b.
In the Trace File field enter C:\NexTagSync.log
c.
Move the Trim Percentage slider bar to ~ 30%.
d.
Set the Limit file size to: 10 mb.
e.
Leave User Names blank to capture all users.
f.
Note - For individual users, enter the user's alias or aliases, separated by a semi-colon (;).
g.
Ensure that the Real Time checkbox is unchecked.
h.
Click the Tags tab.
i.
Navigate down the whole tree and enable everything.
j.
Click the Enable Tracing button.
k.
Click the Apply button to confirm all settings and the OK button to exit the NexTags window.
4.
In NexTags, disable logging.
Note: All Steps to be performed on Atlanta VPC.
5.
Using the Pocket PC Emulator, you will write some emails and then use ActiveSync to transfer them to the Exchange Server.
a.
On the Atlanta VPC, log in as Administrator with a password of Passw0rd1.
b.
Launch the Pocket PC 2003 Second Edition. From the task bar click Start | Run | type C:\StartPPC.lnk | click OK.
c.
It may take a few minutes for the Pocket PC Emulator to boot. Please be patient while it loads.
d.
In the Pocket PC Emulator, click the Establishing Connection icon,
84
Module 11: Server Activesync click Work, and then click OK. e.
In the Pocket PC Emulator, click Start | ActiveSync.
f.
After ActiveSync starts, click Tools, and then click Options.
g.
Click the Server tab.
h.
In the Sync with this Server box, type DENVER.
i.
Click to clear the This server uses an SSL connection check box, and then click OK to acknowledge the Security Warning.
j.
Click Options.
k.
Type a User name of PocketPC.
l.
Type a Password of Passw0rd1
m. Type a Domain name of CONTOSO n.
Click to select the Save password check box, and then click OK in the upper right corner.
o.
In the Sync these items box, click to select the Calendar, Contacts, and Inbox check boxes.
p.
In the Sync these items box, click Calendar, and then click Settings.
q.
In the Synchronize only the past drop-down list box, click All, and then click OK in the upper right corner.
r.
In the Sync these items box, click Inbox, and then click Settings.
s.
In the Amount of messages to copy drop-down list box, click All, and then click OK in the upper right corner.
t.
In the ActiveSync dialog box, click OK to close ActiveSync Options.
u.
In the ActiveSync dialog box, click Sync. ActiveSync will synchronize with the Exchange Server. This may take several minutes.
v.
Click No on the ActiveSync pop-up.
w. Click the X in the upper right corner to close ActiveSync when x.
From the toolbar at the top click, Start | Messaging.
y.
At the bottom left of the Messaging task, click New.
z.
In the To: field type [email protected].
aa. In the Subj: field type Using NexTags – Test 1. bb. In the message body type Testing NexTags. cc. Click the Send button. 6.
Send the queued message.
a.
In the Pocket PC Emulator, click the Send/Receive Mail button.
Note: As the ActiveSync connection talks to the Exchange Server, all the selected logging options are being logged out to C:\NexTagsSync.log on Denver.
Note: All Steps to be performed on Denver VPC.
7.
8.
View the NexTags log file.
Stop the NexTags from logging.
a.
On the Denver VPC, open Windows Explorer, navigate to C:\.
b.
Double-click NexTagsSync.log to open in Notepad.
a.
Open Windows Explorer and navigate to C:\Tools\Labs\Tools\Other Tools\Nextags (This has to be run on the server running Exchange
Module 11: Server Activesync
85
ActiveSync).
9.
Close all Virtual PCs.
b.
Double-click Nextags.exe to execute the configuration program.
c.
Click the Tags tab.
d.
Click the Disable Tracing button.
e.
Click the Apply button to confirm all settings and the OK button to exit the NexTags window.
a.
On the Virtual PC 2004 menu, click Action, Close on each Virtual PC.
86
Module 11: Server Activesync
Review
1. What error message do you get on the device if Exchange ActiveSync is not enabled?
2. What would you use the exchangevdir registry key for?
3. What version of the AirSync Protocol does Mobile Information Server work with?
4. What is the name of the sync log file created on a device?
5. What does a HTTP 401 generally mean?
Appendix A
Appendix A Step by Step Walk Through Pocket PC Configuration
Start with looking at how you configure your Pocket PC device. On the device click on Start and then choose Active Sync.
Once here, click on the Tools Menu and Select Options.
This will take you to the PC Synchronization screen.
Click on the Server Tab, and enter your FrontEnd Exchange 2003 Server, and select what you want to synchronize.
87
88
Appendix A
Now click on the Options Button and enter your username, domain and password.
That is the device configuration complete.
If Exchange ActiveSync is not enabled on the server
You will see an Internet_152 error
Appendix A
Your first synchronization
On your first sync, if you are using a Windows Mobile 2003 device, you will see the Always Up To Date configuration popup.
When you start to sync, you will see a screen similar to this:
89
90
Appendix B
Appendix B
Example of Sync Request from the Client Example Sync Request from the client In this example, the client requests a sync for any changes made to contacts on the Exchange server, but requests that the response be limited to 100 items. The client also gives commands to add, delete or modify three specified contacts. Each contact is identified by a unique identifier (ServerId or ClientId). For brevity, in this example, the data for particular instances of contacts is omitted (such as the contact name and phone number).
<Sync xmlns="AirSync:"> Contacts
The Sync element indicates that this is a sync request. The Collections element is a container for one or more collections. A Collection is a set of objects (an e-mail folder, a calendar, or a set of contacts) that can be synchronized.
<SyncKey>111111111
Class identifies the type of collection.
1234321
SyncKey is used by the server to track sync state. It is used to detect when the client state and server state do not match. CollectionId identifies the particular collection.
<WindowSize>100
222222222
GetChanges tells the server to send updates in the response for items that have changed on the Exchange server. If this element is omitted, the sync will be one-way. The server will receive the update from the client, but will not send its changes back to the client. GetChanges causes the server response to contain a Commands element for this collection. In the WindowSize element, the client species the maximum number of items the server should return in its response. The Commands section contains the sync operations for this collection. The server processes the operations and returns the results in the Responses section of its response. Add creates a new contact on the server. It is sent when a new contact has been created on the client since the last sync.
Appendix B <ApplicationData> data
91
The ClientId is a unique identifier generated by the client and is used to identify the new contact in the response from the server. After synchronization, it is replaced by a ServerId as the permanent identifier for the contact. The ServerId is included in the response sent by the server to confirm the Add (see below). The ApplicationData contains the contact itself and details are omitted here. It consists of XML data for the contact name, address, phone number, and so on.
<ServerId>333333333 <ServerId>444444444 <ApplicationData> data
The Delete command asks the server to remove a contact. The contact is identified by its permanent identifier, the ServerId.
The Change command asks the server to change an existing contact. The contact is identified by its permanent identifier, the ServerId. The ApplicationData section of a Change command must contain all of the contact attributes, not just the ones that have been modified. The Change command replaces the existing contact on the server, acting like a Delete and an Add.
Example Sync Response from the Server The following example shows the response sent by the server.
<Sync xmlns="AirSync:"> Contacts <SyncKey>111111111 1234321 <MoreAvailable />
<ServerId>444444444 <Status>1
The top level Sync element in the response is the same as in the request. The Collection information is the same as in the corresponding request. The Class and CollectionId identify the collection. The SyncKey is the same value sent in the request and can be used by the client to verify that this response corresponds to the request in the previous example. The MoreAvailable element indicates that there are additional changed items available from the server. Because the request had a WindowSize of 100, this element indicates there were more than 100 changed items on the server. The Responses section contains entries corresponding to the Commands section of the request, and there is one response for each command sent. This is the response to the Change command sent to the server. The changed object is identified by the ServerId. The Status value of 1 indicates the operation was successful. Other values indicate errors.
222222222
This is the response to the Add command sent to the server.
92
Appendix B
<ServerId>1212121212 <Status>1
The ClientId matches the ClientId sent with the original Add command from the client. The ServerId is a new permanent identifier allocated by the server and must be stored by the client. At this point, it is up to the client to keep this mapping between the original ClientId and the new ServerId. The Status value of 1 indicates the operation was successful.
<ServerId>333333333 <Status>1
This is the response to the Delete command sent to the server. The contact being deleted is identified by the ServerId, which matches the one sent in the original command. The Status value of 1 indicates the operation was successful.
additional responses
Because the WindowSize is 100, the server sends 100 changes. For brevity, this example shows only three.
<ServerId>666666666 <ApplicationData> data <ServerId>777777777 <ServerId>888888888/ServerId> <ApplicationData> data
This section contains commands from the server. These commands are similar to the ones sent from the client to the server, and contain additions, deletions, and changes resulting from contacts modified on the server. Each contact is identified by a ServerId. For an Add, this is a new identifier and must be stored by the client along with the new contact. For Delete and Change, the identifier refers to an existing contact. For Add and Change, the ApplicationData contains the new or changed contact. Upon receiving this data, it is up to the client to update the local store to match the server.
In addition to the Sync command described above, the sync protocol defines commands to facilitate tasks such as replying to messages and managing folders.
Synchronization Commands Command
Description
GetItemEstimate
Used by the client to get an estimate of the number of items that need to be synchronized.
Sync
Synchronizes data between the client and server. Data is included in the body of the request and response.
Appendix B Folder Management Commands Command
Description
GetHierarchy
Gets the entire collection hierarchy. The server response provides a list of all non-hidden collections and their corresponding CollectionIds. This is for v1 of the protocol.
FolderSync
Syncs the collection hierarchy. This command works similarly to the Sync command. The folder list has a SyncKey. After the initial folder sync, subsequent folder hierarchy changes are sent from the server using Add and Delete commands. This is for v2 of the protocol.
CreateCollection
Creates a collection on the server. This command is used to create new e-mail folders.
DeleteCollection
Deletes a folder from the server. The CollectionId is passed to the server, which deletes the collection with the matching identifier.
MoveCollection
Moves a folder from one location to another. This command moves folders on the server. It is also used to rename a folder.
MoveItems
Moves items on the server from one collection to another. For example, the client can move a specific e-mail message to another e-mail folder.
Messaging Commands Command
Description
SendMail
Used by clients to send MIME formatted e-mail messages to the server. The body of the request contains the message. A command parameter provides the option of storing a copy of the message in the Sent Items folder.
SmartReply
This command is similar to SendMail, but the outgoing message consists of the new message followed by the text of the original message. The full original message is sent, even if only a truncated copy exists on the client. Using the server copy of the original message saves network bandwidth by avoiding the need to download the original message and upload it with the reply. The SmartReply command lists the message recipients, so it is used to implement both “reply” and “reply all” functionality.
SmartForward
This command is similar to SmartReply, but the original message is included as an attachment to the outgoing message. Any attachments contained in the original message are also forwarded.
MeetingResponse
This command is similar to SendMail and sends a meeting response message accepting or declining a meeting request.
GetAttachment
This command downloads an e-mail attachment from the server. Attachments are not downloaded automatically with e-mail messages; they must be explicitly retrieved using this command.
Notification Commands Command
Description
Notify
This command enables server notifications for one or more collections. It also provisions the device for notifications by telling the server the device’s address.
93
94
Appendix B
Folder Sync
Sync protocol version 2.0 adds support for Folder sync. With sync protocol v2.0, a FolderSync command is used instead of the GetHierarchy command. The FolderSync command synchronizes the collection hierarchy in the same way as individual folders are synchronized. The folder hierarchy has a Sync Key associated with it. The initial folder list is obtained by sending a SyncKey of zero. Thereafter, individual folder changes are sent from the server. Folder sync is one-way, meaning that the server sends changes to the client, but the client does not send changes to the server. During the initial sync, the user’s mailbox is traversed to retrieve the folder hierarchy. Then an Exchange Search folder is created to cache the user’s hierarchy. Subsequent FolderSync commands use the Search folder to retrieve the hierarchy. In certain cases, the Search folder may take a while to get populated. In these cases, a traversal is done until the Search folder gets populated. The Exchange information store updates the Search folder. If the user is moved to another server, this search folder gets emptied out. When sync encounters an empty Search folder, Search folder is deleted and recreated. The SyncKey is not affected. No changes are sent to the client unless there were any changes since the last sync. Folder sync is performed at the beginning of every sync session. In order to get the hierarchy changes from the server, a PROPFIND is used to retrieve the folders, then a GET is used to retrieve the FolderSync state and finally a Search is used to retrieve the information from the Search folder. The Search folder and the folder sync file are stored in the NON_IPM_SUBTREE of a user’s mailbox. The user can get to these files by opening the NON_IPM_SUBTREE as a Web folder through Internet Explorer. This is, however, not recommended.
Appendix B
95
=-=-=-= Client Request =-=-=-= POST Microsoft-ServerActiveSync?User=vanithp&DeviceId=3DC1E291F008003188000050BF325 173&DeviceType=PocketPC&Cmd=FolderSync Accept-Language: en-us MS-ASProtocolVersion: 2.0 Content-Type: application/vnd.ms-sync.wbxml -=-=-=- Start of Body -=-=-=<SyncKey>0 =-=- [26/4/2003 23:46:4.0] -=-= =-=-=-= Server Response =-=-=HTTP/1.1 200 OK Content-Length: 9536 Date: Sat, 26 Apr 2003 23:46:02 GMT Content-Type: application/vnd.ms-sync.wbxml Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET Pragma: no-cache MS-Server-ActiveSync: 2.0.3272.0 -=-=-=- Start of Body -=-=-=<Status>1<SyncKey>{3DC36AA433D1-4EA7-B53B361CD7540A4C}1105<Serve rId>027e696191c3e040bda137985b846d8a150549<ParentId>726a4c58dba56e409f3d3563a8bf953c2305b9dprovisioning12…………………………………….
The response from the server returns a list of folders. The permanent URL of the folder (long ID) is included along with the display name. This is used instead of the normal named URLs (/exchange/johndoe/inbox) because the end user could rename a folder or mail message. Each folder is associated with a type number.
96
Appendix B
Type
Definition
1
User-created folder (generic)
2
Standard ‘Inbox’ folder
3
Standard ‘Drafts’ folder
4
Standard ‘Deleted Items’ folder
5
Standard ‘Sent Items’ folder
6
Standard ‘Outbox’ folder
7
Standard ‘Tasks’ folder
8
Standard ‘Calendar’ folder
9
Standard ‘Contacts’ folder
10
Standard ‘Notes’ folder
11
Standard ‘Journal’ folder
12
User-created mail folder
13
User-created calendar folder
14
User-created contacts folder
15
User-created tasks folder
16
User-created journal folder
17
User-created notes folder
18
Unknown folder type
In Version 1.0 of the protocol user-created mail folders had type value 1; in this version they have type value 12.
Exchange ActiveSync Profile
The synchronization state is stored in a hidden folder in the user’s mailbox on the Exchange server. The sync state for e-mail, calendar and contacts and FolderSync is located in the Microsoft-Server-ActiveSync/PocketPC/DeviceId folder in the NON_IPM_SUBTREE of a user’s mailbox. The Search folder containing the folder hierarchy is stored here as well.
Appendix B
97
98
Appendix C
Appendix C Additional Active Sync Troubleshooting Scenarios IIS Settings from Exchange System Manager
The default setting from Exchange System Manager should look like this:
Application Pool Settings from Internet Service Manager
The ExchangeApplicationPool settings from IIS Manager should look like this:
Appendix C
99
100
Appendix C
Virtual Server Setting from Internet Service Manager
Configuration Button:
The Exchange ActiveSync virtual server settings should look like this:
Appendix C
Authentication Control Button
Device Issues
If you suspect you have a device issue, look at the following:
On the device can you access Outlook Web Access? Desktop PassThrough? • Verify Settings. • Connectivity – can you reach the Internet? • Sync Settings – server name (no http://).
Warm Boot (Power Cycle Smartphone).
Unselect and re-select PIM types from Sync. • Always select to delete the device data! • Low free space? Instruct users to use more restrictive filter.
101
102
Appendix C
• In PocketPC 2003, mail is most problematic due to FolderSync.
Flow Chart
Cold Boot Device
Appendix D
103
Appendix D Error Codes DEV_1
E_SYNC_OUTOFDISK: Run out of storage even after system closed other processes. Error Message: Synchronization failed. You do not have enough free memory on your device to synchronize information. Delete unused files from your device or close programs that are running to free up memory, and then try again. Explanation: Insufficient memory. User Action: The storage memory holds all the applications that are loaded in RAM on the device. The program memory is used by programs that are running. The shell adjusts allocation of storage and program memory. The shell will close applications to free program memory. You can also close applications manually by clicking Settings, System, Memory, Running Programs and stopping the unnecessary applications. To free up storage memory, remove unnecessary programs that have been loaded.
DEV_2
E_FAIL_CONNECTION_TIMEOUT: Connection failed due to sync server time out. Error Message: Synchronization cannot be completed successfully due to a server time out. Disconnect, reconnect and try again. Explanation: This error is reported when the server fails to respond to a command sent from the device. User Action: Attempt the sync later.
DEV_3
E_FAIL_ABORT: The user manually aborts the sync process. Error Message: You have stopped synchronization. Explanation: This error is reported when you disconnect the connection that was being used for synchronization. For example, if you were using a Cellular Digital Packet Data (CDPD) modem for connectivity and you clicked on Disconnect in the middle of an Exchange ActiveSync session, you could get this error. User Action: Reconnect and attempt the sync.
104
Appendix D
DEV_4
E_FAIL_CODE_MAJOR: Programming errors
DEV_5
E_FAIL_CODE_MINOR: Skippable code errors: error inside device side AirSync protocol, failed to sync an individual items.
DEV_6
E_FAIL_SERVER: Sync failed due to server side reason but no server originated error code received, or any other unknown server errors.
DEV_7
E_FAIL_CONVERSION_DEVICE: Error in writing an item's properties to the database.
DEV_8
E_PURGE_ERROR: Sync key data is not valid since a data purge failed.
DEV_9
E_FAIL_CONN_INFO_ABSENT: Required connection info not present. Error Message: The connection failed due to missing server information or user credentials. Click Options, and then the Server tab to verify that your server name is correct. Then, click Advanced to verify that your user credentials are correct and try again. Explanation: User Action: Verify the server information and credentials.
DEV_10
Error Message: Synchronization failed because the device timed out waiting for the server to respond. Try again later. Explanation: This error is reported when the device times out while trying to establish a connection with the server. The error is reported after around four minutes. NexTags logging can cause this to happen (since it slows down synchronization and the device times out waiting for a response). This has been observed once or twice when synchronizing a large number of items. User Action: Attempt the sync later or stop NexTags.
MIS_errorcode
These error codes indicate that the error was from the Exchange Server with the Exchange ActiveSync component installed. Note: Also see 330462 MMIS: How to Troubleshoot Exchange ActiveSync "MIS_errorcodes" Error
Appendix D
MIS_0
SYNC_STATUS_CODE_INVALID
MIS_1
SYNC_STATUS_CODE_SUCCESS
MIS_2
SYNC_STATUS_CODE_PROTOCOL_VER: AirSync protocol version mismatch
105
Error Message: Synchronization software version for this mobile device is not supported on the server you specified. Automatic synchronization is now disabled. Explanation: There may be a mismatch in the protocol version used between the client and server. User Action: Make sure that the Server Sync client update on the device is intended for use with the version of Mobile Information Server on your server. Obtain the latest End User Update available from your provider.
MIS_3
SYNC_STATUS_CODE_SYNCKEY: Invalid SyncKey error Error message: Sync key mismatch error. To restart sync, disable and reenable Server ActiveSync on the device for the particular data type that failed (e.g. Calendar, Contacts, or Inbox). Explanation: This error can be reported if the device was restored from an older
backup, the user’s Exchange account was restored or moved to a different server, or the Mobile Information Server software on the server was updated. User Action: Disable and then re-enable Server Sync for the data types that are being synchronized by clicking on Start, ActiveSync, Tools, Options, Server.
MIS_4
SYNC_STATUS_CODE_PROTOCOL: AirSync protocol error
MIS_5
SYNC_STATUS_CODE_SYNC_SERVER: Sync server failure error Error Message: Synchronization failed due to a server software error. If the problem continues, contact your network administrator. Explanation: Windows Integrated Authentication is not enabled on the Exchange virtual directory on the Exchange server. The Exchange ActiveSync component uses Kerberos authentication when communicating with the Exchange server. a) Windows Integrated Authentication is enabled on the Exchange virtual directory on the Exchange server, but Kerberos is disabled via the IIS metabase. b) Kerberos is enabled, but Kerberos authentication fails every 30 days or so. c) The TMP/TEMP environment variable on the Exchange server is not pointing to a valid directory or there is not enough disk space or the user
106
Appendix D
performing sync does not have access to the TMP/TEMP folder on the Exchange server. For large sync requests, IIS uses temporary storage. d) Large sync requests could exceed the default size limits for requests sent to IIS. e) Sync state on the device is corrupt. f)
There is a corrupt item in the mailbox.
User Action: a) To enable Integrated Windows Authentication on the Exchange virtual root: i.
Start Exchange System Manager.
ii.
Expand Servers, expand Server Name, and then expand Protocols. Expand HTTP, and then expand Exchange Virtual Server.
iii.
Right-click Exchange, and then click Properties.
iv.
Click the Access tab, click Authentication, and then click to select the Integrated Windows Authentication check box.
v.
Click OK, and then click OK again.
b) Re-enable Kerberos on the Exchange server by following the instructions in the KB Article 215383. HOW TO: Configure IIS to Support Both Kerberos and NTLM Authentication ID: 215383 c) Obtain the hot fix outlined in KB 329938 by calling Microsoft Product Support Services. d) Verify the TMP/TEMP configuration. e) The MaxClientRequestBuffer can be increased as outlined in the KB 260694 Description of the MaxClientRequestBuffer Registry Value f)
Deselect the data type (usually calendar) and then reselect the data type.
g) Identify the corrupt item using NexTags log and delete it.
MIS_6
SYNC_STATUS_CODE_CONVERSION: Error in the Client/Server conversion
MIS_7
SYNC_STATUS_CODE_CONFLICT: Conflict between the matching Client and Server object
MIS_8
SYNC_STATUS_CODE_OBJ_NOT_FOUND: Object not found (the object is currently deleted) Error Message: Synchronization of cannot be completed successfully. Your device must sync all inbox information with sync server.
Appendix D
107
Explanation: a) This error can occur if the synchronization server is unable to open the inbox folder on the Exchange server. This can occur with calendar and contacts as well. b) The PUT verb is blocked on the Exchange server. User Action: a) A recovery sync will be performed automatically during a subsequent sync. b) If URLSCAN is configured on the Exchange server, make sure that this verb is allowed on the Exchange server.
MIS_9
SYNC_STATUS_CODE_DISK_SPACE: User is out of disk space Error Message: Synchronization failed. There is not enough space on your Microsoft Exchange mailbox to synchronize information. Delete old items to increase space and try again. Explanation: This error can occur if you are approaching the mailbox limits set on your Exchange server. The TMP/TEMP environment variable on the Exchange server is not pointing to a valid directory or there is not enough disk space or the user performing sync does not have access to the TMP/TEMP folder on the Exchange server. For large sync requests, IIS uses temporary storage. Large sync requests could exceed the default size limits for requests sent to IIS. User Action: Try to delete items in your mailbox to bring it within limits. Contact your Exchange administrator to change the limits on your mailbox. Verify the TMP/TEMP configuration. The MaxClientRequestBuffer can be increased as outlined in the KB 260694 Description of the MaxClientRequestBuffer Registry Value
HTTP_errorcode
Standard HTTP error (Internet related). For a complete list of HTTP error code, look at 318380.KB.EN-US IIS Status Codes Note: Also see 330463 XCCC: How to Troubleshoot Exchange ActiveSync HTTP Error Codes
HTTP_401
Error Message: Unable to connect to sync server due to authentication failure. Check your connection configuration. Explanation: The credentials provided to access the server are incorrect or you are not enabled for synchronization or your password has expired. User Action: On the device, go to ActiveSync, Tools, Server, verify that the server name is correct. Click on Advanced and verify the username, password
108
Appendix D
and domain information. Please contact your administrator and make sure that you are enabled for synchronization.
HTTP_403
Error Message: Forbidden User Action: Make sure that SSL is enabled on 2003 devices. Check that sync is enabled on server and user
HTTP_500
Error Message: Synchronization failed due to an error on the server. Try again. Explanation: a) Windows Integrated Authentication is not enabled on the Exchange virtual directory on the Exchange server. The Exchange ActiveSync component uses Kerberos authentication when communicating with the Exchange server. b) Windows Integrated Authentication is enabled on the Exchange virtual directory on the Exchange server, but Kerberos is disabled via the IIS metabase. c) Kerberos is enabled, but Kerberos authentication fails every 30 days or so. d) Sync is attempted while the mailbox is being moved. e) User attempting sync is a member of more than 200 groups. f)
The Left Hand Side (LHS) and Right Hand Side (RHS) of the user’s primary SMTP address are both different from the SMTP address based on the default recipient policy.
g) The Exchange virtual directory on the Exchange Server is configured to require Secure Sockets Layer (SSL). Server ActiveSync communicates with the Exchange Server over port 80. h) The administrator enabled NexTags logging on the Mobile Information Server and selected the DevMode check box under the DevOnly category. i)
The user composes email on the device and attempts a sync when mailbox limits have been reached on the Exchange server.
User Action: a) To enable Integrated Windows Authentication on the Exchange virtual root: i.
Start Exchange System Manager.
ii.
Expand Servers, expand Server Name, and then expand Protocols. Expand HTTP, and then expand Exchange Virtual Server.
iii.
Right-click Exchange, and then click Properties.
iv.
Click the Access tab, click Authentication, and then click to select the Integrated Windows Authentication check box.
v.
Click OK, and then click OK again.
Appendix D
109
b) Re-enable Kerberos on the Exchange server by following the instructions in the KB Article 215383. HOW TO: Configure IIS to Support Both Kerberos and NTLM Authentication ID: 215383 c) Obtain the hot fix outlined in KB 329938 by calling Microsoft Product Support Services. d) Attempt sync later. e) Reduce the group membership or obtain the QFE fix outlined in KB 818526 by calling Microsoft Product Support Services. f)
Obtain the QFE fix outlined in KB 818526 by calling Microsoft Product Support Services. Install the QFE fix, add the registry key as outlined in the KB and restart the IIS Admin (inetinfo) service.
g) To configure the Exchange virtual directory to not require SSL:
i.
On the Exchange server click Start, Programs, Administrative Tools, and then click Internet Services Manager.
ii.
Expand the <ServerName> and the nodes.
iii.
Right-click the Exchange virtual root, and then click Properties.
iv.
On the Directory Security tab, click Edit under Secure Communications.
v.
Verify that the "Require Secure Channel (SSL)" check box is not selected, and then click OK two times.
vi.
Close Internet Services Manager.
h) Start the NexTags tool, click to clear the DevMode check box, and then click Apply. i)
HTTP_502
Try to delete items in your mailbox to bring it within limits or contact your Exchange administrator to change the limits on your mailbox.
Error Message: Synchronization failed due to an error on the server. Explanation: The device is using a proxy server to connect to the ActiveSync Server. The proxy server encountered an error. User Action: Please use a different proxy or report the issue to the proxy server administrator.
HTTP_503
Error Message: Synchronization failed due to an error on the server. Try again. Explanation: The Web service is unavailable. The service may have been stopped temporarily. User Action: Attempt sync later.
110
Appendix D
HTTP_504
Error Message: Gateway Timeout Explanation: Potential Server ActiveSync failure User Action: Gather and analyze client logs; it is most likely problem with an e-mail item that can not be synced.
CONNMGR_errorcode
Connection Manager error. Note: Also see 330466 XCCC: List of Connection Manager Message Codes
CONNMGR_0
E_CONNMGR_UNKNOWN: Unknown status
CONNMGR_16
E_CONNMGR_CONNECTED: Connection is up
CONNMGR_32
E_CONNMGR_DISCONNECTED: Connection is disconnected
CONNMGR_33
E_CONNMGR_CONNECTIONFAILED: Connection failed and cannot not be reestablished Error Message: Unable to connect. Verify you have network coverage and try again. Explanation: There is no connection available for the device to communicate with the server. User Action: Verify the connectivity settings on your device.
CONNMGR_34
E_CONNMGR_CONNECTIONCANCELED: User aborted connection
CONNMGR_35
E_CONNMGR_CONNECTIONDISABLED: Connection is ready to connect but disabled
CONNMGR_36
E_CONNMGR_NOPATHTODESTINATION: No path could be found to destination Error Message: Unable to connect. Verify your dialup or proxy settings are correct, and try again.
Appendix D
111
Explanation: a) There is no connection available for the device to communicate with the server. b) The user has more than 372 top level folders in their mailbox. User Action: a) Verify the connectivity settings on your device. b) Reduce the number of top level folders to 372 or less by moving some top level folders to be subfolders.
CONNMGR_37
E_CONNMGR_WAITINGFORPATH: Waiting for a path to the destination
CONNMGR_38
E_CONNMGR_WAITINGFORPHONE: Voice call is in progress
CONNMGR_64
E_CONNMGR_WAITINGCONNECTION: Attempting to connect
CONNMGR_65
E_CONNMGR_WAITINGFORRESOURCE: Resource is in use by another connection
CONNMGR_66
E_CONNMGR_WAITINGFORNETWORK: No path could be found to destination
CONNMGR_128
E_CONNMGR_WAITINGDISCONNECTION: Connection is being brought down
CONNMGER_129
E_CONNMGR_WAITINGCONNECTIONABORT: Aborting connection attempt
INTERNET_errorcode
Standard WinInet error (Internet related) Note: Also see 330465 MMIS: How to Use INTERNET_errorcodes to Troubleshoot Exchange ActiveSync
INTERNET_7
Explanation: Domain Name System (DNS) problem for the carrier User Action: Warm Reset and try sync again. Try desktop pass-through.
112
Appendix D
INTERNET_19
Error Message: Synchronization failed due to a device software error. Contact your network administrator. Explanation: This could be caused by transient network issues. User Action: Attempt the sync later.
INTERNET_29
Error Message: Synchronization failed. Information cannot be synchronized because a connection to the network was not detected. Check your device connection settings and try again. Explanation: a) There is no connectivity to the server. b) A certificate is not installed on the server c) The configuration settings on the device for Exchange ActiveSync are incorrect. User Action: a) If you are using desktop passthrough, make sure the device is in the cradle. If you are using an 802.11 card, make sure the connection settings are configured correctly. Check to see if your device has a valid IP address. Verify that you have Internet connectivity by browsing a Web site. Freeware utilities are available for the PocketPC that assist in determining your IP address and verifying basic network connectivity. b) Exchange ActiveSync requires SSL. Install a valid certificate on the server. c) On the Pocket PC 2002-based device, click Start, click ActiveSync, click Tools, click Options, click Server, and then verify that you entered the server name correctly. Use the name of the server that is running Mobile Information Server and not the server that is running Exchange 2000.
INTERNET_31
Error Message: The connection with the server has been reset. Explanation: The connection to the server was lost. If you are using a wireless card, the card could have lost its association with the Access Point. If you are using a modem, the network coverage was lost. User Action: Ensure that you have connectivity and then attempt a sync.
INTERNET_37
Error Message: Synchronization failed. The security certificate on the server has expired. Check that the date and time on your device are correct and try again. Explanation: The date and time on the device are incorrect. User Action: On your device, click Start, Settings, System, Clock and set the correct date and time.
Appendix D
INTERNET_38
113
Error Message: Synchronization failed due to an incorrect SSL certificate common name. Explanation: The name of the MIS server does not match the common name on the certificate. User Action: On your device, click Start, ActiveSync, Tools, Options, Server and make sure that the correct server name is entered.
INTERNET_45
Error Message: Synchronization failed. The security certificate on the server is invalid. Contact your system administrator or ISP to install a valid certificate on the server and try again. Explanation: The sync client does certificate validation and has detected that an invalid certificate is installed. User Action: Attempt sync after a valid certificate is installed on the server. The following root certificates are installed by default on PocketPC 2002 devices. •
Verisign/RSA Secure Server
•
Verisign Class 1 Public Primary CA
•
Verisign Class 2 Public Primary CA
•
Verisign Class 3 Public Primary CA
•
Verisign Class 3 Public Primary CA (2028)
•
GTE Cybertrust ROOT
•
GTE Cybertrust Solutions ROOT
•
Thawte Server CA
•
Thawte Premium Server CA
•
Entrust.net Secure Server
•
Entrust.net CA (2048 bit)
If you are using a certificate that is not trusted, you can disable certificate validation on the device by using a CAB file provided on the Microsoft Mobile Information CD. Please see the readme that is provided with the CAB file for more information. Root certificates can also be added to the Pocket PC 2002 device by using the process outlined in KB 322956 Sample to Add Root Certificates to Pocket PC 2002.
INTERNET_152
Error Message: Synchronization failed due to a communications failure. Try again. Explanation: An invalid response was received from the server. This could occur if a problem was encountered while the server was in the midst of transmitting data. This could also occur if the default Web site has been stopped.
114
Appendix D
User Action: Attempt the sync again. If the default Web site was stopped click Start, Programs, Administrative Tools, and then click Internet Services Manager. Click to expand your server object, right-click Default Web site, and then click Start.
Hexerrorcode
For example: 0x80004005
0x80042256
Error Message: Synchronization failed because the user aborted connection. Explanation: User clicked Stop when the sync was in progress. User Action: In Exchange ActiveSync, click Sync to initiate the server sync.
0x80070008
Error Message: Synchronization failed. If the problem continues, contact your network administrator. Explanation: Unknown User Action: Obtain the latest Pocket PC End User Update from your service provider.
0x8007000e
Error Message: Synchronization failed. You do not have enough free memory on your device to synchronize information. Delete unused files from your device or close programs that are running to free up memory, and then try again. Explanation: Attempt to sync a meeting request that contains an attendee list that exceeds 16 K characters. Attempt to sync a calendar item that contains a large number of exceptions. User Action: Obtain the latest Pocket PC End User Update from your service provider. Identify the item using the NexTags log and delete it.
0x80004005
Error Message: Synchronization failed due to a device software error. Contact your network administrator. Explanation: Unknown User Action: Obtain the latest Pocket PC End User Update from your service provider.