RE: SBS2003 - Active Sync - http_500

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi,

Thank you for posting here.

I appreciate you taking time to write to me. From your post I understand
encountered http_500 error through ActiveSync. Is it correct?


Exchange Server ActiveSync and Exchange Outlook Mobile Access (OMA) use the
/Exchange virtual directory to access OWA templates and DAV on Exchange
back-end servers on which the user's mailbox is located. Server ActiveSync
and OMA cannot access this virtual directory if either of the following
conditions is true:
o The /Exchange virtual directory on an Exchange back-end server is
configured to require SSL.
o Forms-based authentication is enabled.


In general, to publish ActiveSync, you just need to run the CEICW and
enable the firewall settings and make sure the 443 port is forwarded.
During CEICW wizard will create a new Exchange-oma directory. The wizard
should help you reconfigure the /Exchange virtual directory and forms-based
authentication to work with Outlook

More info please refer to following article:
Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or
forms-based authentication is required for Exchange Server 2003

http://support.microsoft.com/default.aspx?scid=kb;[LN];817379

In addition, the HTTP 500 error may also occur if the user account you try
to use for logon and use ActiveSync does not have an SMTP address that
matches the default domain name as the local path of the Exchange Virtual
Directory.

To determine the appropriate SMTP address, follow these steps:

1. Start Exchange System Manager.

2. Browse to Servers/<server name>/Protocols/HTTP/Exchange Virtual
Server/Exchange.

3. Get properties of the Exchange virtual directory. This is the default
OWA virtual directory created during Exchange Server Setup.

4. On the General property ***, note the value from the field labeled
Exchange Path. An example of this value is "company.com (default)." In this
example, only users with an SMTP address ending with @company.com can use
the Exchange virtual directory to access their mailboxes.

If the SMTP e-mail address of your problematic user doesn''t match the
default domain name, you need to go to Active Directory Users and Computers
to modify the Primary SMTP e-mail address for this user to match the
default SMTP domain, and then test to see if it works for you.


More info:

For your convenience, I list the detailed steps to configure CEICW wizard:

1. On the Small Business Server 2003 computer, click "Start", and then
click "Server Management".

2. Expand "Standard Management", and then click "To Do List".

3. In the right pane, click "Connect to the Internet", and then click
"Next".

4. On the "Connection Type" page, click "Do not change connection type",
and then click "Next".

5. On the "Firewall page", click "Enable firewall", and then click "Next".
Important Do not click the "Do not change firewall configuration" option.

6. If you receive the following message, click "OK":

To ensure the proper configuration of ISA Server, existing custom packet
filters will be disabled. For information on how to re-enable existing
packet filters, see Small Business Server Help.

7. On the "Services Configuration" page, click to select the check boxes of
the additional services that you want to make available from the Internet,
and then click "Next".

h. On the "Web Services Configuration" page, click "Allow access to only
the following Web site services from the Internet", click to select the
check boxes of the services and of the Web sites that you want to make
accessible from the Internet (i.e. Outlook Web Access, Remote Web
Workplace, Outlook Mobile Access, Outlook via the Internet, Business Web
site (wwwroot), etc.), and then click "Next".

8. On the "Web Server Certificate" page, click "Create a new Web server
certificate", type the Small Business Server computer's fully qualified
domain name in the "Web server" name box, and then click "Next".

[Important] The fully qualified domain name that you type in the "Web
server name" box must be the same name that you use to connect to the Web
site from the Internet. For example, if the URL that you use to connect to
a Microsoft Outlook Web Access Web site is
<<https://external.domain.com/exchange>>, type "external.domain.com"
(without the quotation marks) in the "Web server name" box.

Note: If you don't have your own registered fully qualified domain name
(FQDN), we can input the "Public IP Address" (As you mentioned the [valid
IP address]).

9. On the Internet E-mail page shows, select "Enable Internet e-mail" and
click Next.

10. Select either "Use DNS to route e-mail" or "Forward all e-mail to
e-mail server at your ISP". If you select the latter, enter the ISP SMTP
server. Click Next.

11. Specify to receive e-mail using one or both of the following methods:

- POP3 Mailboxes
- Exchange

Click Next.

12. Enter your e-mail domain name and click Next. The e-mail domain name
should match the mail exchanger (MX) resource record maintained at your
ISP. This must be a registered Internet domain name.

13. Go through the steps to finish the wizard.


14. On the "Completing the Configure E-mail and Internet Connection Wizard"
page, view the configuration information to make sure that it is correct,
and then click "Finish".

825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763

A step by step explanation of the CEICW:
http://www.sbs-rocks.com/sbs2k3/sbs2k3-n2.htm

Hope this helps, if you need more help on this issue, please do not
hesitate to let me know.


Best Regards,

Chace Zhang (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.

=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "christoph fennel" <fennel@xxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: SBS2003 - Active Sync - http_500
| Date: Mon, 9 Oct 2006 14:16:51 +0200
| Lines: 130
| Message-ID: <4oustgFgamlvU1@xxxxxxxxxxxxxx>
| X-Trace: individual.net /HdTPCW5WHSu1NBS8WVOfgvCsueS967hALWarwYIUcCUv1WEP0
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
| X-RFC2646: Format=Flowed; Original
| Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed00
sul.t-online.de!newsfeed01.sul.t-online.de!t-online.de!fu-berlin.de!uni-ber
lin.de!individual.net!not-for-mail
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:303632
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hello Newsgroup,
|
| first excuse my english, because it's not my native language but I hope
you
| will understand my problem.
| I've here a SBS2003 server with exchange 2003 (SP2) installed and a HP
iPaq
| device with Windows Mobile 5 and I try to synchronize the device with the
| exchange server. After we solved some SSL-certificate problems I got
always
| a http_500 error when I try to sync with the server. The folllowing
solution
| advices I allready tried, bot none helps:
|
| 1.. Windows Integrated Authentication is not enabled on the Exchange
| virtual directory on the Exchange server. The Server ActiveSync component
| uses Kerberos authentication when communicating with the Exchange server.
| 2.. Windows Integrated Authentication is enabled on the Exchange
virtual
| directory on the Exchange server, but Kerberos is disabled via the IIS
| metabase.
| 3.. Kerberos is enabled, but IIS may return HTTP Status 401 every 30
Days
| when using Kerberos on Windows 2000.
| 4.. Sync is attempted while the mailbox is being moved.
| 5.. User attempting sync is a member of more than 200 groups.
| 6.. The Left Hand Side(LHS) and Right Hand Side(RHS) of the user's
primary
| SMTP address are both different from the SMTP address based on the
default
| recipient policy. (Fixed with Exchange 2003 Service Pack2)
| 7.. The Exchange virtual directory on the Exchange Server is configured
to
| require Secure Sockets Layer (SSL). Server ActiveSync communicates with
the
| Exchange Server over port 80.
| 8.. Windows SharePoint® has been installed on the Exchange server
| 9.. The user composes e-mail on the device and attempts a sync when
| mailbox limits have been reached on the Exchange server.
| 10.. Anonymous authentication is enabled on the
| Microsoft-Server-ActiveSync virtual directory on the server.
| 1. verified - thats not the problem
| 2. verified - thats not the problem
| 3. verified - thats not the problem
| 4. verified - thats not the problem
| 5. verified - thats not the problem
| 6. verified - thats not the problem SP2 installed
| 7. verified - thats not the problem
| 8. it is installed, I followed KB 832769 HOW TO: Configure Windows
| SharePoint Services to Use Kerberos Authentication
| 9. verified - thats not the problem
| 10. verified - thats not the problem
|
| I also disabled "formbased authentication" on the exchange, access to
| https://servername/exchange / https://servername/oma und
| https://servername/owa works from the PDA. Sadly I got no message in the
| eventlog about this problem.
| I setup a test enviroment and there I got no problems to sync the device.
| I've absolutely no idea what to try next.
| Here are the logs from the device and from the IIS:
|
| IIS-Log:
| 2006-10-09 10:32:47 MAINSERVER 192.168.16.2 OPTIONS
| /Microsoft-Server-ActiveSync
|
User=administrator&DeviceId=052638325941A771A8000050BF1977E0&DeviceType=Pock
etPC&Log=VNATNASNC:0A0C0D0FS:0A0C0D0SP:0C0I0S0R0S0L0H
| 443 domänenname\administrator 194.29.XXX.X Microsoft-PocketPC/3.0
| domänenname 200 0 0 587 353
| 2006-10-09 10:32:48 MAINSERVER 192.168.16.2 PROPFIND
|
/exchange-oma/Administrator@domänenname.de/NON_IPM_SUBTREE/Microsoft-Server-
ActiveSync/PocketPC/052638325941A771A8000050BF1977E0
| - 80 - 192.168.16.2 Microsoft-Server-ActiveSync/6.5.7638.1 domänenname
302
| 0 0 366 453
| 2006-10-09 10:33:17 MAINSERVER 192.168.16.2 POST
| /Microsoft-Server-ActiveSync
|
User=administrator&DeviceId=052638325941A771A8000050BF1977E0&DeviceType=Pock
etPC&Cmd=FolderSync&Log=V2TNASNC:0A0C0D0FS:0A0C0D0SP:1C1I459S0R0S0L0H0P
| 443 domänenname\administrator 194.29.XXX.X Microsoft-PocketPC/3.0
| domänenname 500 0 0 313 451
|
| PDA-Log:
| =-= Build 15045 =-=
| =-= No XIP Information Available =-=
| domänenname
|
| =-=- [9/10/2006 11:19:43.0] -=-=
| =-=-=-= Client Request =-=-=-=
| OPTIONS
|
Microsoft-Server-ActiveSync?User=administrator&DeviceId=052638325941A771A800
0050BF1977E0&DeviceType=PocketPC
| Accept-Language: de
| MS-ASProtocolVersion: 2.0
|
| -=-=-=- Start of Body -=-=-=-
|
|
| =-=- [9/10/2006 11:19:48.0] -=-=
| =-=-=-= Server Response =-=-=-
| HTTP/1.1 200 OK
| Date: Mon, 09 Oct 2006 11:19:23 GMT
| Server: Microsoft-IIS/6.0
| MicrosoftOfficeWebServer: 5.0_Pub
| X-Powered-By: ASP.NET
| Pragma: no-cache
| Content-Length: 0
| Public: OPTIONS, POST
| Allow: OPTIONS, POST
| MS-Server-ActiveSync: 6.5.7638.1
| MS-ASProtocolVersions: 1.0,2.0,2.1,2.5
| MS-ASProtocolCommands:
|
Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateColle
ction,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,F
olderUpdate,MoveItems,GetItemEstimate,MeetingResponse,ResolveRecipients,Vali
dateCert,Provision,Search,Notify,Ping
|
|
|
| =-=- [9/10/2006 11:19:48.0] -=-=
| =-=-=-= Client Request =-=-=-=
| POST
|
Microsoft-Server-ActiveSync?User=administrator&DeviceId=052638325941A771A800
0050BF1977E0&DeviceType=PocketPC&Cmd=FolderSync
| Accept-Language: de
| MS-ASProtocolVersion: 2.0
| Content-Type: application/vnd.ms-sync.wbxml
|
| -=-=-=- Start of Body -=-=-=-
| <?xml version="1.0" encoding="utf-8"?><FolderSync
| xmlns="FolderHierarchy:"><SyncKey>0</SyncKey></FolderSync>
|
| =-=- [9/10/2006 11:20:30.0] -=-=
| =-=-=-= Server Response =-=-=-
| HTTP/1.1 500 Internal Server Error
| Date: Mon, 09 Oct 2006 11:20:06 GMT
| Server: Microsoft-IIS/6.0
| MicrosoftOfficeWebServer: 5.0_Pub
| X-Powered-By: ASP.NET
| Pragma: no-cache
| Content-Type: text/html
| Content-Length: 56
| MS-Server-ActiveSync: 6.5.7638.1
|
|
| Maybe some of you have another idea.
|
| best regards C. Fennel
|
|
|

.

Quantcast