hello, It seems that some of our clienst making lots (over 300.000) connections a day to our exhange server Server is working fine. certificates are fine, clients do get all info Does anybody has an idea of what could be going wrong or how I can start to troubleshoot this (the IIS logs are a bit cryptical at best) EXCHANGE 2010SP1 on Win2008R2 server (one HUB/CAS server and two database servers in DAG). Behind a netscreen firewall (no application filtering), No ISA Thanks in advance Daniel

How many client machines do you have? On its own, the number you have provided is useless. Outlook 2007 and higher is built to use web services, so a high number of connections to HTTPS on the Exchange server is to be expected. Free/Busy information comes through web services, as does OAB distribution. Then there is autodiscover which is polled fairly frequently. If you have deployed Outlook Anywhere, then that makes a lot of connections to the server. If you want to see what the traffic is going to, the latest version of SmarterStats does a pretty good job of processing the IIS logs from an Exchange server. The version for a single site is free. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

We only have 150 clients. The number I provided is the number of connections of ONE client (counted by the firewall) in one day Most other clients stay below 3000 connections a day. That's the strange part....why do some clients go out of control (both inside and outside the firewall) I'll look into smarterstats Daniel PS It seems we do no longer receive alerts on this forum when something is posted (the checkbox is on)

I am getting alerts fine. One client making that many connections could be unusual, but it isn't something I have seen as reported as an issue. It could be a sign that the session is been torn down frequently, rather than being allowed to remain up, which means the session has to be reestablished. What would be of most interest is bandwidth use. If the client isn't using more bandwidth, then it isn't so much of a problem - the bandwidth is just being used in a different way. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

The major problem is with our provider. He allows a limited number of connections coming from our IP's. So, after a curtain threshold is reached, the provider start blocking. The only solution is to restart the IIS One minor problem is that the IIS worker processes keep growing and growing in size untill they consume all available memory Amother Minor problem is that after a while we notice in the applicationlogs that LDAP queries to AD are timed-out...hence new connections are rejected At first sight it seems that the problem is related to sync. Lines like these are almost 99% of the IIS logs EXTIP, USERNAME, 12/9/2010, 19:53:18, W3SVC1, ETROEXHC1, 10.0.1.12, 31, 3112, 1679, 200, 0, POST, /EWS/Exchange.asmx, ;RC:97c0771c-c8bf-4e8c-b993 2406f0d32a11;Init>>Conn:1, HangingConn:0,AD:30000/30000/0%,CAS:54000/50295/7%,AB:30000/30000/0%, RPC:36000/33389/5%,FC:1000/0,Policy:DefaultThrottlingPolicy_73250c3c-c69a-4f04-93ae-b5aa8ed88426,Norm,Sub:5000/0;[C]Queues:0msec/Execute:15,6215msec;SoapAction=m:SyncFolderItems;Version=1;RpcC=3;RpcL=15;LdapC=0;LdapL=0;End(15,6215ms)>>Conn:1,HangingConn:0,AD:30000/30000/0%,CAS:54000/50265/7%,AB:30000/30000/0%,RPC:36000/33359/5%,FC:1000/0, Policy:DefaultThrottlingPolicy_73250c3c-c69a-4f04-93ae-b5aa8ed88426,Norm[Resources:(Mdb)ETRO15(Health:-1%,HistLoad:0),],Sub:5000/0;, PS I tried SmarterStats but it seems it only works for logs older then 1st of June of this year. After that dat, the log format was changed (field order) hence the logs are not imported anymore hence no use for the program

On Thu, 9 Dec 2010 10:53:24 +0000, Dcoppee wrote: >It seems that some of our clienst making lots (over 300.000) connections a day to our exhange server Server is working fine. certificates are fine, clients do get all info > >Does anybody has an idea of what could be going wrong or how I can start to troubleshoot this (the IIS logs are a bit cryptical at best) EXCHANGE 2010SP1 on Win2008R2 server (one HUB/CAS server and two database servers in DAG). Behind a netscreen firewall (no application filtering), No ISA Is someone using an iPhone4 with the original O/S on it? http://gsexdev.blogspot.com/2010/08/parsing-iis-log-activesync-traffic-for.html --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Hi Daniel, Any update for your issue? Regards! Gavin TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Gavin, It seems indeed related to the (mis)use of Iphone mobiles Is there a way to counter this? (Besides asking them to update the IOS) regards Daniel

Hi Dcoppee, Per my known, we could use the performace monitor tool to monitor the iphttps session, and the MSExchange ActiveSync information. I would suggest that you could test it. Some information for you: http://technet.microsoft.com/en-us/library/cc441738.aspx Some other network monitor might also could acheve it. If you still have issue, please tell us. If I misunderstand your issue, please tell me. Regards! Gavin TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thanks for all the pointers and links: I'll give some mnitoringtools a run But... For now the conclusion is: Although we only have 20 Mac/Iphone users versus130 outlook/OWA users, the biggest number of IIS log entries (over 99.8% of all entries) are coming from either Iphone or Mail.app (a mail sync tool on the Mac it seems). For just calender and email sync they manage to get between 40'000 and 200'000 log entries per day (per Apple-user), compared to a few 10's of connections for our outlook (over HTTPS) users As I expect this to be the reason of LDAP/AD query time-outs, I hope to solve this. So, besides using a monitoring tool...What can/Need i to do to prevent this? Or is this normal? It looks like they are continuously syncing everything regards Daniel

Hi Daniel, I am sorry I have no the test scenario to do more further research for you, and I have escalated it for you. You will get more help then. If any more information, I would post here. Regards! Gavin TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Daniel, I am sorry I have no the test scenario to do more further research for you, If any more information, I would post here. Regards! Gavin TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello Daniel, Regarding the Iphone portion of this issue there are 2 options. 1. Update the phones. 2. Have the users install a config file from apple to change the task timeout value on each phone. http://support.apple.com/kb/TS3398 - iOS 4.0: Exchange Mail, Contacts, or Calendars may not sync after update Regarding parsing logs. You may be able to get more in-site using Logparser. It is a very powerful tool that you can create reports with. Below is a link with some examples for exchange. http://msexchangeteam.com/archive/2007/09/12/446982.aspx - More fun with Logparser and Exchange logs I hope the above helps you with this issue. Please post your findings and status of this issue so as to provide more feed back. Konstantin

Hello Constantin, Thanks for this pointer, I reduced allready some of the load but still experiencing (I-phone) problems. What would you suggest is a good task-timeout? I understood that for outlook, this time-out is unlimited. So QAm I correct that the higher the time-out, the better? Regards Daniel