activesync during coexistence not working with exchange 2013 mailboxes internally or externally

Hello,

Activesync working on exchange 2010 server.  Move mailbox to exchange 2013 server activesync no longer working.

Run microsoft remote connectivity test on server internally and getting HTTP 403 forbidden response received from (IIS7?).

Tried the enable inheritance on activesync user to no avail.  IIS using basic authent and  ignoring client certificate.

March 20th, 2015 9:12pm

I have these logs to add.

We don't have control over the emaildomain.org domain and don't want to use that for autodiscovery anymore.

[PS] D:\Program Files\Microsoft\Exchange Server\V15\scripts>Test-ActiveSyncConnectivity -MailboxCredential (Get-Credenti
al nehc-1199\extest_c99e36b510484) -UseAutodiscoverForClientAccessServer | fl


RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : Exg
LocalSiteShortName          :
ClientAccessServer          : Exg.domain.local
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server Exg.domain.local from
                              (Exg.domain.local)  for Client Access server information using NTLM for
                              authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: The underlying connection was closed: Could not establish
                              trust relationship for the SSL/TLS secure channel. Inner error
                              [System.Security.Authentication.AuthenticationException]: The remote certificate is
                              invalid according to the validation procedure.
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:22 PM
Latency                     : 00:00:00.0156243
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New

RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : Autodiscover
LocalSiteShortName          :
ClientAccessServer          : Autodiscover.emaidomain.org
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server Autodiscover.seiu1199ne.org from
                              (extest_c99e36b510484@emaildomain.org)  for Client Access server information using NTLM
                              for authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: The remote name could not be resolved:
                              'autodiscover.emaldomain.org'
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:22 PM
Latency                     : 00:00:00.0156337
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New

RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : emaildomain
LocalSiteShortName          :
ClientAccessServer          : semaildomain.org
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server emaildomain.org from
                              (extest_c99e36b510484@emaildomain.org)  for Client Access server information using NTLM
                              for authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: Unable to connect to the remote server Inner error
                              [System.Net.Sockets.SocketException]: No connection could be made because the target
                              machine actively refused it 52.1.210.123:443
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:23 PM
Latency                     : 00:00:01.0377464
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New


  • Edited by 2010 6 hours 8 minutes ago
Free Windows Admin Tool Kit Click here and download it now
March 20th, 2015 9:12pm

I have these logs to add.

We don't have control over the emaildomain.org domain and don't want to use that for autodiscovery anymore.

[PS] D:\Program Files\Microsoft\Exchange Server\V15\scripts>Test-ActiveSyncConnectivity -MailboxCredential (Get-Credenti
al nehc-1199\extest_c99e36b510484) -UseAutodiscoverForClientAccessServer | fl


RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : Exg
LocalSiteShortName          :
ClientAccessServer          : Exg.domain.local
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server Exg.domain.local from
                              (Exg.domain.local)  for Client Access server information using NTLM for
                              authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: The underlying connection was closed: Could not establish
                              trust relationship for the SSL/TLS secure channel. Inner error
                              [System.Security.Authentication.AuthenticationException]: The remote certificate is
                              invalid according to the validation procedure.
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:22 PM
Latency                     : 00:00:00.0156243
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New

RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : Autodiscover
LocalSiteShortName          :
ClientAccessServer          : Autodiscover.emaidomain.org
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server Autodiscover.seiu1199ne.org from
                              (extest_c99e36b510484@emaildomain.org)  for Client Access server information using NTLM
                              for authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: The remote name could not be resolved:
                              'autodiscover.emaldomain.org'
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:22 PM
Latency                     : 00:00:00.0156337
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New

RunspaceId                  : 6881ac36-5b0c-4c41-9811-1863a6c5e28d
LocalSite                   :
SecureAccess                : True
VirtualDirectoryName        :
Url                         :
UrlType                     : Unknown
Port                        : 0
ConnectionType              : Plaintext
ClientAccessServerShortName : emaildomain
LocalSiteShortName          :
ClientAccessServer          : semaildomain.org
Scenario                    : Autodiscover Client Access server
ScenarioDescription         : An attempt was made to contact Autodiscover server emaildomain.org from
                              (extest_c99e36b510484@emaildomain.org)  for Client Access server information using NTLM
                              for authentication.
PerformanceCounterName      :
Result                      : Failure
Error                       : [System.Net.WebException]: Unable to connect to the remote server Inner error
                              [System.Net.Sockets.SocketException]: No connection could be made because the target
                              machine actively refused it 52.1.210.123:443
UserName                    : extest_c99e36b510484
StartTime                   : 3/20/2015 3:22:23 PM
Latency                     : 00:00:01.0377464
EventType                   : Error
LatencyInMillisecondsString :
Identity                    :
IsValid                     : True
ObjectState                 : New


  • Edited by 2010 Saturday, March 21, 2015 1:14 AM
March 21st, 2015 1:11am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics