Problem : Exchange 2010 Active Sync issue, can’t get it to work

Problem : Exchange 2010 Active Sync issue, can’t get it to work

We are running Exchange 2010. Everything is working except Active Sync. I can’t get it to work. Below I have posted the results from
Our Exchange ActiveSync configuration is all default.

I also get the following error event in the application log of the Exchange server when I try to synchronize my smartphone through ActiveSync:
Log Name:      Application
Source:        MSExchange ActiveSync
Date:          1/29/2010 8:46:19 PM
Event ID:      1100
Task Category: Requests
Level:         Error
Keywords:      Classic
User:          N/A
Exchange ActiveSync device requests for your users are being blocked. This problem frequently occurs when the HTTP OPTIONS method request isn’t allowed by the firewall. Please check the firewall that filters requests in front of your Client Access server and the Microsoft-Server-ActiveSync virtual directory.

Results from

Testing Exchange ActiveSync
Exchange ActiveSync test Failed
Test Steps
Attempting to resolve the host name {domain-name} in DNS.
Host successfully resolved
Additional Details
IP(s) returned: {public-ip}

Testing TCP Port 443 on host {domain-name} to ensure it is listening and open.
The port was opened successfully.
Testing SSL Certificate for validity.
The certificate passed all validation requirements.
Test Steps
Validating certificate name
Successfully validated the certificate name
Additional Details
Found hostname {domain-name} in Certificate Subject Common name

Validating certificate trust for Windows Mobile Devices
Certificate is trusted and all certificates are present in chain
Additional Details
Certificate is trusted for Windows Mobile 5 and Later platforms. Root = OU=Equifax Secure Certificate Authority, O=Equifax, C=US

Testing certificate date to ensure validity
Date Validation passed. The certificate is not expired.
Additional Details
Certificate is valid: NotBefore = 7/7/2009 10:28:37 AM, NotAfter = 9/6/2011 10:06:57 PM”

Testing Http Authentication Methods for URL https://{domain-name}/Microsoft-Server-Activesync/
Http Authentication Methods are correct
Additional Details
Found all expected authentication methods and no disallowed methods. Methods Found: Basic

Attempting an ActiveSync session with server
Errors were encountered while testing the ActiveSync session
Test Steps
Attempting to send OPTIONS command to server
Testing the OPTIONS command failed. See Additional Details for more info
Additional Details
A Web Exception occurred because an HTTP 401 – Unauthorized response was received from IIS7

Solution: Exchange 2010 Active Sync issue, can’t get it to work

The account that you are using to test… is it a member of any administrator group?

If yes then create a new user with a mailbox with default permissions. Test it with that user.

In Exchnage 2010, if a user is a member of any Administrator group, then he will not be able to sync his mobile device. It is by design. However there is a workaround that we can follow.

But before that check it with a test user.

Let us know how it goes.