Windows Mobile and ActiveSync - ActiveSync Encountered A Problem On The Server
For the past couple of days, a problem with Windows Mobile 5 and Exchange 2003 SP2 ActiveSync has been driving me up the wall. Single E2K3 SP2 server on W2K3 SP1 with an ISA Server 2004 acting as a reverse proxy. Forms Based Authentication (FBA) is enabled. In the past 3 months, I have configured ActiveSync on 4 other, almost identical servers and it worked fine.
However, each time, the device showed:
ActiveSync encountered a problem on the server.
Support code: 0x85010014
In the HTTP proocol logs, two interesting codes were showing up in the protocol status, substatus, and W32status:
401 2 2148074254 (that is error 401.2)
500 0 0 (error 500)
401.2 indicates an authentication problem and 500 indicates an internal server error.
I went through KB 817379: "Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003" at least 4 times trying to see if I had missed something. I went through a similar article on Daniel Petri's site. No luck.
I compared setting-by-setting the Exchange server, the ExchangeVDir virtual directory, and the ISA Server with other sites that were working. No luck.
I finally broke down and called Microsoft PSS. I really hate calling PSS since you spend the first hour going through the same things you have been troubleshooting for the past 2 or 3 days. And often end up teaching the front-line tech support guys a few things about Exchange.
At least the PSS guy had heard of KB 817379, though. Nonetheless, we went through it line-by-line once again. And again. No luck.
Then, he has me disable Forms Based Authentication on the Exchange Virtual Server, then wait for DS2MB to replicate the settings to IIS, THEN make an exported configuration of the /Exchange virtual directory, the re-enable Forms Based Authentication, then create the /Exchange-OMA virtual directory using the steps in KB 817379.
This time, it worked!!!!! Yay!!!! I'm just a little peeved that I had to use up a support incident to find this "double secret probation" technique out. Apparently it is something that PSS tries when it does not work the normal way. Why in the name of Siddhartha Gautama is this little tidbit not publicly documented somewhere!!!???