I got my hands dirty with ActiveSync two weeks back (http://mobilitydojo.net/2010/03/17/digging-into-the-exchange-activesync-protocol), and shared the results with you here. I also mentioned that doing the things I did required a few lines of code since not everything could be done in Fiddler. Because of this I promised you I had something in the works to let you actually play around too, without cracking open your Visual Studio, and now I’m trying to make good on this promise 
I introduce to you, the first beta release of “Exchange ActiveSync MD”. It is a desktop app that will let you emulate a device connecting to ActiveSync. Yes, it is similar to what www.testexchangeconnectivity.com, but I only focus on EAS, and I have a couple of options not present in the ActiveSync test MSFT provide. It will require you to have .Net 3.5 installed on your computer – I’ve tested it running on Windows 7 and Windows Server 2008 R2, but it should work on other Windows versions too with .Net present. It will not require an installation, and you can just run the .exe file itself.
It has only three screens to relate to, and while most of it is fairly self-explanatory, (doesn’t always the programmer believe this to be the fact?), I’ll walk you through it:
Main
This would be the place you’ll be finding yourself in most of the time using this simple app. There are two tests you can perform; “Basic Connectivity” and “Full Sync”.
Basic Connectivity: for this test you will need to provide the connection parameters, but you can ignore the other options and parameters. This test will perform a HTTP GET against the specified server address to pinpoint basic issues like DNS resolution, server being reachable, and authentication. If the GET works you’ll get a 501/505 the same way as opening the address in a browser. If the GET goes through a HTTP OPTIONS is done against the server to pull down info like server version, etc.
Full Sync:
You still need to fill out the connection parameters, but there are default values provided for the other options. (The connection will be made at the Exchange 2007 RTM level if nothing else is specified in MS-ASProtocolVersion.) The program will attempt the FolderSync command, and provide response based on the security polices in effect on the server. You will be informed in the output window if the sync didn’t go through for some reason, and a tip for correcting it.
For Device ID, Device Type & User Agent you can specify whatever you like as long as you’re not using the new features in Exchange 2010 for restricting these parameters.
The “Device Properties” are additional attributes you might need to set for the sync to go through.
The output window has switches for binary, hex, and base64. Most likely you’re not going to need them all that often. (This only applies to the response body, other text and headers are in plain old text format.) I had to use it for some debugging purposes since the wbxml isn’t all that easy to read.
Certificate Info
While you can ignore any certificates issues on the previous tab it can be very handy to pull down the chain and see why it fails if you weren’t expecting it to fail. You don’t need to provide any credentials – just point it to a server running SSL (on port 443). The app then establishes a socket connection and pulls down the chain. Some basic info is printed out, and at the bottom the certificates themselves are embedded in base64. This means that you can open up your Notepad, paste in the string, and save the file with the extension .cer and you will have a certificate file you can use. I am aware I could have provided a possibility for provisioning it directly into a certificate store, but that felt like more work than it was worth I could also have pulled all the certs into a single p7b format, but.. well, it works the way it should and serves my purposes in it’s present form. Let me know if there is something that is missing from this tab in the feature department.
Base64 Utility
I often find my self needing to convert between a base64 string and plain text when testing, so I just included a tab for it in this app. You might not need it that often, but it’s convenient to have easily accessible.
So does it actually work then? I’ve tested against Exchange 2007 SP1/SP2, and Exchange 2010. No Exchange 2007 RTM unfortunately (even if it’s a choice on the list), and Exchange 2003 is not on the supported list yet. (Of course you can test all client versions against the latest server version since Exchange is backwards compatible.) I believe I have tested the different combos of enforcing policies and blocking non-provisionable but there are differences between each AS-version so I cannot guarantee at this time that there’s not some sneaky bug somewhere. (It is a beta for a reason you know.)
I’m also aware that the interface looks kinda “not done by an actual designer”, and while I do like creating 3D graphics and related stuff I never was top-notch at creating user interfaces
There are two known issues I haven’t solved at the present time:
- If you turn on “Trust all certificates”, and then uncheck it you’ll still be trusting all certificates. Workaround is to close the program, and re-start.
- If you have a username and/or password with special characters it might not encode properly, and thus you’ll get a 401 returned.
I am aware of these issues, and will try fixing them. The issues I am not aware will be fixed later on.
While not a bug as such, the internals doesn’t exactly conform to what could be considered “beautiful code”, but that might not be the most important thing at the moment I guess (Obviously in the process of cleaning the code, maybe I come across a line that need to be fixed up to so it serves a purpose too.)
My first focus is to do some additional testing, and making sure everything works as advertised. The second priority, which is more fun obviously, is adding new features. How many features could you cram into a small utility like this you say? Technically you can implement a fully featured ActiveSync client, and while I’m not going to do that the next weeks I am investigating if I can implement wbxml parsing. No promises yet though.
In the meantime, test it out, see if it’s useful, and let me know if you have any questions or feedback.
Download: http://mobilitydojo.net/downloads/ (Sends you to the download page so you can fetch the latest release.)
Love the app – but can you mod it so it works with Exchange 2007 SP2?
Since ActiveSync is backwards compatible it should work with Exchange 2007 SP2 as well. (Do let me know if there is indication of a problem specific to SP2, and I’ll troubleshoot it.) But I take it you mean that SP2 should be a choice in the list in addition to RTM and SP1? As far as I know SP2 does not raise the ProtocolVersion for EAS, and it should report 12.1 for both SP1 and SP2. I have contemplated whether I should still add it to the GUI as to make it more intuitive, but haven’t made the final decision yet.
I’m working on compatibility with Exchange 2010 SP1 as well though, and a new build shouldn’t be too far off.
I am using it trying to connect to an Exchnage 2007 SP2 environment. When I do the Basic Connectivity Test I get this:
Response: The remote server returned an error: (501) Not Implemented.
Inspect the HTTP code given above.
501/505: This is correct behaviour, and means it is responding!
That looks good sure. When I try and do the full sync test I get:
Testing FolderSync:
Exception: The remote server returned an error: (400) Bad Request.
Possibly a protocol mismatch, for example using version 14.0 against an Exchange 2007 server.
Choose a different protocol version to emulate, and try to run test again.
I selected SP1, and also tried the other two just to be sure, but for some reason it just won’t connect.
Ok, I have now tested against an SP2 Server, and you’re right – something is “broken”. I tested against this very server when it was running SP1 so I know the server is good. (After all a lot of people are syncing against it too.) But I also get (400) Bad request. SP2 does not report a new ASProtocolVersion when running the basic test, so it must be something else. I can only assume at this time that there’s a sneaky bug or incompatibility in my code.
I’ll have to investigate what could be causing this.
Thank you for your test application
Is the source code available?
Good to see people using my utilities!
I have not published the source for this tool, and currently I do not have any plans to do so. While the code might be interesting from a learning perspective it’s not something to build on it it’s current form. (It could not easily be turned into a full-featured ActiveSync client.)
If there’s any questions/issues/etc related to the ActiveSync protocol I will of course try to help out any way I can. Posts in the comments section and/or a quick email are always welcome.
Hi Andreas,
Your tool is great stuff.
Brand new install 2010 sp1 and this is what i get:
Testing HTTP GET:
Response: Le serveur distant a retourné une erreur : (401) Non autorisé.
Inspect the HTTP code given above.
501/505: This is correct behaviour, and means it is responding!
403: The server requires SSL and will not let you connect over HTTP.
401: Wrong username/password. May also occur if you’re using a reverse proxy which performs authentication.451: Redirect request. Mailbox is located on a different server. Run “Full Sync Test” for further details.
Testing HTTP OPTIONS:
Response: Le serveur distant a retourné une erreur : (401) Non autorisé.
HTTP OPTIONS failed. See results of HTTP GET above for possible reasons.
I have checked all i know (not much)but everything looks OK.
The user and password are good and no special caracters.
I did the test from inside the LAN, i think the issue is in IIS but i can’t see where.
Help is welcome, thanks.
ChrisV
Well, I have not seen the 401 code occur in any other scenarios than with authentication failures. Have you tested with another user account just to make sure it’s not something account specific?
While my utility doesn’t do anything “special” on the basic test you can try to open http://servername/Microsoft-Server-ActiveSync in your browser and see if that also produces 401 (most likely) this way we will know if it’s a bug in EAS MD or some config error in IIS.
What kind of authentication is enabled on the /Microsoft-Server-ActiveSync virtual directory? Is basic authentication enabled on the default web site?
Are other things in Exchange – like Outlook Web Access working, or is it just ActiveSync that has problems?
Andreas – Excellent tool. I’m using it to create test device associations against my Exchange 2010 SP1 instance but very much need to do the same against my Exchange 2007 SP3 instance.
It doesn’t look like any of the 4 protocol versions work with 2007 SP3.
“Exception: The remote server returned an error: (400) Bad Request.
Possibly a protocol mismatch, for example using version 14.0 against an Exchange 2007 server.
Choose a different protocol version to emulate, and try to run test again.”
If you’d consider either adding the protocol version for 2007 SP3 to the list or releasing the source so it could be updated I would be most grateful.
Thanks again!
I had a look at this the last time I did some updates to the code. As far as I am able to tell there shouldn’t be any difference between SP1, SP2 and SP3 of 2007 when it comes to the Protocol Version. They should all report 12.1. So even if I added SP3 as an option I’d use the same value as SP1. I don’t have all service pack levels available, but did test against an SP3 server.
While testing you are of course using mailboxes that are located on the 2007 server I assume. Are you using different device ids than when testing against the 2010 server? (Exchange might get confused if you have a partnership with 2010 and then try to sync with 2007.) Does it produce the same error on both the basic test and full test? Are you testing directly against the server or through ISA/TMG/proxy?
And of course – does it work with actual devices thus indicating it’s a bug on my part? Bugs have after all been known to happen in my code too
Andreas – One of my coworkers was using the tool and it worked successfully against 2007 SP3 so we checked to see what we were doing differently.
I was using “device_type” and “user_agent” as the values for device type and user agent fields, respectively. This worked on Exchange 2010 but returned the bad request exception against 2007.
My coworker was not using underscores and simply removing them allowed the device to be created.
The device shows up in Exchange 2007 however the User Agent field is blank. I’m not sure if that is a bug or it simply isn’t supported by the protocol. Either way removing the underscores at least let me create a device successfully, so I’m glad that worked!
-Eric
I can honestly say that it never occured to me that this could be an issue – it’s not like this is mentioned in any part of the protocol documentation that I have read.
Thanks for the info update from your troubleshooting, and hope it’s still a useful utility! (I’ll work this into next release in case anyone else runs into it.)
Andreas,
I am following up on ChrisV’s post on 1/5 because I am experiencing the exact same issue. Exchange 2010 SP1 published through ISA. Two server setup with ServerA acting as HT and CA and ServerB acting as MB. OWA works great. Microsoft-Server-ActiveSync site is set to use Basic Auth. Testing works fine internally. Trying from outside the the LAN, I get the exact message ChrisV gets concerning OPTIONS failing. I have connected using a standard Browser and I get the 501/505 Error as expected. Any help would be very much appreciated.
Thanks
Matt
I just ran a test against two different Exchange 2010 SP1 servers that are both behind ForeFront TMG (different TMG servers). It worked without problems, so EAS MD should be OK in general with web publishing setups.
It is possible to block HTTP OPTIONS (right click the publishing rule, “Configure HTTP”, and add it on the “Method” tab). When I do this I get HTTP 500 on the OPTIONS test (so still no error with the authentication).
If I block both OPTIONS and GET, (the majority of EAS is done through POST so while it’s probably not recommended to do so, it should still work), I get HTTP 500 on both tests.
So, the next thing I would look into is the authentication settings on ISA/TMG. What kind of authentication are you doing on the listener, and are you doing any delegation on the publishing rule?
Andreas,
I failed to mention that I am running this through and older version of ISA (2000). This may or may not be causing the problem, but Microsoft’s documentation on Exchange 2010 does seem to indicate that publishing through ISA 2000 is supported. To answer your questions, I am using Basic Auth on the listener and am NOT doing any delegation. Also of note, is that when I run the EAS MD on the LAN inside the firewall, I get the exact same response on the HTTP GET, but am successful with the HTTP OPTIONS call. Thanks for the help.
Matt
My experience with ISA only goes back to the 2004 version, so I can’t say if it’s something specific to that version of the product. I run with delegation on ISA/TMG – usually basic auth for EAS. Are you using basic auth in IIS on the CAS as well?
Hi Andreas,
Thanks for your series of posts on ActiveSync… They were very helpful.
I’m having trouble trashing out how to sync with Hotmail. Everywhere I look I only find protocol specs for ActiveSync 12.0 and up; Windows Live Hotmail uses version 2.5!
A FolderSync works fine (consistent with the 12.0 protocol specs) but when it comes to syncing contents with the Sync command, I get status 4 — protocol semantics error.
Would you have any idea? Could you point me in the right direction?
It is kind of funny when Gmail supports EAS 12.0 that Hotmail only supports 2.5
It’s difficult digging up older versions of the protocol documents, but I’m not sure whether you will be able to find the docs going back to Exchange 2003 at all as Microsoft didn’t release the specifications to the general public until Exchange 2007.
Status 4 indicates on a generic level that you didn’t form your request pr the spec (that you don’t have).
I haven’t dabbled with EAS 2.5 myself (partially because I knew it would be tricky), but what I usually do when I’m unable to build functional wbxml is to do a wireshark of the traffic between a device (Windows Mobile 6.5 device or emulator is the best choice for earlier Exchange versions) and “cheat” by reverse engineering the bytes it produces. I don’t know if you have access to an Exchange environment, but it would be my starting point for solving it.
Thanks Andreas!! I think I’ll do just that… Install an emulator and run it through Wireshark!
Hey Andreas,
Thanks for making this wonderful tool and it has been a great help to me recently. I’m new to certificate and SSL stuff and I’m very curious about how you managed to send the cer format client cert. I was able to get the correct response with your tool, but when I send the cert in my code (I use the Windows WinHTTP API), I always get the error “ERROR_WINHTTP_CLIENT_CERT_NO_PRIVATE_KEY”. I know that the cer file does not have a private key, but how did you make it work?
At first I didn’t think it would work with a cer exactly due to the missing private key. But whether you have the private key or not you’d still just use the public key for authentication purposes. For encryption purposes it probably wouldn’t work out equally well.
I’m not familiar with the details of the WinHTTP API having only briefly looked at it, since I use C# in my utility. (Could be a restriction in the API.)
The code works out roughly like this (I’ve left out the non-essential bits of code for this sample):
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = “GET”;
webRequest.ClientCertificates.Add(X509Certificate.CreateFromCertFile(certificate.cer));
for a learner’s perspective your utility cleared a lot of my doubts. While I am trying to build a similar utility in Java for automating EAS Test Cases that I have to work on each day, I was wandering if I could take a peek at your C# source code to get a better grip over EAS.
My utility is not open-sourced at the moment, (I am considering releasing it but would need to do some code cleanup first), but I am perfectly happy helping you out if there are specific questions you have and provide relevant code snippets.
Anything in particular you had in mind?
I’d love a new version that works with Exchange 2010 online (Office 365). This worked for a while during the beta but something changed on their end and it no longer works.
To register a device with O365 you enter your O365 username and password, leave the domain blank, and use m.outlook.com as the server. They have free trials available now.
I can do the basic connectivity test but a full sync test with protocol version 14.0 or 14.1 returns the following error after about a minute with the UI unresponsive:
Requesting final policy key
Testing FolderSync:
Exception: The remote server returned an error: (451).
I had the following values selected:
Use SSL = Checked
Device ID = devicex01
DeviceType = dt
User Agent = ua
Trust All certificates = Checked
Support Security Policies = Checked
This still works if protocol version 12.1 is selected, but would be nice to get a fix (if possible) for 14.1
I haven’t tested Office 365 yet (I know – I should have done so a long time ago), but the error seems familiar. This error will occur if you’re hitting the “wrong” Client Access Server when syncing. So, for instance, if your mailbox is located on an Exhange 2010 server, but you’re trying to reach it through a 2007 CAS Exchange will return this along with the address of a more suitable CAS.
This seems to match up with the fact that it works when selecting a different protocol version.
I do not know how the Office 365 infrastructure is configured – I’m guessing there’s a whole lot of servers involved. Never had an impression that there would be any Exchange 2007 servers there though, and have always thought these would be left behind with BPOS. So, it could be something else, but not unlikely that it’s related to where your mailbox is stored.
The thing is that a good EAS client should be able to parse out the new address from the response and act accordingly. This is something I have not implemented, but have considered.
I am in the process of defining if there are new features I should implement in EAS MD. I mean, I’m happy with the utility as it is now, but no one wants utils to be “stuck” and not evolve
I’ll try to see if I’m able to fix this one. (One would hope that the odds of something being wrong with Exchange servers hosted by Microsoft are less error prone than then ones you configure yourself, but you never know what they might be up to.)
I know when you connect via remote powershell you need to allow it to redirect. Why 2007 still works I have no idea.
They released this thread here about some issues:
http://community.office365.com/en-us/f/160/t/4786.aspx
This is a thread documenting some of them:
http://community.office365.com/en-us/f/160/t/1618.aspx
That second thread has someone commenting on error 451 and discussing server redirection. Hopefully you’re willing to take a crack at an update, I know we love the tool around here and use it regularly.
Thanks!
Another note – sorry for the quick double posts but I noticed the first thread I referenced above also included a workaround. You can find out your server (instead of using the m.outlook.com proxy) and using this in the tool did work. As an example for me I had to use pod51011.outlook.com
I get PolicyKey: 0, which I’ve seen before sometimes even with on-premises exchange, but the device did show up online.
They also indicated they would be working on a solution for devices that have this problem, so perhaps the tool will work automagically at some point in the future even without any changes.
The information in the threads kind of confirmed what I suspected might be going on. So it has given me the info needed to have a go at updating my code.
Windows Mobile and the iPhone both handle this correctly if I remember correctly, and will redirect automatically. However Android devices tend to be a little bit more picky in what parts of the EAS protocol they adhere to.
I’m slightly unsure about the SSL part as well – for instance fetching the certificate from pod51011.outlook.com presents a certificate issued to “outlook.com”, and it doesn’t look like a wildcard cert either. (Usually they are issued to *.domain.com but maybe it’s perfectly acceptable leaving out the asterisk.)
Obviously Microsoft has an issue at their hands if customers can’t use Android devices so maybe they’ll implement a fix before I get around to it. My utility should probably still be able to handle redirects though.
Why Microsoft are still recommending users to use testexchangeconnectivity.com as a magic tool I do not know since it hasn’t been updated in a long time as far as I can tell. Of course it does handle most tests perfectly fine, but there are some edge cases I don’t believe it covers so well.
Man, that works really well!
I’ve spent hours looking for a plugin for Outlook 2010 that allows connection via Exchange Activesync (ie: simulates being a mobile device), and this is the closest I’ve found.
Always wondered how to communicate with Activesync protocol.
Watching this for updates.
Will bring out a new version soon, though there aren’t any groundbreaking features in it yet (unless Autodiscover happens to be on top of your wish list), but I’m still open for suggestions as to what you want/need. Probably not going to do a full Outlook plugin though
(Is this to circumvent a restriction like Outlook not being available when out of office, or something that would work better through ActiveSync than the regular communication between Outlook and Exchange?)
HI,
I am trying out exchange activesync protocol implementation.
I am trying to send a provision request to my server which is as follows:
char *p = “POST https://x.y.com/Microsoft-Server-ActiveSync?Cmd=Provision&User=rajswari&DeviceId=12345&DeviceType=PC HTTP/1.1\r\nContent-Type: application/vnd.ms-sync.wbxml\r\nAuthorization: Basic c2Fza2VuXHJhanN3YXJpOlNhde2tlbjEyMw==\r\nMS-ASProtocolVersion: 12.1\r\nUser-Agent: SAF\r\nX-MS-PolicyKey: 0\r\nHost: mail.sasken.com\r\nContent-Length: 41\r\n\r\nj EFGHMS-EAS-Provisioning-WBXML \r\n\r\n”;
I have created an SSL connection with the server and trying to send this POST request over the SSL connection.
I am getting an error as follows :
HTTP/1.1 400 Bad Request..Cache-Control: private..Transfer-Encoding: chunked..Content-Type: text/html..Server: Microsoft-IIS/7.0..X-AspNet-Version: 2.0.50727..X-Powered-By: ASP.NET..Date: Fri, 09 Sep 2011 05:23:51 GMT….b..Bad Request
Can you help me out with the request ?
I am stuck for a couple of days trying to figure out the issue.
Thanks.
REgards,
Rajeswari
Your Basic credential end in ==, but a base64-string usually ends with just the one =. (I don’t know if that’s because you edited the string so it wouldn’t contain actual credentials.)
The header part of the POST looks good, although you should probably include x-ms-policyheader:0 indicating that you are provisionable.
While “EFGHMS-EAS-Provisioning-WBXML” is the text representation of the body this should sent as a byte encoding – seems you just use it in the char pointer. If you use Fiddler and run a connection with EAS MD you’ll see the correct details in the hex view.
I’ll be covering provisioning in more detail in my Exchange ActiveSync coding tutorial that I’m currently running:
http://mobilitydojo.net/2011/08/10/exchange-activesync-building-blocks-intro/
I just haven’t gotten that far in the series yet, but it’ll come
I’m searching for software that can utilize EAS to synchronize an account between two completely different Exchange servers. This article is the closest I’ve been able to find in my search. Just wondering if you know of anything already out there that can monitor changes on one Exchange server and write those changes to a different Exchange server and then vice-verse as well.
I am not aware of a ready-made solution for this. Is there any specific reason it has to be EAS? (Like that port already being and it has to work across the Internet is of course a valid reason.)
In the “old” days of PIM middleware solutions I think it might have been possible with some tweaking, but those solutions are dying out.
If it was possible to have manual interaction it would be doable, but I’m guessing you want something that doesn’t require a user to perform any steps.
If the two mailboxes don’t have to be identical you could possibly send mails back and forth based on rules in Outlook or OWA?
It would be possible to do with the EAS protocol, but I’m guessing it would take some coding and be kind of a hassle to maintain the sync state. If one were to do custom code it might be easier to do with Exchange Web Services (if EWS is enabled on the servers.)
Thanks for all the great info! I truly appreciate what you are doing for many of us who are struggling to learn this protocol. I have a question and was wondering if you can help me out. I got active sync going with the ping command. I have it set up to watch inbox activity (ServerId 6). When there i a change I call
+”\n”
“\n”
+ “\n”
+ “0\n”
+ “” + collectionid + “\n”
+ “\n”
+ “\n”
+ “”;
and then I send
“”
+ “”
+ “”
+ “”
+ “” + synckeysentbyexchange+ “”
+ “” + collectionid + “”
+ “”
+ “”
+ “”
+ “”
+ “”;
Based on the protocol docs I should only be receiving the changes registered on the server. Instead of receiving just the change. I get my whole inbox sent to me. I have been banging my head over this for a few days and cant figure it out. Is there something I need to send the server that I updated the changes inorder to prevent it from sending everything rather than just the change? Thanks in advance, Dino
Not sure what happened but my last post was missing the meat and potatoes of my post Here I go again…
Thanks for all the great info! I truly appreciate what you are doing for many of us who are struggling to learn this protocol. I have a question and was wondering if you can help me out. I got active sync going with the ping command. I have it set up to watch inbox activity (ServerId 6). When there i a change I call
0
” 6
and then send another request to the server with the synckey that was sent by it
0
” 6
Based on the protocol docs I should only be receiving the changes registered on the server. Instead of receiving just the change. I get my whole inbox sent to me. I have been banging my head over this for a few days and cant figure it out. Is there something I need to send the server that I updated the changes inorder to prevent it from sending everything rather than just the change? Thanks in advance, Dino
lol. Apparently I have a thing or two to learn about html. XML tags on an HTML page dont mix. Here we go again minus the tags…
FIRST REQUEST TO SERVER:
?xml version=\”1.0\” encoding=\”utf-8\”?
Sync xmlns=\”AirSync:\”
Collections
Collection
SyncKey 0 /SyncKey
CollectionId 6 CollectionId
/Collection
/Collections
/Sync
FOLLOWED BY:
Sync xmlns=\”AirSync:\”
Collections
Collection
SyncKey (SyncKeysentFromServer) /SyncKey
CollectionId 6 CollectionId
DeletesAsMoves/
GetChanges/
/Collection
/Collections
/Sync
Now you can piece my three posting together an make one coherent one. Sorry for the mess I made. I hope you can still anser my question.
Sorry for the late reply – been away from my testing and developing infrastructure for a couple of days
Your XML looks good from what I can tell. Though if I’m reading the specs right this is correct behaviour for the first responses:
(http://msdn.microsoft.com/en-us/library/ee218515(v=EXCHG.80).aspx)
“Synchronization requires a priming of the system; therefore for each collection that the client wishes to synchronize, it MUST issue an initial Sync request by sending a synchronization key of 0 (zero). This request establishes a synchronization relationship with the server and initializes the synchronization state there. The server responds with an initial value of the synchronization key, which the client MUST then use to get the initial set of objects from the server. (From this point forward, client requests MUST always include the synchronization key that was received in the last response from the server.) The client then sends a Sync command request to the server with the response synchronization key and includes any changes that were made on the client.
If the client device has not yet synchronized a folder, there SHOULD be no client-side changes. The device MUST synchronize the full contents of a given folder, and then have its changes, additions, and deletions applied.
The response from the server indicates whether the client’s changes were accepted, and includes any changes that were made on the server. The server response also contains a synchronization key that is to be used for the next synchronization session for the folder.”
So, unless you are commiting changes this sounds like it’s by design. (I have encoded the wbxml and looked at the specs, but haven’t had time to run through the entire sync command against a server. Which I probably should test to make sure I’m understanding things correctly
)
Hi, I am getting the (400) Bad Request message.
Testing HTTP GET:
Response: The remote server returned an error: (400) Bad Request.
Explanation:
Possibly a protocol mismatch, for example using version 14.0 against an Exchange 2007 server.
Choose a different protocol version to emulate, and try to run test again.
Status: FAIL
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Testing HTTP OPTIONS:
Allow:OPTIONS,POST
MS-Server-ActiveSync:8.3
MS-ASProtocolVersions:1.0,2.0,2.1,2.5,12.0,12.1
MS-ASProtocolCommands:Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public:OPTIONS,POST
Content-Length:0
Cache-Control:private
Date:Mon, 02 Jan 2012 21:35:26 GMT
Server:Microsoft-IIS/7.0
X-AspNet-Version:2.0.50727
X-Powered-By:ASP.NET
Status: PASS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I know I am must missing something in using the test tool. How do I select the protocol version. I am on Exchange 2007 SP3. I see the little box on the screen with the 4 different MS-ASProtocolVersion selections available. How do I make a selection? I wanted to use 12.1 but I don’t know how to pick that one. Thanks for your help.
There’s a bug in the UI so it doesn’t always look like you’ve selected a version. If you don’t select one it’ll default to 12.1 though, which should be correct for Exchange 2007 SP3. It’s also a bit weird if you’re getting this on the basic test – it doesn’t really make sense with the GET action. (This is slightly misleading on my part I guess.)
Have you tried my online test to see if it creates similar results? https://easmd.labs.mobilitydojo.net/Basic.
Do you get error 400 running the Full test as well?
Andreas,
I get the 400 running the full test and also with the Basic and Extended on your web site. I think that I have something wrong in my configuration but I just don’t know where to look to make a change. It is a very generic error. My situation is that I had one machine with SSTP running for VPN access to my systems and an exchange server on another system. When I got a smartphone (Samsung Droid Charge), I started trying to get OWA and Activesync working on the same IP as the SSTP. First I tried the WebFarm and Application Request Routing (ARR) but could not get them to work. So, I moved the CAS role from the existing Exchange box to the same box as SSTP. From my searching I found out that my problem was that I had existing websites on the SSTP machine and just adding CAS did not make all of the appropriate changes to get OWA and ActiveSync working. I’ve since gotten OWA working but am still having trouble with ActiveSync. I really appreciate any help or direction you can give. Send me an email and I can send you the test credentials if you think that would help.
Yeah, HTTP 400 is a generic error so it could be a lot of reasons behind it.
The SSTP box is just a plain Windows Server with RRAS? And you installed the CAS role without any errors through the Exchange Setup Wizard afterwards?
While I haven’t atttempted it I could see it being problematic to get SSTP and “plain” HTTPS running on the same IP address. Does it work if you disable SSL for OWA/EAS and run it over HTTP? And similar – does OWA/EAS work with SSL if you disable RRAS? And are you seeing HTTP 400 if you attempt opening up https://localhost/Microsoft-Server-ActiveSync in the browser on the server?
Yes, it is just a Windows 2008 Enterprise Edition with RRAS configured as an SSTP VPN. I installed Exchange via the SP3 installer because that is the one that supports Win2008. So far, OWA and Outlook Anywhere (both over SSL) work. I think it is a settings/security problem since I had to make some security setting changes to get OWA to work. Unfortunately, I was dumb/hurrying and didn’t write down the changes (and I was being so good about that too). As I got it working, some MS updates came in and without thinking I rebooted my machine and lost the web page that had the updates I did for OWA and, obviously, I’m not remembering correctly what I did.
When I try https://localhost/Microsoft-Server-ActiveSync, I get “Bad Request” as the only response (well after I sign in) in Google Chrome and “This page not found” in IE, but the tab says “HTTP 400 Bad Request”.
The fix for OWA said something about that installing Exchange over an existing (not freshly installed) IIS 7 will not change some of the necessary settings to allow Exchange to work properly. Since I can’t find the article again, I don’t know what changes I need to make in IIS and/or the file system to let this work.
Do you have any other ideas?
Thanks for all of your help (and time) so far.
Tom
Exchange likes clean servers best when installing
It’s difficult to say what happened, but it sounds like the virtual directories are messed up in some way.
I’d try rebuilding the ActiveSync virtual directory: http://my.opera.com/RavenOverride/blog/2009/06/17/how-to-recreate-all-virtual-directories-for-exchange-2007