In most environments, the Windows Event Viewer is a good first port of call to identify ActiveSync problems. In environments with multiple CAS servers, the logs of each CAS server must be checked.
Das Windows Event Log lässt sich hierfür nach der Quelle „MSExchange ActiveSync“ filtern:
Parallel to the event display, the general function can also be checked using the test CMDlet:
test-activesyncconnectivity | ft -autosize
The test CMDLet checks the basic function of ActiveSync, but does not test completely, because upstream proxies or firewalls are not checked. However, if errors occur at this point, then the problem is most likely local to the Exchange server.
If only a few users report problems, you should also check whether a corresponding ActiveSync device is connected to the mailbox at all. The Exchange Management Shell provides the most detailed information on ActiveSync devices for a mailbox:
Get-ActiveSyncDevice -mailbox frank@frankysweb.de
In the screenshot above you can see 2 ActiveSync devices, which values are displayed depends on the device. It is therefore quite normal if no IMEI or phone number etc. is displayed. However, if you take a closer look at the output, you will quickly find features on how a device can be identified. Apple devices, for example, pass the serial number preceded by Appl.... under DeviceID.
The following command provides a further overview with additional data (e.g. last successful synchronization)
Get-ActiveSyncDevice -mailbox frank@frankysweb.de | Get-ActiveSyncDeviceStatistics
Wenn gleich mehrere Benutzer über Probleme berichten, oder das Windows EventLog keine Hinweise auf Probleme liefert, kann der „Remote Connectivity Analyzer“ verwendet werden um die Ursache einzugrenzen. ExRCA versucht dabei eine Verbindung zu einem Postfach via ActiveSync aufzubauen und liefert eine Übersicht an welcher Stelle es hakt.
In larger environments, this test should also be carried out with caution, as the connection will run against one of the CAS servers. It is therefore conceivable that ActiveSync does not work on one of two CAS servers and a load balancer routes the test connection to the working server.
![clip_image002[4]](https://www.frankysweb.de/wp-content/uploads/2014/07/clip_image0024.jpg "clip_image002[4]")
Verbose mode should be activated in order to obtain the most detailed log file possible. To do this, it is necessary to adjust the web.config of the IIS. The web.config for ActiveSync can be found under the following path:
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Sync\web.config
The following line must now be searched for in this file:
<add key=“EnableMailboxLoggingVerboseMode“ value=“false“></add>
In der Zeile muss der Value auf „True“ umgestellt werden.
Switch on ActiveSync logging:
Set-CasMailbox -ActiveSyncDebugLogging $true -Identity frank@frankysweb.de
Switch off ActiveSync logging:
Set-CasMailbox -ActiveSyncDebugLogging $false -Identity frank@frankysweb.de
Send log to e-mail address for evaluation:
Get-ActiveSyncDeviceStatistics -mailbox frank@frankysweb.de -GetMailboxLog:$true -NotificationEmailAddress <a href="mailto:administrator@frankysweb.de">administrator@frankysweb.de </a>
Here is an example of an entry in the log:
----------------- Log Entry: 0 ----------------- RequestTime : 07/22/2014 19:45:57 ServerName : FWEX1 AssemblyVersion : 14.03.0178.000 Identifier : 6DFCA76A RequestHeader : POST /Microsoft-Server-ActiveSync/default.eas?User=frank&DeviceId=ApplDxxxxxxxxxxxx&DeviceType=iPad&Cmd=Sync HTTP/1.1 Connection: keep-alive Content-Length: 55 Content-Type: application/vnd.ms-sync.wbxml Accept: */* Accept-Encoding: gzip, deflate Accept-Language: de-de Authorization: ******** Host: 10.5.64.48 User-Agent: Apple-iPad3C6/XXXX.XXX X-MS-PolicyKey: 403651353 MS-ASProtocolVersion: 14.1 RequestBody : AccessState : Allowed AccessStateReason : DeviceRule DeviceAccessControlRule : iPad3C6 (DeviceModel) ResponseHeader : HTTP/1.1 200 OK MS-Server-ActiveSync: 14.3 ResponseBody : [No XmlResponse] ResponseTime : 07/22/2014 19:45:57
And here is an excerpt when an e-mail was sent:
----------------- Log Entry: 41 ----------------- RequestTime : 07/22/2014 23:22:51 ServerName : FWEX1 AssemblyVersion : 14.03.0178.000 Identifier : 7497A626 RequestHeader : POST /Microsoft-Server-ActiveSync/default.eas?User=frank&DeviceId=ApplDxxxxxxxxxx&DeviceType=iPad&Cmd=SendMail HTTP/1.1 Connection: keep-alive Content-Length: 362 Content-Type: application/vnd.ms-sync.wbxml Accept: */* Accept-Encoding: gzip, deflate Accept-Language: de-de Authorization: ******** Host: 192.168.200.1 User-Agent: Apple-iPad3C6/XXXX.XXX X-MS-PolicyKey: 403651353 MS-ASProtocolVersion: 14.1 RequestBody : <!--?xml version="1.0" encoding="utf-8" ?--> <!--?XML:NAMESPACE PREFIX = "[default] ComposeMail:" NS = "ComposeMail:" ?--> 5F1ADC97-B1C5-4682-8636-85A49F7E94D5 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Test 22.7.14 From: frank@frankysweb.de Message-Id: <5F1ADC97-B1C5-4682-8636-85A49F7E94D5> Date: Tue, 22 Jul 2014 23:22:49 +0200 To: "Frank" Mime-Version: 1.0 (1.0) AccessState : Allowed AccessStateReason : DeviceRule DeviceAccessControlRule : iPad3C6 (DeviceModel) ResponseHeader : HTTP/1.1 200 OK MS-Server-ActiveSync: 14.3 ResponseBody : [No XmlResponse] ResponseTime : 07/22/2014 23:22:51
If nothing conspicuous can be found in the ActiveSync log, upstream devices such as load balancers and/or firewalls should also be checked. ActiveSync only requires port 443 (HTTPS).
Since ActiveSync connections are accepted by the IIS server on the CAS servers, a look at the IIS logs can also be helpful, here again a small example from the IIS logs:
2014-07-22 21:10:13 10.5.64.48 POST /Microsoft-Server-ActiveSync/default.eas User=frank&DeviceId=ApplXXXXXXXXXXXXXX&DeviceType=iPhone&Cmd=Ping&Log=V141_LdapC1_Hb1800_S3_Error:PingCollisionDetected_Mbx:fwex1.frankysweb.local_Throttle0_Budget:(D)Conn%3a1%2cHangingConn%3a0%2cAD%3a%24null%2f%24null%2f0%25%2cCAS%3a%24null%2f%24null%2f3%25%2cAB%3a%24null%2f%24null%2f0%25%2cRPC%3a%24null%2f%24null%2f2%25%2cFC%3a1000%2f0%2cPolicy%3aDefaultThrottlingPolicy%5Fde04ebea-11ae-4c00-8dee-42fa87cde440%2cNorm_ 443 frankysweb\frank 172.18.1.10 Apple-iPhone6C2/1104.257 200 0 64 200772 2014-07-22 21:10:14 10.5.64.48 POST /Microsoft-Server-ActiveSync/default.eas User=frank&DeviceId=ApplXXXXXXXXXXXXXX&DeviceType=iPhone&Cmd=Sync&Log=V141_Fc1_Fid:23_Ty:Em_Filt5_St:S_Sk:1573892238_Sst166_SsCmt166_BR1_BPR0_LdapC1_LdapL15_RpcC44_RpcL156_Ers1_Pk1146660600_S1_As:AllowedG_Mbx:fwex1.frankysweb.local_Throttle0_Budget:(A)Conn%3a0%2cHangingConn%3a0%2cAD%3a%24null%2f%24null%2f0%25%2cCAS%3a%24null%2f%24null%2f1%25%2cAB%3a%24null%2f%24null%2f0%25%2cRPC%3a%24null%2f%24null%2f1%25%2cFC%3a1000%2f0%2cPolicy%3aDefaultThrottlingPolicy%5Fde04ebea-11ae-4c00-8dee-42fa87cde440%2cNorm_ 443 frankysweb\frank8 172.18.1.10 Apple-iPhone6C2/XXXX.XXX 200 0 0 312 2014-07-22 21:10:14 10.5.64.48 POST /Microsoft-Server-ActiveSync/default.eas Cmd=FolderSync&User=frankysweb.local%5Cse1281&DeviceId=androidc3972&DeviceType=SonyC5503&Log=V141_St:S_LdapC3_LdapL16_RpcC21_RpcL15_Pk2630211936_As:AllowedG_Mbx:fwex1.frankysweb.local_Dc:sdc01013.frankysweb.local_Throttle0_Budget:(A)Conn%3a0%2cHangingConn%3a0%2cAD%3a%24null%2f%24null%2f1%25%2cCAS%3a%24null%2f%24null%2f0%25%2cAB%3a%24null%2f%24null%2f0%25%2cRPC%3a%24null%2f%24null%2f0%25%2cFC%3a1000%2f0%2cPolicy%3aDefaultThrottlingPolicy%5Fde04ebea-11ae-4c00-8dee-42fa87cde440%2cNorm_ 443 franksyweb\frank 172.18.1.7 SonyC5503/4.4.2-EAS-1.4 200 0 0 312 2014-07-22 21:10:15 10.5.64.48 POST /Microsoft-Server-ActiveSync/default.eas User=frank&DeviceId=ApplXXXXXXXXXXXXXX&DeviceType=iPad&Cmd=Ping&Log=V141_LdapC3_Hb900_S3_Error:PingCollisionDetected_Mbx:fwex1.frankysweb.local_Dc:sdc01013.frankysweb.local_Throttle0_Budget:(D)Conn%3a1%2cHangingConn%3a0%2cAD%3a%24null%2f%24null%2f0%25%2cCAS%3a%24null%2f%24null%2f0%25%2cAB%3a%24null%2f%24null%2f0%25%2cRPC%3a%24null%2f%24null%2f0%25%2cFC%3a1000%2f0%2cPolicy%3aDefaultThrottlingPolicy%5Fde04ebea-11ae-4c00-8dee-42fa87cde440%2cNorm_ 443 frankysweb\frank 172.18.1.10 Apple-iPad3C6/XXXX.XXX 200 0 64 885003
Es gibt also viele Stellen an denen nach der Ursache eines Problems gesucht werden kann, ein Blick in die „Bekannte Probleme“-Liste könnte auch hilfreich sein: