Troubleshooting Exchange ActiveSync

Below are troubleshooting steps for Exchange ActiveSync on a mobile device. The steps below provide guidance on how a customer can troubleshoot ActiveSync on their mobile device and provide the information necessary to the Exchange Admins so they can troubleshoot ActiveSync on the customers mobile device.



Customer

 
1.       Verify which mobile device is having the EAS connection issue.

2.       Restart the mobile device and try to access mail again.

3.       Verify the last successful synchronization on the mobile device. This may indicate when the problem started.

4.       Verify that the mobile device can manually fetch new mail.  This may produce an error message to help pinpoint the issue.

5.       Verify the mobile device account information is setup correctly and current.
           a.       Server: mobile.domain.com
           b.      Username: username
           c.       Password: <users current password>

6.       Validate the user’s credentials by logging in and successfully accessing Outlook Web App.  This result indicates the credentials are valid.

7.       Validate the mailbox is healthy by sending/receiving a test message through Outlook Web App. This result will help isolate EAS as being the only problem, or if other mail connections protocols are being affected.

8.       Verify the EAS connection issue exists on both cellular wireless and WiFi. This result will be indicative of a network or carrier problem.

9.       Contact the Exchange Team.



Exchange Admins


Collect Information



10.   Determine the following mobile device statistics: Status, DeviceAccessState, LastSyncAttemptTime, LastSuccessSync. Results may indicate problems with the single device.
Execute the following command from Exchange Management Shell:
Get-activesyncdevicestatistics –mailbox <mailbox> | FT Status, DeviceAccessState, LastSyncAttemptTime, LastSuccessSync

11.   Determine the database status and server that hosts the user’s mailbox.  The result may help isolate the database or server if similar problems are occurring with other mailboxes.
To execute via Exchange Management Shell, run the following 2 commands:
Get-mailbox <mailbox> | FT Database   <-- The result provides the database for the next command.
Get-mailboxdatabasecopystatus <database>  <-- The result displays the status of the database and the server that that database is mounted on.

Check the application logs on that server to see if there are any ActiveSync entries in there suggesting a problem.


Run Diagnostic Tests


12.   Test EAS connectivity using Exchange PowerShell. The result may identify problems.

In Exchange 2013 Management Shell, execute the following command:
Get-ClientAccessServer | Where Name -like "ExSvr*" | Test-ActiveSyncConnectivity

13.   Verify the EAS website status on all Exchange client access servers by navigating to https://<LocalServerName>/Microsoft-Server-ActiveSync from an internal computer.  The server is successfully accepting EAS connections when one of the following errors are displayed:
·         Exchange 2010:   The website is unable to display the webpage HTTP 501/HTTP505
·         Exchange 2010: The page cannot be displayed because the HTTP version is not supported.
·         Exchange 2013:   Server Error in ‘Microsoft-Server-ActiveSync’ Application.  DeviceTypeMissingOrInvalid. *note this page will prompt for authentication

14.   Run an ActiveSync Connectivity Diagnostic test with Microsoft Remote Connectivity Analyzer (https://testconnectivity.microsoft.com). The result may indicate a problem.


Capture Logs


15.   IIS is already collecting logs in the C:\inetpub\logs\logfiles\W3SCV1 directory.

16.   You can enable ActiveSync Diagnostic Logging for the mobile device that is having trouble.  This is used when a device was able to make a successful connection to Exchange previously and the mobile device is currently assigned to that mailbox.  To turn this diagnostic logging on, sign into OWA and locate your mobile device.  Highlight your mobile device and select Start Logging.  You can stop this logging when ready and review the contents.


Reviewing the IIS Logs


17.   Review the IIS logs on the Ex2010/Ex2013 servers to determine the HTTP status code.  An HTTP status code of 200 represents a successful connection.  An HTTP status code in the 400 range usually represents client side issues. An HTTP status code in the 500 range usually represents server side issues.

The IIS log files grow big in file size and opening these logs in Notepad may not be possible. Instead using a real-time log file reader tool such as BareTail will allow you to view the contents of these log files and monitor real-time activity. The IIS logs you will need to look at are on the CAS servers in the following directory, C:\inetpub\logs\logfiles\W3SVC1\.    I also use logparser to parse the IIS logs.  This is an easy way to extract specific content from the Logs without seeing everyone else’s content.


     Baretail - To see IIS Log File in real time.

Within BareTail, you can open log files on remote servers and then add highlighting rules to make log entries with specific text stand out.  Within BareTail you can add rules to highlight log entries for the specific text such as ‘500’ or ‘ActiveSync’.  Expand these rules to meet specific search criteria to narrow down your findings such as the mailbox name.

The HTTP Status code is the fourth column from the right. This is where you will see the 200’s, 400’s, or 500’s HTTP Status codes to know if the connection was authentication properly.


     Log Parser – To filter and extract IIS Log File content

Below is a template command that may be used to search the IIS log files on a server.  You can substitute *.log in the ‘from’ statement if you want to search every log file in that directory; the command below will only search that log.  You may have to adjust the columns to fit your need; you can use any of the columns in the IIS log to filter against. Using an aide like baretail may assist in getting your query correct. The command below pipes the results to a .txt file.

logparser "Select * from '\\Servername\c$\inetpub\logs\LogFiles\W3SVC1\u_ex140507.log' Where cs-uri-stem LIKE '%activesync%'  AND cs-uri-query LIKE '%user%'" -i:IISW3C -q:on >C:\users\username\desktop\stuff\logparser\Servername_Username.txt

The log files may show you errors within the log entry even though the mobile device received a HTTP 200 status <-- good authentication status.


18.   Compare the HTTP status to other mailboxes within that same log file. The results will determine if this issue is isolated to that single mailbox or many mailboxes on that server.

19.   If EAS attempts for mailboxes on a single server have a status code of 500, restart the World Wide Web Publishing service (IIS).  If all servers display error HTTP status codes, a global problem may exist and will require further troubleshooting.
On the server you wish to restart IIS, open up Services.  Restart the World Wide Web Publishing Service.


Global Problem Checks


20.   Verify health of Client Access infrastructure.

21.   Verify health of Mailbox infrastructure.

22.   Verify health of Transport infrastructure.