This section provides information about troubleshooting tools and detailed information and specific troubleshooting steps around Microsoft direct push technology so that you can better isolate mobility issues within your network infrastructure.
This section contains information on the following subjects:
The following troubleshooting and logging tools should help you track and resolve mobility issues.
Monitoring Mobile Performance on Exchange Server 2003 SP2
To track the performance, availability, and reliability of Exchange ActiveSync and other mobile messaging components, you can use the Exchange Server Management Pack. The Exchange Server Management pack includes rules and script components that validate the availability of communication services, send test e-mails to verify operations, and measure actual delivery times.
With Exchange Server 2003 SP2, the following new rules were added:
The Exchange Management Pack Configuration Wizard provides a graphical user interface (GUI) to configure Exchange 2000 and Exchange 2003 Management Packs, including test mailboxes, message tracking, and monitoring services.
You can download the Exchange Management Pack from the Microsoft Web site: http://go.microsoft.com/fwlink/?LinkId=55885.
The Exchange Server Management Pack Guide for MOM 2005 explains how to use the Exchange Management Pack to monitor and maintain messaging resources.
You can download the management pack guide from the Microsoft Web site: http://go.microsoft.com/fwlink/?LinkId=58794.
ISA Server Best Practices Analyzer
To determine the overall health and diagnose common configuration errors, download and run the Microsoft ISA Server Best Practices Analyzer Tool at the Microsoft Download Center at this Microsoft Web site: http://go.microsoft.com/fwlink/?LinkId=108979.
Issues Related to Direct Push Technology
Refer to Understanding the Direct Push Technology in this document for details on how direct push works.
General Direct Push Troubleshooting Tips
In general, there are three troubleshooting steps that an administrator can take to troubleshoot connectivity issues:
General (lot. generalis - umumiy, bosh) - qurolli kuchlardagi harbiy unvon (daraja). Dastlab, 16-a.da Fransiyada joriy qilingan. Rossiyada 17-a.ning 2-yarmidan maʼlum. Oʻzbekiston qurolli kuchlarida G.
Verify that the operating system on the mobile devices includes MSFP. Windows Mobile 5.0–based devices that have a version number of 148xx.2.x.x or later include the Messaging and Security Feature Pack. To find the operating system version on the device, select Start, choose Settings, and then select About.
2. Verify that your mobile operator supports direct push. It is important that your mobile operator perform basic troubleshooting so that you can determine if your mobile operator supports direct push on their cellular data network.
3. Provision a mobile device on the mobile operator’s network for Exchange ActiveSync and try to synchronize manually. If this works, then the network supports basic connectivity to the Internet.
4. Enable direct push technology on the device by setting the synchronization schedule on the device to As items arrive. Send email to the account with which the device is provisioned, and verify that it is immediately synchronized by the mobile device by means of Exchange ActiveSync. If this step works, wait twenty or so minutes and try again. If it does not work, verify that the mobile operator timeouts are set to thirty minutes.
In many cases, a single firewall or gateway in the network can cause timing issues that impede the direct push path.
If your users have problems with short battery life, the heartbeat interval may be too short. Contact your mobile operator to have the device heartbeat interval modified.
If your users' devices are unsynchronized for long periods of time, this may be a result of having the Exchange server session duration shorter than the maximum heartbeat interval. Check with your mobile operator.
Another possible cause of unsynchronized devices has to do with the firewall settings. The firewall session timeout should be equal to or greater than the idle timeout on your mobile operator's network or the firewall will close the session prematurely.
In all mobile messaging scenarios, you will need to ensure that your firewall configuration is set to work correctly with Exchange ActiveSync and direct push technology. While each network infrastructure varies, the following illustration depicts a typical network infrastructure where the firewall idle session timeouts need to be adjusted to 30 minutes.
Using a heartbeat interval of 30 minutes has positive implications for battery life and bandwidth consumption. When direct push sessions are permitted to live longer (such as 30 minutes), there are fewer HTTP round trips, less data sent and received, and less power consumed by the device.
In other infrastructure scenarios, idle session time out settings may also include any other packet-forwarding networking devices or web appliances between the Exchange 2003 Server and mobile device. To modify the idle session timeout settings for your third party firewall or reverse proxy device, please refer to the hardware manufacturer’s documentation to do so. Additionally, Microsoft has worked with mobile operators to increase the idle connection timeouts on their outgoing firewalls, but the enterprises that are deploying direct push technology will also need to increase those timeouts on their incoming firewalls per the instructions above. In Microsoft’s own deployment, the timeouts on the firewall are set to thirty minutes.
Verify Direct Push Initialization
The Exchange Product team has written an article that explains steps that an administrator can take to help isolate direct push technology issues. For additional information and the full context of this article, see this Microsoft Web site: http://go.microsoft.com/fwlink/?LinkId=67080.
1. Verify that Exchange ActiveSync is loaded and IP-based AUTD is initialized by checking the application log on the FE for events below. Exchange Activesync gets initialized on the first sync attempt.
Netstat provides the Process ID which matches the EAS process per the initialization event in the application log.
Another way to check if the server is listening on the AUTD port is to use PortQry (available on Microsoft.com). The following lists the process that is listening on the port:
Process ID: 3048 (w3wp.exe)
PID Port Local IP State Remote IP:Port
3048 TCP 31479 172.29.8.222 ESTABLISHED 172.29.9.107:3268
3048 TCP 31480 172.29.8.222 ESTABLISHED 172.29.9.107:389
3048 UDP 2883 0.0.0.0 *:*
Troubleshooting Direct Push Using Logs
1. To enable device logging, go to ActiveSync, Menu, Configure Server, Next, Advanced and turn up Event logging to Verbose. The logs will be saved in the Windows\ActiveSync folder. PING commands will be logged in "Ping Exchange Server x.txt" where x =1,2,3. You should see commands similar to the one that follows:
The POST command is also logged in the IIS log on the FE.
The Ctrl log on the device can also be used to troubleshoot direct push technology although the format of this file may change with device updates.
1. Check the IIS logs on the BE to see if AUTDState.XML is being created or updated. You should see an entry something similar to the one that follows:
The AUTDState.XML is created on receipt of the 1st PING request and is updated only when the heartbeat or folder list changes. So you may not see this command for every Ping request.
AUTD state information is maintained on the mailbox server in the NON_IPM_SUBTREE of each user's mailbox.
In Internet Explorer, you can Choose File, Open, check the box to "Open as Web Folder" and type the following:
Push Mail and GAL Lookup missing when syncing to Exchange 2003 SP2 with a MSFP Device.
The following is a reprint of a blog on Microsoft TechNet that explains steps that an administrator can take to help isolate issues around direct push email and GAL Lookup when synching to Exchange 2003. For additional information and the full context of this article, please see the following TechNet blog: http://go.microsoft.com/fwlink/?LinkId=108981.
During deployments you may run into the issue where your server is up and you are syncing without a problem but you aren’t getting the option to sync as items arrive as well as the option to do Lookup Online is missing. This is normally caused by a firewall issue where the Options verb is being blocked.
We see we are not returning the expected response for the OPTIONS command from the following entry on the device logs. Enable Verbose logging on the device from server settings in Advanced in device to see these logs.
HTTP/1.1 500 Internal Server Error ( The system cannot find the file specified. )
The HTTP 500 is the response from the server for the OPTIONS command sent by the device.
We normally get this response if URLScan is blocking the verb. So we have to check for URLScan in the server. If URLScan is present, then we can add OPTIONS to the AllowVerb section of URLScan.ini file.
The above symptom is confirmed from the IIS logs as well.
2006-10-10 04:01:13 W3SVC1 SCIDUBMSG01 10.251.99.165 POST /Microsoft-Server-ActiveSync User=username&DeviceId=02563C023942F3E168000050BF1977E0&DeviceType=PocketPC&
Based on the list of commands returned by the server as above, the device will decide which version of AirSync protocol to use. Different features like direct push technology or AUTD etc depend on the version of the protocol being used for communication.
Check for URLScan on your Exchange server and check if any other device or software device is blocking OPTIONS command.
URLScan is an add-on tool that can be used by Web site administrators. The administrators can control the actions of URLScan and can restrict the type of HTTP requests that the server processes. URLscan.ini file is the configuration file of this tool and URLscan tool will not function after we rename this file and once we rename it back it will start working again, nothing else will be affected.
For more information see the Microsoft Knowledge Base article, "Using URLScan on IIS" (http://support.microsoft.com/kb/307608/). The purpose of this article is to ensure effective distribution of the Internet Information Services (IIS) security tool URLScan.
After you edit your URLSCAN.ini file a Server reboot is not required just restart the IIS & WWW services.