Exchange ActiveSync Returned an HTTP 500 Error Exchange 2003

Using testexchangeconnectivity I got the following error: 

Attempting FolderSync command on ActiveSync session 
FolderSync command test failed 

Additional Details 
Exchange ActiveSync returned an HTTP 500 response. 

You may get the following error when syncing your mobile phone or using This error can be caused by many different issues. If you’ve tried everything, have a look on the virtual directories and check that the IP settings are not set to DENY for certain IP addresses. This was the cause of my pain recently.

Installing SBS SP1 on SBS Server will cause the deny ip settings to be inserted. Only local IP addresses were granted access on the exchange-oma and exchange directories.

Microsoft Exchange 2010 SP2 announced

Microsoft have announced service pack 2 for Exchange 2010. I wonder how many update roll-ups will be broken by this?

  • Outlook Web App (OWA) Mini: A browse-only version of OWA designed for low bandwidth and resolution devices. Based on the existing Exchange 2010 SP1 OWA infrastructure, this feature provides a simple text based interface to navigate the user’s mailbox and access to the global address list from a plurality of mobile devices.
  • Cross-Site Silent Redirection for Outlook Web App: With Service Pack 2, you will have the ability to enable silent redirection when CAS must redirect an OWA request to CAS infrastructure located in another Active Directory site.  Silent redirection can also provide a single sign-on experience when Forms-Based Authentication is used.
  • Hybrid Configuration Wizard: Organizations can choose to deploy a hybrid scenario where some mailboxes are on-premises and some are in Exchange Online with Microsoft Office 365. Hybrid deployments may be needed for migrations taking place over weeks, months or indefinite timeframes. This wizard helps simplify the configuration of Exchange sharing features, like: calendar and free/busy sharing, secure mailflow, mailbox moves, as well as online archive.
  • Address Book Policies: Allows organizations to segment their address books into smaller scoped subsets of users providing a more refined user experience than the previous manual configuration approach. We also blogged about this new feature recently in GAL Segmentation, Exchange Server 2010 and Address Book Policies.
  • Customer Requested Fixes: All fixes contained within update rollups released prior to Service Pack 2 will also be contained within SP2. Details of our regular Exchange 2010 release rhythm can be found in Exchange 2010 Servicing.

Installing SBS 2003 SP1 after Exchange SP2 and Windows 2003 SP2 already installed

Doing a migration to SBS 2011 and I’ve had a few interesting issues. With this customer, SP1 for SBS 2003 was not installed. Interestingly, the other service packs were installed. Upon installing SBS SP1 I got the following error in the error log saying that the current user didn’t have the correct access. I was logged in with administrator (which you need to be logged in with to install SP1 for some odd reason).

Upon further investigation I found that the SBS user templates were disabled. I re-ran the SP1 wizard and it installed correctly.

OWA and Exchange 2010 issues

If anyone is using Exchange 2010 and OWA with Update Rollup 2 installed, they might be having some issues.

One issue we came across, was that OWA was not being displayed after login. The current setup was Router<->TMG Server<->Exchange. As you can see, we have OWA published through Microsoft Threat Management Gateway (TMG) server.

What was happened, after the login screen, we were being presented with a blank page. Looking at the code of that page, you saw that not a lot was being returned.
After some digging around (a lot of digging around), I found a page with some information on Update Rollup 2.

We decided to go a head and install Update Rollup 3. This can be found here. After installing this update, OWA now functioned, with a new problem. Images are not being displayed in OWA. All we get is a blank navigation menu.

After doing some research, the only fix I have found is by doing an reinstall of the CA role. This can be done by doing the following: /mode:uninstall /role:CA /mode:install /role:CA

My advice would be to stay away from the update rollups unless you need to install them. From what I can tell, they are causing more problems than they are fixing.

Problems installing KB974431 on Windows 2008 R2

I recently built a new Windows 2008 R2 server. typical setup. Once everything was configured, I decided to do a Windows Update, as you do. I noticed that one of the updates was taking a long time. This was update KB974431. I stopped the update and rebooted the server, on reflection, probably the wrong thing to do

When the server rebooted I could no longer add roles or features. Any type of install package (standalone or windows update) failed. The following message is logged in Event Viewer:

Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5be02b
Exception code: 0xc00000fd
Fault offset: 0x0000000000055237
Faulting process id: 0xa4c
Faulting application start time: 0x01cad7b3f2c0ddbc
Faulting application path: C:WindowsservicingTrustedInstaller.exe
Faulting module path: C:WindowsSYSTEM32ntdll.dll
Report Id: 32686db6-43a7-11df-a8a2-001143352b3e

After quite a bit of time looking through google, I came across a few pages that managed to solve the problem. It seems the problem is caused by an update failing and causing the install packages to become corrupt. I came across the following page, which had this comment:

Problem solved…

just replace package_for_kb974431_rtm~31bf3856ad364e35~amd64~~
file located at c:windowsservicingpackages with the same file from
functional server. Or you can have this file from update. You can download it
here and unpack it: Just rename
Windows6.1-KB974431-x64.msu to … open it, open inside and there you will find

you will also have to take ownership over old file and also you will have to
set proper permissions on c:windowsservicingpackages folder – in order to
rename old file and copy the new one

The following website is also very useful.

Exchange 2010 with Legacy 2000 AD information

I had an interesting issue. I had an old Windows 2000 SBS server on my clients network. Been there for a long time as they needed to use the legacy application that it runs. Most services were disabled (ISA, Exchange). Problem arose as it had been disconnected from the domain for some time. This proved interesting when I tried to remove it from the domain. We had to do a adprep /forceremoval (undocumented).

Anyway, the next issue arose when the new Exchange 2010 server was being installed. We could not create mailboxes for exiting users. What gives? I thought Exchange was not being used on the old server? Seems it was, at one stage.

Ok, time to remove this.

[PS] C:Windowssystem32>get-mailbox LegacyUser

Name                      Alias                ServerName       ProhibitSendQuota
—-                           —–                ———-       —————–
Legacy User        LegacyUser           OldSBS2000       unlimited

Ok, the user still seems to be there. I managed to find a command which disables the mailbox AND removes the legacy information from Active Directory.

[PS] C:Windowssystem32>disable-mailbox LegacyUser

Are you sure you want to perform this action?
Disabling Mailbox “LegacyUser” will remove the Exchange properties from the Windows user object and mark the mailbox in
the database for removal.
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is “Y”):

If you don’t disable the user, you will get the following error:

[PS] C:Windowssystem32>remove-mailbox LegacyUser

Are you sure you want to perform this action?
Removing the Mailbox “adeleg” will remove the Active Directory user object and mark the mailbox in the database for removal.
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is “Y”):
Active Directory operation failed on LegacySBS2000.domain.local. This error is not retriable. Additional information: Acc
ess is denied.
Active directory response: 00000005: SecErr: DSID-03151D12, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo          : NotSpecified: (0:Int32) [Remove-Mailbox], ADOperationException
+ FullyQualifiedErrorId : 103F99DF,Microsoft.Exchange.Management.RecipientTasks.RemoveMailbox

Now you can add mailboxes to these users.You can also remove this information from AD using ADSI Edit, but I STRONGLY DO NOT RECOMMEND THIS. It does work however 😉

I hope this helps someone out there.

Outlook cached mode can cause problems…

Have you had the problem where Outlook sits there, forever, waiting to “update current folder”. I recently had this problem when changing an Outlook 2007 client to HTTP over RPC. After I made this change, weird stuff started to happen. No problem I thought. I will use scanpst.exe and attempt to scan the file. In the past, this has been where most of these sorts of problems lie. This was quite a large file, 3.5gb. After this had completed and still didn’t work, I started scratching my head a bit. What would cause this to happen?

After a bit of testing, I found that turning cached mode off let the folder update. I then proceeded to delete every file out of the Outlook folder (under local settingsapplication datamicrosoftoutlook) apart from the ost file and archive folders.

This fixed the problem. This is the first time I’ve come across this so I thought I’d share.

Google brings Chrome’s renderer to IE with browser plugin

Google plans to drag Internet Explorer into the world of modern Web browsing with a new open source plugin that will inject Chrome’s renderer and JavaScript engine into Microsoft’s browser.

Who would have thought? Hopefully this takes off.

Microsoft Server 2008 Foundation

Microsoft Foundation Server 2008

Microsoft have released a new operating system designed for the small business. Wait, don’t we already have one of those?

Microsoft Server 2008 Foundation is aimed at businesses with 15 employees or less. It’s an OEM product that only comes with new machines sold by either Dell or HP (at time of writing). Another thing to note are the artificial limitations placed on the OS.

  • 15 users maximum
  • Limited to 8gb of memory
  • Visualization disabled

At the same time it does have one benefit. It’s a very cheap Terminal Server.

The OS is upgradable to other versions of server 2008, but what is the point? I can guarentee that by the time this happens, the hardware will be out of date, or the hardware simply won’t be able to be upgraded significantly to improve the performance of the server with the upgraded operating system.

The biggest problem with Foundation is its lack of Exchange. What business operates without email these days?

I love Microsoft products, but this sounds like a knee jerk reaction to a slow uptake on Windows 2008 Small Business Server and will ultimately fail. Watch this space…

Lets just hope this is an April Fools joke.