Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Exchange MOM: Exchange ActiveSync logon failure: Internal Server E

17 views
Skip to first unread message

Benoit Vedel

unread,
Jun 21, 2008, 1:53:00 AM6/21/08
to
hi ,

My company has MOM2005 and i installed Exchange 2003 MP
i have 2 errors thats i can't resolve on my frontend servers. the ALerts are
for Exchange ActiveSync logon failure and Outlook Mobile Access logon

the alerts are:
Severity: critical error
Status: New
Source: Exchange MOM
Name: Exchange ActiveSync logon failure: Internal Server Error.
Description: EAS Logon failed.
URL:
https://localhost/Microsoft-Server-ActiveSync?Cmd=GetHierarchy&User=SRV7MOM&DeviceId=EASMonitor&DeviceType=SmartPhone
Error: 403
Descripton: Request Forbidden <- ??? ( i check the securities on the servers
and my momaction account has Modify permissions (belongs to group : domain
admins)

This event was generated by the script: "Exchange 2003 - EAS logon
verification"

Domain: mycompany.com
Agent: SRV-X
Time: 6/20/2008 17:00:02
Owner:
(view with
http://mymomserver:1272/?v=a&id=8E5FF742-44DC-44E7-8940-48905E31A1C8)

Also i customise the regedit and all the frontend servers to meet the MOM
requirements : (string) cutomeasURLs =
https://mail.mycompany.com/Microsoft-Server-ActiveSync
and don't understand why i have this error ???
---
the second alert is more strange because i deactivate the rule ( and deploy
the changes on the managed servers) and i still have this error ( even if the
feature for OMA is not activate on EMS) ???

Severity: critical error
Status: New
Source: Exchange MOM
Name: Outlook Mobile Access logon failure: Wireless access is not enabled
for the account.
Description: OMA Logon failed.
URL: https://localhost/OMA/
Error: 1004
Descripton: Your user account has not been enabled for wireless access.
Please contact your system administrator for additional assistance.

This event was generated by the script: "Exchange 2003 - OMA logon
verification"

Domain: mycompany.com
Agent: SRV-X
Time: 6/20/2008 16:49:01
Owner:
(view with
http://mymomserver:1272/?v=a&id=1AFDD807-1833-424D-9AD8-4D9B045E5522)


nb: also i customise the regedit on the servers with string customomourls=
https://mail.mycompany.com/oma

does anyone had already the same alerts and could help me to resolve these
issues?

Many thanks

Anders Bengtsson [MVP]

unread,
Jun 22, 2008, 10:50:26 AM6/22/08
to
Hi Benoit,

MOM use a couple of test accounts to test mailbox access and mailbox flow.
It is not a good idea to use domain admin as they have DENY on mailboxes
and mailbox store.

EAS logon failure: Internal Server Error This rule generates an alert when
the logon scripts cannot successfully log on because of a server error.

EAS logon failure: Forbidden This rule generates an error when the Mailbox
Access account is not enabled for Exchange ActiveSync, or when Exchange ActiveSync
is disabled. The alert is generated when the logon scripts cannot log on.

This is a quick start guide http://technet.microsoft.com/sv-se/library/cc181057(en-us).aspx
that you will have to read. Then make sure the exchnage test account has
enough with permissions, it is not the same account as action account, it
is another account created when you run the exchange MP configuration wizard.

--
Anders Bengtsson
Microsoft MVP - Operations Manager
http://www.contoso.se

Benoit Vedel

unread,
Jun 25, 2008, 9:11:00 AM6/25/08
to
Hi Anders ,
thank you for your explanations it really helps me

just one more question about the test mailbox account from the Exchange MP

the setup created several accounts to monitor Mailboxes under
OU=users,dc=mycompany,dc=com
The name is <servers-X>MOM: I checked the Exchange permissions everything
seems to be OK
Also the Exchange features have been enable ( by default ) for this account

The only problem is the account <servers-X>MOM has been deactivate because
the password didn't meet the minimum requirements for the Password complexity
etc. => It's my default policy for the company and I don't have windows 2008
yet :)

So I'm wondering if I reactive the account with a password that meet the
policies requirements, I will have others issues with the rules that use this
account to monitor the healt of my servers becasue the password won't be the
same.

what to do i this case ?
I'm right ? can I do this safely ?Do i need to recreate manually an exchange
testing account?

thanks for your patience and your time
benoit

Anders Bengtsson [MVP]

unread,
Jun 26, 2008, 4:37:42 PM6/26/08
to
Hi Benoit,

Please take a look at this KB, there is a manually step to take to update
the password, http://support.microsoft.com/kb/924152


--
Anders Bengtsson
Microsoft MVP - Operations Manager

Microsoft Certified Trainer (MCT)
http://www.contoso.se

0 new messages