maxi_ekb
31-03-2016, 23:11
Есть Exchange 2010 развёрнут на 2 физических серверах (на одном Edge, на втором все остальные роли).
Вэб-доступ к сервисам ,был опубликован через TMG 2010.
Недавно этот доступ пропал, поскольку центр сертификации Active Directory прекратил правильно работать (не мог разослать списки отзыва сертификатов). Это волновало Exchange настолько, что он начал отказывать в доступе к owa.
Центр сертификации Active Directory я поднял на другом контроллере домена.
Смена центра сертификации повлекла за собой перевыпуск сертификата Exchange и экспорт этого сертификата на TMG2010.
Что-то пошло не так, поскольку OWA доступна, а с клиентами Android ничего не получается.
я выпускаю сертификаты exchange 2010, но в андроид телефон не удаётся добавить учётную запись Exchange ActivSync.
Неудача с проверкой параметров сервера входящей почты завершается ошибкой соединения.
Внутри сети Autodiscover работает великолепно, а вот снаружи явно какие-то косяки, поскольку подставляются сервера вида firma.ru
Готов предоставить любые скриншоты.
Цель: "внешний" доступ к Exchange ActivSync с телефонов Android используя TMG 2010.
Владелец почтового ящика: Максим Владимирович [maxi@firma.ru]
Пользователь-агент: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Установлена необходимая версия Silverlight: Нет
Требуемая версия Silverlight: 2.0.31005.0
Возможности Outlook Web App: Premium
Язык пользователя: русский (Россия)
Часовой пояс пользователя: (UTC+06:00) Екатеринбург
Адрес почтового ящика Exchange: /o=firma /ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=userbb444fda
Адрес узла: https://owa.firma.ru/owa
Версия: 14.3.279.2
Имя узла: owa.firma.ru
Элемент управления S/MIME: не установлен
Имя сервера клиентского доступа Exchange: EX-MAIL.firma.int
Версия .NET Framework сервера клиентского доступа Exchange: 2.0.50727.5485
Версия операционной системы сервера клиентского доступа: Microsoft Windows NT 6.1.7601 Service Pack 1
Версия сервера клиентского доступа: 14.3.123.0
Платформа сервера клиентского доступа: 64 разряда
Имя сервера почтовых ящиков: EX-MAIL.firma.int
Версия Microsoft Exchange сервера почтовых ящиков: 14.3.123.0
Язык операционной системы сервера клиентского доступа: ru-RU
Язык сервера клиентского доступа: en-US
Часовой пояс сервера клиентского доступа: (UTC+06:00) Екатеринбург
Другие роли сервера Microsoft Exchange, установленные на сервере клиентского доступа: Почтовый ящик, Транспортный сервер-концентратор
Тип проверки подлинности, связанный с этим сеансом Outlook Web App: Kerberos
Общий вход: Нет
Параметр внутреннего POP:
Имя сервера: ex-mail.firma.int
Порт: 995
Метод шифрования: SSL
Параметр внутреннего IMAP:
Имя сервера: ex-mail.firma.int
Порт: 993
Метод шифрования: SSL
Настраиваемые формы: загружен
Параметры сегментации: fffffffeefc3ffff
Параметры ограниченной функциональности: fffffffeefc3ffff
внешний адрес TMG2010 = owa.firma.ru = autodiscover.firma.ru
https://testconnectivity.microsoft.com/Images/Error.pngThe Microsoft Connectivity Analyzer is testing Exchange ActiveSync. The Exchange ActiveSync test failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting the Autodiscover and Exchange ActiveSync test (if requested). Testing of Autodiscover for Exchange ActiveSync failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting each method of contacting the Autodiscover service. The Autodiscover service couldn't be contacted successfully by any method. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting to test potential Autodiscover URL https://firma.ru:443/Autodiscover/Autodiscover.xml Testing of this potential Autodiscover URL failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 2270 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.226.158.yyy
Elapsed Time: 675 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 646 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 948 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: OU=IT Department, O=VimpelCom Ltd., S=Yekaterinburg, C=RU, Issuer: CN=Beeline, C=RU, S=Yekaterinburg, L=Sverdlovskaya Oblast, E=webmaster@ur.ru, OU=IT Department, O=VimpelCom Ltd..
Elapsed Time: 925 ms.
https://testconnectivity.microsoft.com/Images/Error.pngValidating the certificate name. Certificate name validation failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details The Microsoft Connectivity Analyzer couldn't parse the common name from certificate subject OU=IT Department, O=VimpelCom Ltd., S=Yekaterinburg, C=RU.
Elapsed Time: 0 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to test potential Autodiscover URL https://autodiscover.firma.ru:443/Autodiscover/Autodiscover.xml Testing of this potential Autodiscover URL failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 2161 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name autodiscover.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 641 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host autodiscover.firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 620 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 898 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU, Issuer: CN=firma-SDC-CA, DC=firma, DC=int.
Elapsed Time: 871 ms.
https://testconnectivity.microsoft.com/Images/Error.pngValidating the certificate name. Certificate name validation failed. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843845) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Host name autodiscover.firma.ru doesn't match any name found on the server certificate CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU.
Elapsed Time: 1 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to contact the Autodiscover service using the HTTP redirect method. The attempt to contact Autodiscover using the HTTP Redirect method failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 21034 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name autodiscover.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 5 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting TCP port 80 on host autodiscover.firma.ru to ensure it's listening and open. The specified port is either blocked, not listening, or not producing the expected response. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843832) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details A network error occurred while communicating with the remote host.
Elapsed Time: 21028 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to contact the Autodiscover service using the DNS SRV redirect method. The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 333 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting to locate SRV record _autodiscover._tcp.firma.ru in DNS. The Autodiscover SRV record wasn't found in DNS. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843849) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 333 ms.
https://testconnectivity.microsoft.com/Images/Warning.pngChecking if there is an autodiscover CNAME record in DNS for your domain 'firma.ru' for Office 365. Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843786) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details There is no Autodiscover CNAME record for your domain 'firma.ru'.
Elapsed Time: 304 ms.
https://testconnectivity.microsoft.com/Images/Error.pngThe Microsoft Connectivity Analyzer is testing Exchange ActiveSync. The Exchange ActiveSync test failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 29897 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name owa.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 650 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host owa.firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 590 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting the SSL certificate to make sure it's valid. The certificate passed all validation requirements. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 881 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server owa.firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU, Issuer: CN=firma-SDC-CA, DC=firma, DC=int.
Elapsed Time: 854 ms.
https://testconnectivity.microsoft.com/Images/Success.pngValidating the certificate name. The certificate name was validated successfully. https://testconnectivity.microsoft.com/Images/Plus.gifAdditional Detailshttps://testconnectivity.microsoft.com/Images/Success.pngTesting the certificate date to confirm the certificate is valid. Date validation passed. The certificate hasn't expired. https://testconnectivity.microsoft.com/Images/Plus.gifAdditional Detailshttps://testconnectivity.microsoft.com/Images/Success.pngChecking the IIS configuration for client certificate authentication. Client certificate authentication wasn't detected. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Accept/Require Client Certificates isn't configured.
Elapsed Time: 1144 ms.
https://testconnectivity.microsoft.com/Images/Warning.pngTesting HTTP Authentication Methods for URL https://owa.firma.ru/Microsoft-Server-ActiveSync/. The test passed with some warnings encountered. Please expand the additional details. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843793) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details The following authentication methods are enabled, but they aren't allowed authentication methods for this service. Methods: Negotiate, NTLM
HTTP Response Headers:
Connection: Keep-Alive
Content-Length: 1292
Content-Type: text/html
Date: Mon, 04 Apr 2016 13:09:21 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: Negotiate,NTLM,Basic realm="owa.firma.ru"
X-Powered-By: ASP.NET
Elapsed Time: 838 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAn ActiveSync session is being attempted with the server. Errors were encountered while testing the Exchange ActiveSync session. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 25792 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to send the OPTIONS command to the server. The OPTIONS response was successfully received and is valid. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details HTTP Response Headers:
Connection: Keep-Alive
Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.3
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,M oveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingRes ponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public: OPTIONS,POST
Persistent-Auth: true
Content-Length: 0
Cache-Control: private
Date: Mon, 04 Apr 2016 13:09:25 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 4093 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting the FolderSync command on the Exchange ActiveSync session. The test of the FolderSync command failed. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843812) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
HTTP Response Headers:
Connection: Keep-Alive
MS-Server-ActiveSync: 14.3
X-MS-RP: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,M oveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingRes ponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Persistent-Auth: true
Content-Length: 1201
Cache-Control: private
Content-Type: text/html
Date: Mon, 04 Apr 2016 13:09:47 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 21698 ms.
RunspaceId : 5abba853-e9b0-4ff8-a4f5-396bcd12c336
CertificateAuthentication :
InternalNLBBypassUrl : https://ex-mail.firma.int/ews/exchange.asmx
GzipLevel : High
MRSProxyEnabled : False
MRSProxyMaxConnections : 100
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://EX-MAIL.firma.int/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : EX-MAIL
InternalUrl : https://ex-mail.firma.int/EWS/Exchange.asmx
ExternalUrl : https://owa.firma.ru/ews/exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EX-MAIL,CN=Servers,CN=Exchange Admi
nistrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=firma 1,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=firma,DC=int
Identity : EX-MAIL\EWS (Default Web Site)
Guid : ccae7295-fd3b-4d92-8e37-14a494806c5d
ObjectCategory : firma.int/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 17.01.2012 17:05:15
WhenCreated : 19.11.2010 20:32:22
WhenChangedUTC : 17.01.2012 12:05:15
WhenCreatedUTC : 19.11.2010 15:32:22
OrganizationId :
OriginatingServer : firma-pdc.firma.int
IsValid : True.
Вэб-доступ к сервисам ,был опубликован через TMG 2010.
Недавно этот доступ пропал, поскольку центр сертификации Active Directory прекратил правильно работать (не мог разослать списки отзыва сертификатов). Это волновало Exchange настолько, что он начал отказывать в доступе к owa.
Центр сертификации Active Directory я поднял на другом контроллере домена.
Смена центра сертификации повлекла за собой перевыпуск сертификата Exchange и экспорт этого сертификата на TMG2010.
Что-то пошло не так, поскольку OWA доступна, а с клиентами Android ничего не получается.
я выпускаю сертификаты exchange 2010, но в андроид телефон не удаётся добавить учётную запись Exchange ActivSync.
Неудача с проверкой параметров сервера входящей почты завершается ошибкой соединения.
Внутри сети Autodiscover работает великолепно, а вот снаружи явно какие-то косяки, поскольку подставляются сервера вида firma.ru
Готов предоставить любые скриншоты.
Цель: "внешний" доступ к Exchange ActivSync с телефонов Android используя TMG 2010.
Владелец почтового ящика: Максим Владимирович [maxi@firma.ru]
Пользователь-агент: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Установлена необходимая версия Silverlight: Нет
Требуемая версия Silverlight: 2.0.31005.0
Возможности Outlook Web App: Premium
Язык пользователя: русский (Россия)
Часовой пояс пользователя: (UTC+06:00) Екатеринбург
Адрес почтового ящика Exchange: /o=firma /ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=userbb444fda
Адрес узла: https://owa.firma.ru/owa
Версия: 14.3.279.2
Имя узла: owa.firma.ru
Элемент управления S/MIME: не установлен
Имя сервера клиентского доступа Exchange: EX-MAIL.firma.int
Версия .NET Framework сервера клиентского доступа Exchange: 2.0.50727.5485
Версия операционной системы сервера клиентского доступа: Microsoft Windows NT 6.1.7601 Service Pack 1
Версия сервера клиентского доступа: 14.3.123.0
Платформа сервера клиентского доступа: 64 разряда
Имя сервера почтовых ящиков: EX-MAIL.firma.int
Версия Microsoft Exchange сервера почтовых ящиков: 14.3.123.0
Язык операционной системы сервера клиентского доступа: ru-RU
Язык сервера клиентского доступа: en-US
Часовой пояс сервера клиентского доступа: (UTC+06:00) Екатеринбург
Другие роли сервера Microsoft Exchange, установленные на сервере клиентского доступа: Почтовый ящик, Транспортный сервер-концентратор
Тип проверки подлинности, связанный с этим сеансом Outlook Web App: Kerberos
Общий вход: Нет
Параметр внутреннего POP:
Имя сервера: ex-mail.firma.int
Порт: 995
Метод шифрования: SSL
Параметр внутреннего IMAP:
Имя сервера: ex-mail.firma.int
Порт: 993
Метод шифрования: SSL
Настраиваемые формы: загружен
Параметры сегментации: fffffffeefc3ffff
Параметры ограниченной функциональности: fffffffeefc3ffff
внешний адрес TMG2010 = owa.firma.ru = autodiscover.firma.ru
https://testconnectivity.microsoft.com/Images/Error.pngThe Microsoft Connectivity Analyzer is testing Exchange ActiveSync. The Exchange ActiveSync test failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting the Autodiscover and Exchange ActiveSync test (if requested). Testing of Autodiscover for Exchange ActiveSync failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting each method of contacting the Autodiscover service. The Autodiscover service couldn't be contacted successfully by any method. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 26104 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting to test potential Autodiscover URL https://firma.ru:443/Autodiscover/Autodiscover.xml Testing of this potential Autodiscover URL failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 2270 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.226.158.yyy
Elapsed Time: 675 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 646 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 948 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: OU=IT Department, O=VimpelCom Ltd., S=Yekaterinburg, C=RU, Issuer: CN=Beeline, C=RU, S=Yekaterinburg, L=Sverdlovskaya Oblast, E=webmaster@ur.ru, OU=IT Department, O=VimpelCom Ltd..
Elapsed Time: 925 ms.
https://testconnectivity.microsoft.com/Images/Error.pngValidating the certificate name. Certificate name validation failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details The Microsoft Connectivity Analyzer couldn't parse the common name from certificate subject OU=IT Department, O=VimpelCom Ltd., S=Yekaterinburg, C=RU.
Elapsed Time: 0 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to test potential Autodiscover URL https://autodiscover.firma.ru:443/Autodiscover/Autodiscover.xml Testing of this potential Autodiscover URL failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 2161 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name autodiscover.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 641 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host autodiscover.firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 620 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting the SSL certificate to make sure it's valid. The SSL certificate failed one or more certificate validation checks. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 898 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU, Issuer: CN=firma-SDC-CA, DC=firma, DC=int.
Elapsed Time: 871 ms.
https://testconnectivity.microsoft.com/Images/Error.pngValidating the certificate name. Certificate name validation failed. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843845) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Host name autodiscover.firma.ru doesn't match any name found on the server certificate CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU.
Elapsed Time: 1 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to contact the Autodiscover service using the HTTP redirect method. The attempt to contact Autodiscover using the HTTP Redirect method failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 21034 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name autodiscover.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 5 ms.
https://testconnectivity.microsoft.com/Images/Error.pngTesting TCP port 80 on host autodiscover.firma.ru to ensure it's listening and open. The specified port is either blocked, not listening, or not producing the expected response. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843832) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details A network error occurred while communicating with the remote host.
Elapsed Time: 21028 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting to contact the Autodiscover service using the DNS SRV redirect method. The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 333 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Error.pngAttempting to locate SRV record _autodiscover._tcp.firma.ru in DNS. The Autodiscover SRV record wasn't found in DNS. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843849) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 333 ms.
https://testconnectivity.microsoft.com/Images/Warning.pngChecking if there is an autodiscover CNAME record in DNS for your domain 'firma.ru' for Office 365. Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843786) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details There is no Autodiscover CNAME record for your domain 'firma.ru'.
Elapsed Time: 304 ms.
https://testconnectivity.microsoft.com/Images/Error.pngThe Microsoft Connectivity Analyzer is testing Exchange ActiveSync. The Exchange ActiveSync test failed. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 29897 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to resolve the host name owa.firma.ru in DNS. The host name resolved successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details IP addresses returned: xxx.172.56.yyy
Elapsed Time: 650 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting TCP port 443 on host owa.firma.ru to ensure it's listening and open. The port was opened successfully. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 590 ms.
https://testconnectivity.microsoft.com/Images/Success.pngTesting the SSL certificate to make sure it's valid. The certificate passed all validation requirements. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 881 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngThe Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server owa.firma.ru on port 443. The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Remote Certificate Subject: CN=owa.firma.ru, OU="йййй(ЕКБ)", O=цццц, L="Екатеринбург, Свердловская обл.", S=УРАЛ, C=RU, Issuer: CN=firma-SDC-CA, DC=firma, DC=int.
Elapsed Time: 854 ms.
https://testconnectivity.microsoft.com/Images/Success.pngValidating the certificate name. The certificate name was validated successfully. https://testconnectivity.microsoft.com/Images/Plus.gifAdditional Detailshttps://testconnectivity.microsoft.com/Images/Success.pngTesting the certificate date to confirm the certificate is valid. Date validation passed. The certificate hasn't expired. https://testconnectivity.microsoft.com/Images/Plus.gifAdditional Detailshttps://testconnectivity.microsoft.com/Images/Success.pngChecking the IIS configuration for client certificate authentication. Client certificate authentication wasn't detected. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Accept/Require Client Certificates isn't configured.
Elapsed Time: 1144 ms.
https://testconnectivity.microsoft.com/Images/Warning.pngTesting HTTP Authentication Methods for URL https://owa.firma.ru/Microsoft-Server-ActiveSync/. The test passed with some warnings encountered. Please expand the additional details. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843793) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details The following authentication methods are enabled, but they aren't allowed authentication methods for this service. Methods: Negotiate, NTLM
HTTP Response Headers:
Connection: Keep-Alive
Content-Length: 1292
Content-Type: text/html
Date: Mon, 04 Apr 2016 13:09:21 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: Negotiate,NTLM,Basic realm="owa.firma.ru"
X-Powered-By: ASP.NET
Elapsed Time: 838 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAn ActiveSync session is being attempted with the server. Errors were encountered while testing the Exchange ActiveSync session. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Elapsed Time: 25792 ms.
https://testconnectivity.microsoft.com/Images/Minus.gifTest Steps https://testconnectivity.microsoft.com/Images/Success.pngAttempting to send the OPTIONS command to the server. The OPTIONS response was successfully received and is valid. https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details HTTP Response Headers:
Connection: Keep-Alive
Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.3
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,M oveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingRes ponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public: OPTIONS,POST
Persistent-Auth: true
Content-Length: 0
Cache-Control: private
Date: Mon, 04 Apr 2016 13:09:25 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 4093 ms.
https://testconnectivity.microsoft.com/Images/Error.pngAttempting the FolderSync command on the Exchange ActiveSync session. The test of the FolderSync command failed. https://testconnectivity.microsoft.com/Images/GreenRtArrow.jpg Tell me more about this issue and how to resolve it (http://go.microsoft.com/?linkid=9843812) https://testconnectivity.microsoft.com/Images/Minus.gifAdditional Details Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
HTTP Response Headers:
Connection: Keep-Alive
MS-Server-ActiveSync: 14.3
X-MS-RP: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,M oveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingRes ponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Persistent-Auth: true
Content-Length: 1201
Cache-Control: private
Content-Type: text/html
Date: Mon, 04 Apr 2016 13:09:47 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Elapsed Time: 21698 ms.
RunspaceId : 5abba853-e9b0-4ff8-a4f5-396bcd12c336
CertificateAuthentication :
InternalNLBBypassUrl : https://ex-mail.firma.int/ews/exchange.asmx
GzipLevel : High
MRSProxyEnabled : False
MRSProxyMaxConnections : 100
Name : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://EX-MAIL.firma.int/W3SVC/1/ROOT/EWS
Path : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\EWS
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : EX-MAIL
InternalUrl : https://ex-mail.firma.int/EWS/Exchange.asmx
ExternalUrl : https://owa.firma.ru/ews/exchange.asmx
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=EX-MAIL,CN=Servers,CN=Exchange Admi
nistrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=firma 1,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=firma,DC=int
Identity : EX-MAIL\EWS (Default Web Site)
Guid : ccae7295-fd3b-4d92-8e37-14a494806c5d
ObjectCategory : firma.int/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged : 17.01.2012 17:05:15
WhenCreated : 19.11.2010 20:32:22
WhenChangedUTC : 17.01.2012 12:05:15
WhenCreatedUTC : 19.11.2010 15:32:22
OrganizationId :
OriginatingServer : firma-pdc.firma.int
IsValid : True.