Radical juxtaposition of concepts, isn’t it? Open source and ideas. Wow. Imagine…so many creative people without the means to realize their ideas and others lacking creativity but having deep pockets. Somehow everyone can win, right? Right. It’s time to look at the whole picture. There is a lot of brilliance out there; imagine sharing and combining those ideas. For the greater good. A network of creative thinking for the advancement of … everything. How can black boxes make life better but just for the select few? We need to open the box and invite everyone to participate. I’m adding a new category, “OSI” – Open Source Ideas. Anything posted there is open – open to be expanded upon, open to be utilized; I just ask for credit as the originator and all threads of the ideas contain the same credits.
Archive for August, 2006
Since switching to Fedora Core 5, and more precisely, Apache 2.2, I’ve been getting intermittent issues when trying to sync my WM5 device and also using OWA. For me, the solution was not to reinstall Outlook or to upgrade to ActiveSync 4.2; the problem is with the proxy server that front-ends the Exchange/IIS server. I’ve blogged about this issue before and even though the ActiveSync error codes are the same, the causes are different.
My environment is still the same as the previous posting with the exception of an Apache 2.2 front-end instead of the VPN tunnel. Here’s a link to setting up the Apache server. (NOTE: I’m not experiencing the same problems with a percent in the subject so I have not applied the workaround.)
The problem surfaced as errors during ActiveSync-ing. I would see an error code of 85010014. I discovered the real problems were with Apache returning 502 errors. The error logs were filled with lines of the following form:
[Wed Aug 02 14:58:38 2006] [error] [client 192.168.86.111] proxy: error reading status line from remote server
[Wed Aug 02 14:58:38 2006] [error] [client 192.168.86.111] proxy: Error reading from remote server returned by /Microsoft-Server-ActiveSync
I believe the error has to do with timeouts from HTTP KeepAlives and mod_proxy reading from a closed pipe/handle. I have adjusted the timeouts on both ends and still received the same errors. I even disabled HTTP KeepAlives on the IIS error: that resulted in a whole new problem: error code 85010016. As soon as I re-enabled the HTTP KeepAlives on the IIS error, the 85010016 error went away (no need to restart the IIS server). I've also tried the SetEnv proxy-nokeepalive 1 workaround and that did not solve my problem.
I realized I had a configuration problem when checking netstat results and looking at the packets from Ethereal (now Wireshark). Turns out I had an SSL connection to the apache server but a plain old HTTP (port 80) connection to the IIS server! By adjusting my ProxyPass parameters in httpd.conf to point to https, my 85010014 error has gone away and I no longer see the error messages in my httpd logs.
For reference, my entry in httpd.conf:
CustomLog logs/owa_access_log combined
RequestHeader set Front-End-Https "On"
ProxyPass / https://owa.backend.server/
ProxyPassReverse / https://owa.backend.server/
ProxyPass /rpc https://owa.backend.server/rpc/
ProxyPassReverse /rpc https://owa.backend.server/rpc/
ProxyPass /exchange https://owa.backend.server/exchange/
ProxyPassReverse /exchange https://owa.backend.server/exchange/
ProxyPass /exchweb https://owa.backend.server/exchweb/
ProxyPassReverse /exchweb https://owa.backend.server/exchweb/
ProxyPass /public https://owa.backend.server/public/
ProxyPassReverse /public https://owa.backend.server/public/
ProxyPass /iisadmpwd https://owa.backend.server/iisadmpwd/
ProxyPassReverse /iisadmpwd https://owa.backend.server/iisadmpwd/
ProxyPass /exchange-oma https://owa.backend.server/exchange-oma/
ProxyPassReverse /exchange-oma https://owa.backend.server/exchange-oma/
ProxyPass /Microsoft-Server-ActiveSync https://owa.backend.server/Microsoft-Server-ActiveSync/
ProxyPassReverse /Microsoft-Server-ActiveSync https://owa.backend.server/Microsoft-Server-ActiveSync/
allow from all
RedirectMatch ^/$ /exchange