Direct Push is just a heartbeat away

EDIT 10/02/1008: We have updated the section on compatibility of Direct Push and Wi-Fi.




Exchange 2003 introduced the Always Up To Date notification feature (AUTD) that kept devices up to date by sending SMS triggers to the device. The triggers were sent from the enterprise as SMTP messages to the SMTP front end at the mobile operator. They were then sent through the SMS gateway as SMS messages to the device. This approach had some limitations since not all mobile operators did the SMTP to SMS conversion. Even when they did, there was latency involved with SMS messages and there were end-to-end reliability issues. Also some mobile operators charged for each incoming SMS message so that added an extra dimension to the cost of staying up to date. To alleviate these issues, Exchange 2003 SP2 introduced Direct Push.


Direct Push Architecture


Direct Push is a client initiated HTTP connection to the server where the device opens a connection to the Exchange Server and keeps it alive for a duration known as the heartbeat interval.  Basically the client sets up the connection, chooses the appropriate heartbeat interval and tears down and reestablishes the connection if and when necessary. The server sends notifications about new items over this connection and the client synchronizes to get the new items.


A new AirSync command called PING has been introduced for Direct Push. This command is sent as part of the POST request from the device.

Summary of Interaction between the client, EAS server and Exchange

1. Device issues a PING command.

2. When the EAS server receives a PING command it does the following:

·         If the Ping command contains the heartbeat interval or folder list, it stores the information in AUTDSTATE.XML in the user’s mailbox. The device does not need to send these parameters up again unless they change.

·         If the Ping command did not contain the heartbeat or folder list, it retrieves them from the mailbox server.

·         EAS subscribes to notifications for the folders. It issues DAV subscriptions using the SUBSCRIBE command.

·         Since there is a small window between the last SYNC and the SUBSCRIBE where changes could have occurred, EAS checks for changes. If there is a change, the server immediately notifies the client to sync by issuing a response to the PING command with a Status of 2. It does an UNSUBSCRIBE to delete the DAV subscription. If no changes have occurred, the server continues to wait for UDP notifications from the mailbox server.

·         If a notification arrives within the heartbeat interval, the server will inform the client to sync. A response to the PING command is issued with a Status of 2 indicating that there are changes. Otherwise, after the heartbeat interval elapses, the server will return a response to the PING command with a Status of 1 indicating that there are no changes. It does an UNSUBSCRIBE to delete the DAV subscriptions before issuing the PING response.


Deployment Considerations for Direct Push


1. In order to use Direct Push, only the Exchange 2003 Front End servers need to be upgraded to SP2. However it is highly recommended that SP2 be installed on all Exchange Front End and back end servers. 


If the Front End servers are load balanced, all the Front End servers need to be upgraded around the same time.


2. When there is new mail, the BE sends a UDP notification to the FE.  Direct Push requires that UDP port 2883 be open from the BE to the FE. The port can be configured using the registry value UDPListenPort under HKLM\SYSTEM\CurrentControlSet\Services\MasSync\Parameters. If this value is set through the registry, the value must be greater than or equal to 1 and less than or equal to 65535. 


3. With Direct Push, the device keeps a connection open to the Exchange server. If you have a firewall between the device and the Exchange server, you must increase the idle connection timeout on the firewall. Please note that this is the idle connection timeout (i.e.) when there is no data transfer between client and server. For more information, please refer to KB titled “Enterprise firewall configuration for Exchange ActiveSync Direct Push Technology” available at


4. If you are using ISA 2000, you need to add a registry key on the ISA server to use direct push. Please refer to  the KB titled “The ISA Server response to client options requests is limited to a predefined” available at for information on how to add the registry key.


Heartbeat Interval


The device specifies the heartbeat interval as part of the PING command. This dictates how long the server must keep the connection alive. The device will dynamically converge to the highest possible heartbeat interval for a given network, based on the mobile operator timeouts, firewall timeouts etc. The higher the heartbeat interval, the better it is for battery life. So the heartbeat is optimized for a given network.


You can change the minimum and maximum heartbeat interval settings on the server through the registry.


The settings are MinHeartbeatInterval and MaxHeartbeatInterval under



The defaults are 1 and 45 minutes respectively. Note that the maximum is hard coded to 59 minutes since the maximum possible DAV subscription lifetime is 60 minutes.


You can also specify a heartbeat alert threshold. The server maintains a sliding window of the last 200 heartbeat intervals supplied by clients. If the average from this sample is less than or equal to the alert threshold, there will be a warning in the event log  


“The average of the most recent heartbeat intervals used by clients is less than or equal to x. Please check your firewall settings to ensure that they permit requests to Exchange ActiveSync to live for at least 15 minutes.”


The alert threshold and sample size can be configured through the registry. The settings are HBiSampleSize and HbiAlertThreshold under



Configuring Direct Push on the Server


By default, Direct Push is enabled in Exchange 2003 SP2. However you can enable/disable it in Exchange System Manager. In ESM expand Global Settings, right-click on Mobile Services, Properties and check/uncheck the box for “Enable Direct Push over HTTP(S)”



You can also change this setting on a per-user basis using Active Directory Users and Computers.  In ADU&C, click on the user, Properties, Exchange Features tab, under Mobile Services enable/disable Up-to-Date Notifications. This controls both SMS based AUTD and Direct Push for the user.


Configuring Direct Push on the client


A Direct Push capable device will automatically negotiate the protocol with the server and configure itself to use Direct Push. The sync schedule is set to “As new items arrive”.


Direct Push Initialization


1. Verify that Exchange ActiveSync is loaded and IP-based AUTD is initialized by checking the application log on the FE for events below. Exchange Activesync gets initialized on the first sync attempt.


Event Type: Information

Event Source:     Server ActiveSync

Event Category:   None

Event ID:   3002

Date:       3/19/2006

Time:       12:44:08 PM

User:       N/A

Computer:   1B25A


Microsoft Exchange ActiveSync has been loaded: Process ID: [3048].


Event Type: Information

Event Source:     Server ActiveSync

Event Category:   None

Event ID:   3025

Date:       3/19/2006

Time:       12:44:19 PM

User:       N/A

Computer:   1B25A


IP-based AUTD has been initialized.


2. Verify that the FE is listening on port 2883.


To check if the server is listening on the AUTD port, you can run “netstat -ano”. Here are results before and after IP-based AUTD has initialized.




Proto       Local Address     Foreign Address   State       PID


UDP      *:*                           1928

UDP      *:*                           3356




Proto       Local Address     Foreign Address   State       PID


UDP      *:*                           1928

UDP      *:*                           3048

UDP      *:*                           3356


Netstat provides the Process ID which matches the EAS process per the initialization event in the application log.


Another way to check if the server is listening on the AUTD port is to use PortQry(available on This lists the process that is listening on the port


Process ID: 3048 (w3wp.exe)


PID   Port        Local IP          State            Remote IP:Port

3048  TCP 31479      ESTABLISHED

3048  TCP 31480      ESTABLISHED

3048  UDP 2883                             *:*


Troubleshooting using logs


1. Enable device side logging. The logs are saved in text format in the Windows\ActiveSync folder. PING commands will be logged in “Ping Exchange Server x.txt” where x =1,2,3.  You should see commands similar to the one below.


POST Microsoft-Server-ActiveSync?User=administrator&DeviceId=6F24CAD599A5BF1A690246B8C68FAE8D&DeviceType=PocketPC&Cmd=Ping

MS-ASProtocolVersion: 2.5


The POST command is also logged in the IIS log on the FE.


The Ctrl log on the device can also be used to troubleshoot Direct Push although the format of this file may change with device updates.


2. Check the IIS logs on the BE to see if AUTDState.XML is being created or updated. You should see an entry something similar to the one below.


PUT /exchange/Administrator@1b1domain.lab/NON_IPM_SUBTREE/Microsoft-Server-ActiveSync/PocketPC/6F24CAD599A5BF1A690246B8C68FAE8D/AutdState.xml


Note: The AUTDState.XML is created on receipt of the 1st PING request and is updated only when the heartbeat or folder list changes. So you may not see this command for every Ping request.


AUTD state information is maintained on the mailbox server in the NON_IPM_SUBTREE of each user’s mailbox. 


In IE, you can Choose File, Open, check the box to “Open as Web Folder” and type in



Sample AUTDState.XML


<?xml version=”1.0″ encoding=”utf-8″?>

-<AutdState xmlns=”Ping:”>








  – <Folder>








3.  Check the IIS logs on the BE to see if SUBSCRIBE commands are being issued from the FE to the BE(ie) if DAV subscriptions are being created.


For example, you should see something similar to


SUBSCRIBE /exchange/Administrator@1b1domain.lab/Inbox/


4. You can run a netmon on the FE to see if UDP notifications are being sent over port 2883 from BE to FE.


551 16.781250 LOCAL 000E0C06CAC0 UDP Src Port: Unknown (33660); Dst Port: Unknown (2883); Length = 162 (0xA2) BE FE IP


UDP: Src Port: Unknown (33660); Dst Port: Unknown (2883); Length = 162 (0xA2)

    UDP: Source Port = 0x837C

    UDP: Destination Port = 0x0B43

    UDP: Total length = 162 (0xA2)

    UDP: UDP Checksum = 0xC233

    UDP: Data: Number of data bytes remaining = 154 (0x009A)

00000:  00 0E 0C 06 CA C0 00 D0 B7 24 86 2B 08 00 45 00   ….ÊÀ.з$†+..E.

00010:  00 B6 C8 73 00 00 80 11 07 3A AC 1D 09 71 AC 1D   .¶Ès..?..:¬..q¬.

00020:  08 DE 83 7C 0B 43 00 A2 C2 33 4E 4F 54 49 46 59   .Þƒ|.C.¢Â3NOTIFY

00030:  20 68 74 74 70 75 3A 2F 2F 31 62 32 35 61 2E 31    httpu://1b25a.1

00040:  62 31 64 6F 6D 61 69 6E 2E 6C 61 62 3A 32 38 38   b1domain.lab:288

00050:  33 2F 33 35 33 39 35 63 65 34 2D 31 35 30 34 2D   3/35395ce4-1504-

00060:  34 61 63 34 2D 39 37 32 31 2D 66 31 35 32 63 36   4ac4-9721-f152c6

00070:  34 36 65 61 33 35 20 48 54 54 50 2F 31 2E 31 0D   46ea35 HTTP/1.1.

00080:  0A 53 75 62 73 63 72 69 62 65 2D 67 72 6F 75 70   .Subscribe-group

00090:  3A 20 55 73 50 43 57 77 46 4C 32 30 71 37 44 2B   : UsPCWwFL20q7D+

000A0:  6E 61 76 6F 4D 71 79 41 3D 3D 0D 0A 53 75 62 73   navoMqyA==..Subs

000B0:  63 72 69 70 74 69 6F 6E 2D 69 64 3A 20 32 37 0D   cription-id: 27.

000C0:  0A 0D 0A 00        


Frequently Asked Questions and Answers


1.    Does Direct Push work for folders other than inbox?


Yes, Direct Push is available for mail folders, Contacts, Calendar and Tasks. The list of folders for Direct Push is the same as the list of folders that have been configured for sync.


2.    What devices support Direct Push?


Windows Mobile 5 devices require the Messaging and Security Feature Pack(MSFP) for Direct Push. MSFP is included with AKU2.2. So any Windows Mobile 5 device that has AKU2.2 supports Direct Push.  The AirSync protocol has been licensed to several companies such as Palm, Motorola, Nokia, Symbian, Dataviz and SonyEricsson. Please contact the licensees to see if Direct Push capable devices are available.


3.    Is Direct Push supported over Wi-Fi?


Using Direct Push over Wi-Fi may drain the battery of the device very rapidly. You should contact your OEM/operator to find out if they support Direct Push over Wi-Fi on Windows Mobile devices.
The Exchange ActiveSync protocol has been licensed to several companies such as Palm, Motorola, Nokia, Symbian, Apple, Dataviz, Sony Ericsson and Helio. Please contact the licensees to see if Direct Push capable devices can work over Wi-Fi.


4.    Does Direct Push work with SecurID?


RSA has an update to their agent to allow it to work with Direct Push. RSA Authentication Agent 5.3 for Web for IIS enables you to use Exchange ActiveSync without having to reauthenticate every time ActiveSync is invoked. For more details, please read this and contact RSA.


5.    Does Direct Push have an impact on server performance?


A typical FE services several thousand connections from clients using OWA, OMA, EAS, and RPC/HTTP clients. Based on the testing done by Microsoft IT, the additional connections opened by Direct Push did not require the deployment of any additional FE or BE servers. It also did not require an upgrade of hardware on existing servers.


For more information please refer to the whitepaper titled “Microsoft IT Scalability Experience with Windows Mobile 2003 and Exchange Server 2003 Mobile Messaging” available at


Vanitha Prabhakaran

Comments (65)
  1. Pete Miller says:

    Thanks for explaining the reason why DirectPush doesn’t work over WiFi, but does the sync that happens after the server responds to the cellular Ping with a Status of 2 occur over WiFi if it is available?  If a device is in standby and ActiveSync is set to update every 1 hour it will wake the connection up at that hour and sync over WiFi so will the same occur when the device is set to sync whenever there is an update?

  2. Anonymous says:

    Microsoft&amp;rsquo;s Exchange Blog goes into detail this morning about the WM5/EX03SP2 direct push technology….

  3. Juan Soria says:

    Excellent posting. This explains so much ‘under the hood’ aspects of AUTD and direct push. I will be sharing this with all my colleagues..

  4. Ralf says:

    Hi Vanitha !

    Suppose I have only a BE – lets say a Small Biz Server – and I can see the incoming PING from the Mobile Device (in the IIS Log or in a NETMON) – but apparently the BE Server does not respond – what I have to look for in a single server environment – what has the BE server to do – step by step, that the mobile device gets notified, when a Mail arrives at the backend ? (so I am not looking for the UDP notification to the FE – because my BE is the FE – but for something else.

  5. Mark says:

    I’ve not been very successful getting this to work.  I have a Windows Mobile phone device with the feature pack (iMate JasJar).  With PocketIE I can access I can see this access on our ISA Server from the Windows Mobile device through the correct publishing rule.

    When I try using Active Sync all I get is on the Mobile device "Synchronising Folders" until it times out.  On the ISA Server I see an http connection initiated but then nothing after that until the connection times out.  How else can I troubleshoot the problem?

  6. François van Hemert says:


    great post, very well written, thanks for the in-dept discussion!


  7. Ben Stokes says:

    Nice article, well explained. Now all we need is more AKU2 devices …

  8. Anonymous says:

    As well as taking a look at the posting on Jason Langridges blog I mentioned earlier,&amp;nbsp; I would also…

  9. leelo7 says:

    In the SUBSCRIBE command in the IIS logs on the backend server I get an SC-Status code of 501. However, I can tick all the other boxes so to speak. 2883 is there listening on the FE. autdstate.xml is PUT into the mailbox…

    Also my OMA doesn’t work but I do get manual and scheduled ActiveSyncs. Plus Push kind of works in that it syncs at the end of every heartbeat. So I can remote wipe within 9 minutes. :-) I also can look up online in the GAL

    Any help suggestions would be gratefully appreciated

    Does OMA need to work in order to get push working.

  10. leelo7 says:


    in the crtllog on the wm5 device (windowsactivesync) what does this mean:

    CPingEngine   Ping status = 8

    Thanks in advance


  11. Darth says:

    From what you describe, it isn’t really direct push at all.  The device has to send a heartbeat.

    Unlike RIM devices, which  ARE direct push.

    So I don’t understand why it is incorrectly called "Direct Push".  But then, this is from the same people who said "XP is the most secure windows operating system."

    At any rate, we have had issues with the heartbeat trashing the network stack, so that incoming calls are dropped, requiring constant reboots.

    Wake me when Service Pack 3 is released.

  12. Exchange says:


    A related question: did you have a support case with us regarding your problems with "heartbeat trashing the network stack"? I just want to make sure as – unless issues get brought to our attention and we can analyze them in detail – we might not fix them we might not have heard about it… Thanks!

  13. Vanitha says:


    Sync that is initiated by Direct Push will use GPRS.

  14. Vanitha says:


    In a single server environment you can still look for the SUBSCRIBE command in your IIS logs and also check the device logs.


  15. Vanitha says:


    Exchange ActiveSync and Direct Push do not depend on OMA.  It looks like the SUBSCRIBE command is coming back with a "Not implemented" error. Typically this happens when the request doesn’t get to Exchange. If you have multiple IPs/host headers make sure that the request is getting to the right website/IP.


  16. Claes says:

    First of all, great article!

    Do you know if it’s possible to extract information like when a specific device last issued a PING command, a list of currently active devices, and that sort of things? Is it stored somewhere (except for the IIS logs?)

  17. churchill says:

    Well It works perfect here FE, BE configuration. I do not really like people who always have something bad to say about M$. Their problem with the network being torn down could be anything.

    I have one Question though, concerning the Heartbeat:(actually two)

    1. How do I enable the device side logging? (WM 5)

    2. I have played with the heartbit interval and Have made the following registry adjustments:

    MinHeartbeatInterval – 60

    MaxHeartbeatInterval – 2700

    HbiSampleSize        – 200

    HbiAlertThreshold    – 1800

    Now when I startup the directpush on my device after the first sync the entry in the AutdState.xml for <HeartbeatInterval> is 480. then after some time aprox 10 minutes the entry has changed to 780 and then approx 15 minutes later to 1080. Then I have reset my device (soft reset) and when the machien made the initial connection the entry in the AutdState.xml for <HeartbeatInterval> is again 480. What I am looking for is increasing the heartbeat interval to save the battery life and to save on the data traffic, but I am not sure I am doing it right. As you can see from my reg entries I would like to have the heartbeat interval at 1800 which is 30 minutes. The reg entries I have changed on the FE server the BE server does not have those entries at all. PLease let me know what I am doing wrong…

  18. Dennis says:

    Any idea when the much-vaunted Treo 700w will get MSFP?

  19. thaumaturgan says:

    looks like later this month for the Treo 700w.

  20. Darth says:

    No, we did not open a support case.  We had 5 test devices, and sent them all back to the vendor as unacceptable.  We don’t have the time or patience to be a "beta testers" for MS products.  If they are not ready for prime time, they should not ship, but obviously the product managers think that shoddy software does something to enhance the reputation of the company.

  21. sonicdeth says:

    Anyone know how the AKU2 update effects battery life?  Will employing direct push over the current method increase battery life?  (given a fairly conservative session timeout interval like 30 minutes).


  22. DCSDave says:


      As long as software and hardware are MFD by imperfect beings just like yourself there are always going to be issues to be worked through.  If you have the time to join this blog you have the time to send MS your input.  Just remember though objective thinking is how problems are resolved.  Besides you could always start your own company and market this kind of connectivity for Linux.  Either way good luck in whatever venture you choose.

  23. leelo7 says:

    Further to the 501 error I get both on the FE e2k3 box and 501 in the IIS logs on the backend.

    On the backend I have two websites an OWA Virtual and the default. The ExchangeVDir reg setting is in place on the frontend to point it two a different virtual directory that lives under the OWA Virtual in this case.

    So there is the background in brief but my question is if AS works manually and scheduled without any problems why would the push/subscribe fail?

    Thanks again


  24. Anonymous says:

    &quot;The&quot; weekly list, this time on schedule.

    Microsoft Exchange Server Profile Analyzer Web Release 2.5…

  25. leelo7 says:

    I did it! I added a blank host header entry to the OWA Virtual Directory. Previously there was one entry that required connections to come from the external URL "mailgate.blah.tld"

    What I think is happening is that the SUBSCRIBE command is a new connection that is established from the Front-end server to the back-end server on behalf of the client. Because I only had a single entry on the VDir that expected the source to come from the public URL the SUBSCRIBE command was failing (501 not implemented) The blank host header allowed the front end server to establish a connection and thus allowed the SUBSCRIBE command to succeed.

    Push now works!

    Thanks for all help/assistance.

    Hope this might help others to. Please read all comments by me to get a full picture of the problem I was having.

  26. Clark says:

    Re "Unlike RIM devices, which  ARE direct push. "  RIM is actually a pull/push architecture.  The BES server uses MAPI to contstantly poll the Exchange server looking to pull new messages.  Not only is this pull, not push, it creates additional overhead on the Exchnage servers (see RIMs server overhead tech note at:

  27. Marc Chénard says:

    Can you expand on "However it is highly recommended that SP2 be installed on all Exchange Front End and back end servers."?

    We have an issue with deploying SP2 on our Backend server, and are currently wokring with PSS on a work around or a DCR, in either case it will probably not ne resolved for 5-6 months.  So we plan on deploying SP2 to the Front End server soon and finish the deployement once the issue is resolved on for the Back End.

  28. Vanitha says:


    You can parse the IIS logs to get Direct Push usage information. You can check out the blog on EAS reporting here.



  29. Vanitha says:


    To enable device logging, goto ActiveSync, Menu, Configure Server, Next, Advanced and turn up Event logging to Verbose. The logs will be saved in the WindowsActiveSync folder.

    The device will dynamically converge to the highest heartbeat interval for your network topology. If the average heartbeat interval is below the threshold you will see Event 3033 in your application log. It basically tells you to check your firewall timeout settings.


  30. Vanitha says:


    A heartbeat interval around 30 mins should provide you good battery life. With scheduled sync, you would sync regardless of whether there are new items. You avoid a lot of those empty syncs with direct push. But if you get tons of email you are going to be syncing a lot. So it really depends on your usage.


  31. Vanitha says:

    Leigh, glad to know that you got Direct Push working.

  32. Vanitha says:


    For Direct Push, we only require that the FE be upgraded to SP2. It is a general recommendation to upgrade both FE and BE. In your case, you should be able to use Direct Push by just upgrading the FE. You can upgrade the BE once your deployment issue gets sorted out.


  33. emckenna says:


    I’m still a bit confused. If the Direct Push technology uses an active sync Ping/Heathbeat to poll the Exchange server, dose this mean the Mobile device will have to maintain a constant GPRS connection onto the carriers network.  Could this not possibly lead to higher GPRS costs.  

    Maybe the new phones are different but I was always under the opinion that you could not receive/make  voice calls once a GPRS call is establised.

    The AUTD feature sounds like a better solution as a GPRS call is only established and maintain when a SMS message is received. Then the GPRS connection is torn down.


  34. Hi Vanitha,

    Great detail, thanks for this as it confirms for me how things work. If anyone is interested in getting this working with Client Authentication via Certificates and ISA 2006 OR get it working with a Checkpoint Firewall you might want to review my notes here –



  35. alex says:

    " From what you describe, it isn’t really direct push at all.  The device has to send a heartbeat.

    Unlike RIM devices, which  ARE direct push.

    So I don’t understand why it is incorrectly called "Direct Push". "

    How is this not "true push"??  The heartbeat thing only serves to keep the data connection from timing out, correct?  When a new mail arrives, it immediately pushes it down the pipe to the device.  From my experience it’s every bit as fast as RIM.  

  36. Anonymous says:

    Vanitha Prabhakaran, parte del equipo que desarrolla Exchange en Microsoft acaba de publicar una excelente nota t&#233;cnica sobre Push Mail con servers Exchange para m&#243;viles. Una lectura recomendada para todo aquel que le interese saber como trabaja

  37. Anonymous says:

    &amp;nbsp;&amp;nbsp;Here’s TMM 138 – TMM back in all its glory.. :)&amp;nbsp;

    Software / Hardware&amp;nbsp;…

  38. Jack says:

    "MSFP is included with AKU2.2."

    But I have seen AKU 2.0.0 updates that inlcudes MSFT. Why do you say AKU 2.2?

  39. kgs says:

    1) If I get a user switch on logging on the client (i.e. in verbose mode) is there any way of retrieving/viewing those logs from a central point (without third party software, bringing the devices in or cradling them?).

    2) Any way to switch on notifications for emails that arrive in subfolders?

    3) Any way to stop users setting a ‘hint’ for their password that gives away what the password is?

    4)I can kind of understand why you are saying push doesn’t work over WiFi (although I’m not convinced this wasn’t just to keep operators happy :-) ) but why won’t it work over cradle though? Is it because it relies on UDP?

    Thanks in advance for your answers.

  40. churchill says:


    Thanx I have turned it on the device…

    now I also see that there is an entry in that log that saysKeepAwake  Off

    what does that mean ??

  41. BillC3 says:

    Excellent paper Vanitha. and i have a small set of 8 MSFP devices working perfectly on palm 700s.

    My users are seeing a high number of junkmail items getting pushed to their device. this has to be on the exchange side. got any ideas?

  42. Doug says:

    This is a great article. I’m pretty new to this, but I’m not having any luck with a 700w. It seems to be working, but the direct push happens at random, sometimes 30 minutes later. When it does connect, it will download the new message, then reconnect and say downloading email 0/1. Then disconnect, and redo that three times. Then it gives up. What on earth could cause that??

    Thanks in advance,


  43. Chris says:


    Thanks for the great article.  One question, if we already have OWA implmented using a certificate (, do we piggyback direct push (the Microsoft-Server-ActiveSync virtual directory) on top of the OWA cert?  Or is there a way of implementing separate certs (one for OWA and one for DirectPush)?

    Can get the former to work, but not the latter…

  44. james says:

    Is there a scalability doc for Exchange 2003 SP2/Windows Mobile 5 AKU2.2? Pointing to this out of date Exchange 2003/Windows Mobile 2003 is like saying an apple is an orange, constant and persistent connections versus the infrequent and short lived connections of the past version tells a customer nothing of the impact on their production environment.

    As for the comment about Blackberry being a pull/push architecture, that’s total bunk. The Exchange BES uses MAPI notifications find out about changes but does a backup poll on a less frequent basis since MAPI notifications aren’t 100% reliable.

  45. David Searles says:

    Hello, thanks for the indepth article, its a big help. However, I seem to be having some problems when I get to Exchange ActivSync working… I get the following error?


    Your account in Microsoft Exchange Server does not have permission to syncronise with your current settings. Contact your Exchnage Server administrator

    Support code: 0x85010004

    Any ideas?

    Thanks in advance.

  46. ML49448 says:


    Do you have Direct push enabled and the "User initiated Sync" enabled for your account?

  47. paul says:

    Does anyone know of a way to revert a WM5 device to use the AUTD via SMTP/SMS instead of the direct push. I cannot have the server changed since I am on a hosted exchange server. I need to find a client side way to cause my WM5 PPC phone to utilize the older (WM2003se) version of Exchange Activesync versus the direct push version. This is due to being in a fringe 1X/EVDO area. (During direct push in a 1X area all phone calls goto voicemail).

  48. Kds157 says:

    I have confirmed the events listed in the Direct Push Initilization section of this article. I have a single Exchange 2k3 SP2 server with a virtual directory set up specifically for OMA per MS article 817379 using method #2 mentioned in it. We a have a pilot user who has a Treo 700W with the latest firmware (1.10) from Palm, the latest Activesync software, and version 5.1.195 (Build 14929.2.2.1) of the Windows Mobile OS.

    The user receives emails only when his Treo syncs with the server at specified intervals (currently about every 10 minutes). He fails to receive new emails as soon as they arrive at the server. It appears that for some reason the server never sends the notification to the Treo to sync with it immediately upon email arrival. What steps can I take to determine the point of failure? Or, if someone knows the cause and the cure, please let me know.


  49. Anonymous says:





    Are Smart Cards the New Way of Life? – Solving the…

  50. Anonymous says:





    Are Smart Cards the New Way of Life? – Solving the…

  51. Anonymous says:

    I was asked several times at the roadshow the other day about how to get direct push mails down to your…

  52. Anonymous says:

    PingBack from

  53. Mark says:

    Thank you for your artical, it clarified a few things (WiFi), but we got this all working anyway on our O2 XDA exec’s no problem. We’ve been waiting for this feature,  it seems that Microsoft have now consumed the niche that RIM held and have a broad platform with significant momentum to bring many benifits.

  54. Mark says:

    Thank you for your artical, it clarified a few things (WiFi), but we got this all working anyway on our O2 XDA exec’s no problem. We’ve been waiting for this feature,  it seems that Microsoft have now consumed the niche that RIM held and have a broad platform with significant momentum to bring many benifits.

  55. Chowdari says:

    When we create a Mailbox for a New User ActiveSync (User Initiated Sync) is Enabled by Default ? Is there a way where we can Disable this by default and enable on a per user basis to control which users can user ActiveSync

  56. Johan says:

    Great stuff this article.

    Only one questions which i read before but didn’t saw an answer.

    Does the Direct Push leads to higher costs?

    Based on a average updates what are the addiotional costs using the feature?

    I decided not to us my pull-email option via GPRS anymore because i had a signifcant increase in my monthly telephone costs.

    Thanks for any reply!

    Grz. Johan

  57. Venkat says:

    We are planning to give WM5.0 powered divices with latest ROM update (with MSFP) to our sales staff, but have a question.

    When we send an email from the PDA, does the push email sends sent mail to the server ?

    Does the send mail show up in send items folder in our Outlook mail on our desktop even though it is sent from the PDA ?



  58. Sebhelyesfarku says:

    “it seems that Microsoft have now consumed the niche that RIM held and have a broad platform with significant momentum to bring many benifits”

    Microsoft hasn’t consumed anything.

    EDIT: The above comment was edited; please no calling names on this blog, let’s keep it cool. Nino.

  59. Athos says:

    Comment regarding port 2883. Should  registry value UDPListenPort under HKLMSYSTEMCurrentControlSetServicesMasSyncParameters be there or must I add this value. Do I have to add the value must it be a DWORD value and must the value be set to 1 or 2883.

    When I use regedit on my FE there are no values under  registry value UDPListenPort under HKLMSYSTEMCurrentControlSetServicesMasSyncParameters. Is that normal ?

  60. Alasdair says:

    Great article! But can anyone help me with this… Have an O2 XDA mini, certificates are all installed and I can manually make a connection to sync with my Exchange server (sp2) via GPRS. The mobile device has in Activesync "sync during: As items arrive".

    However is there a way to monitor what is initiating the connection?

    I’m not convinced the push is working… i.e. I sent an email to my mailbox from an external webmail account, 3 minutes later my device made a gprs connection and retreived he email. I then de-activated my gprs connection and waited… basically every 3 minutes the xda connects via gprs wether or not there is any new mail in my work mailbox. So push can’t be doing its thing… can it? Any help on what else I can check would be very welcome! Alasdair.

  61. Anonymous says:

    I just read news of an 11-hour outage in RIM’s Blackberry infrastructure on ZDNet – ouch. Not only did

  62. Josh says:

    I am having an issue with this working on a 2003 R2 SBS. Everything seems to be setup correctly, but no one in the company can sync. I’ve went through all of these troubleshooting steps (which were very helpful) and haven’t come up with anything. One thing I have noticed is that I can’t access the AutdState (or Autd-State).xml file from the server.

    I have had one successful activesync documented and the IIS logs showed the GET requests at the documented time, but why this one time, and not all of the time. The IIS logs had the successful GET commands in this format: GET /exchange-oma/user/-FlatUrlSpace-/

    All devices say that they are sychronized, but receive no data. They connect and go through the motions of ActiveSync, but the devices do not update with the data. Any ideas?

Comments are closed.