85010001 Error Trying to Sync with WM5.0 Device/ActiveSync4.1/ISA2004

  • Article

Well, this is a new one. Pull out ERR and look up 85010001 ! The configuration was SBS2003 Premium with ISA2004 installed and a Treo 700 with ActiveSync 4.1 on 2 separate Windows XP Pro laptops. It was an "upgrade" from ISA2000 to ISA2004. The Treo 700 sync'ed perfectly over the air. Only in the cradle did it have a problem.

Here were the symptoms:

 

1. Trying to sync with the Firewall Client enabled, it hangs at connecting or synchronizing...most of the time it popped up with an error "85010001 you do not have permissions to sync with your current settings...".

2. Disable the Firewall Client and it sync'ed.

3. We noticed some flaky behavior when we swapped the device between using SSL and not using SSL.

4. A PocketPC2003 device with ActiveSync 3.8 worked perfectly on another computer.

4. Trying the same device on another computer (laptop) gave almost the exact symptoms.

5. One laptop had the ISA2000 Firewall Client, the other had the ISA2004 Firewall Client.

6. We noticed a bit different behavior between the laptop with the ISA2000 client and the one with the ISA2004 client.

Ok, so what's up with that!! What's busted? Is it the laptop(s)? One of the laptops had a wireless connection, a wired connection and BlueTooth! Was it networking? Was it ActiveSync? Was it the server? Was it the certificate? Well, I started working on the assumption that the server was fine due to another device sync'ing fine through ActiveSync (ActiveSync 3.8) and both devices sync'ed perfectly "over the air". I took a quick look at ISA's logging features and didn't notice anything too out of the ordinary. I did not spend too much time in Monitoring, just looking for "denied" at this point. The device appeared to have the correct certificate installed.

 

I did some research and found out that ActiveSync 4.1 makes "special" networking calls that the ISA2000/ISA2004 Firewall Client(s) don't respond well to.

 

We ended up setting up exceptions in the Firewall Client settings on the SBS box. Here is what we set:

1. WCESCOMM - Disabled - 0

2. WCESMGR - Disabled - 0

3. REPIMGR - Disabled - 0

 

These can be defined in ISA2004->Servername->Configuration->General->Define Firewall Client Settings->Application Settings->New. After defining the above, we rebooted the clients to get the new Firewall Client settings pushed to the client. We still have an ongoing issue with the laptop's going "offline" (they have offline folders configured) whenever the device sync's while in the cradle.

 

Stay tuned for the solution to that one!

Petergal