Synchronization failed due to an error on the server. Try again.
- OR -
An authentication error occurred connecting to the server.
- OR -
You changed the IP address of the Exchange Server
Verify that the HTTP server is available and try again. May require user to de-select sync items (Inbox, Contacts, Calendar, Tasks) and re-select them to reset the sync key.
1. Windows Integrated Authentication is not enabled on the Exchange virtual directory on the Exchange server. The Server ActiveSync component uses Kerberos authentication when communicating with the Exchange server.
2. Windows Integrated Authentication is enabled on the Exchange virtual directory on the Exchange server, but Kerberos is disabled via the IIS metabase.
3. Kerberos is enabled, but IIS may return HTTP Status 401 every 30 Days when using Kerberos on Windows 2000.
4. Sync is attempted while the mailbox is being moved.
5. User attempting sync is a member of more than 200 groups.
6. The Left Hand Side(LHS) and Right Hand Side(RHS) of the user’s primary SMTP address are both different from the SMTP address based on the default recipient policy. (Fixed with Exchange 2003 Service Pack2)
7. The Exchange virtual directory on the Exchange Server is configured to require Secure Sockets Layer (SSL). Server ActiveSync communicates with the Exchange Server over port 80.
8. Windows SharePoint® has been installed on the Exchange server
9. The user composes e-mail on the device and attempts a sync when mailbox limits have been reached on the Exchange server.
10. Anonymous authentication is enabled on the Microsoft-Server-ActiveSync virtual directory on the server.
11. IIS Default Web Sites\Exchange-Oma virtual server retained the previous IP address in the Directory Security \ IP Address and domain name restrictions.
1. Enable Integrated Windows Authentication on the Exchange virtual root
2. Re-enable Kerberos on the Exchange server by following the instructions in the KB Article 215383. HOW TO: Configure IIS to Support Both Kerberos and NTLM Authentication. Link:
5. Reduce the group membership or obtain the QFE fix by calling Microsoft Product Support Services.
6. Add a registry key. Use Regedt32 and locate HKLM\System\CurrentControlSet\Services\MasSync\Parameters. Under the Parameters key create a Reg_SZ value called SMTPProxy. Set the value to the domain defined by the default recipient policy. For example, Microsoft.com.
Restart the IIS Admin service. If you are using a front-end/back-end configuration this registry key needs to be added on the front-end server.
7. To configure the Exchange virtual directory to not require SSL
8. Configure Windows SharePoint to use Kerberos authentication by following the steps in KB 832769 HOW TO: Configure Windows SharePoint Services to Use Kerberos Authentication. Link:
9. Try to delete items in your mailbox to bring it within limits or contact your Exchange administrator to change the limits on your mailbox.
10. Uncheck anonymous authentication on the Microsoft-Server-ActiveSync virtual directory on the server. Basic authentication should be enabled.
11. See KB 817379: Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003 if you are using SSL or forms-based authentication. Link:
12. Change the IIS Default Web Sites\Exchange-Oma virtual server IP address to deny all except the server's new IP address.