Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.
Category published:  Exchange 2010 Exchange 2013 Exchange 2016 Microsoft Exchange   Click on the Category button to get more articles regarding that product.

Exchange 2013/2016 EAS Activeync (MDM, mobile) stops syncing. Event 2002, limit max, Targetbackend, will be rejected

Posted by admin on 31.08.2022

Problem: Exchange 2013/2016 Activeync MDM Handy stops syncing, Event 2002, limit max, Targetbackend, will be rejected

In generall this could be a EAS Activesync device running mad or a user using functions like Time to leave on iPhone (See link at end of document here)

It’s rather important we find what causes the effect inseatd up just turning up some value. It could also be an attack from outside if you have Outlook Anywhere on WAN open or Activesync open and no reverse Proxy like KEMP or Sophos in front of it. (Don’t ask M365 has a Reverse so do it too….)

Search for Event 2002 in Application.

Source: MSExchange Front End HTTP Proxy

EventID: 2002

General: [Eas] The number of outstanding requests for guard TargetBackend(“hostex13.brooks.cz“) has exceeded the max limit 5000. Current request will be rejected.

From when on did it happen for further analyse:

Search in Logfiles backwards to see when it happend (Last EAS Activesync Sync was done)

Search for text:

“/Microsoft-Server-ActiveSync/default.eas”

In Directory:

C:\inetpub\logs\LogFiles\W3SVC1

C:\inetpub\logs\LogFiles\W3SVC2

Find the last logfile/event and normaly calculate your timezone shift to the time in IIS Date/Time.

09:30 UTC (Logfiles)

09:30 UTC + 2H > 11:30 Local Time Switzerland as example. Give this info to firewall team if you have activesync open from external.

 

Resolution:

Depending on where this was logged we have to change two parameter hard coded in web.config files. Please first make a backup of the web.config file.

An Cumulative Update may reset this setting worst case so document.

Add or change:

<add key=”HttpProxy.ConcurrencyGuards.TargetBackendLimit” value=”9000″ />

In Directory:

D:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\sync

D:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc

In File:

web.config

under

<appsettings>

Add or change the value

<add key=”HttpProxy.ConcurrencyGuards.TargetBackendLimit” value=”5000″ />

Or (If it’s not enough like with MAD/technical activesync users 150+ devices)

<add key=”HttpProxy.ConcurrencyGuards.TargetBackendLimit” value=”9000″ />

 

Restart/Recycle follwing APP Pools in IIS Managger.

Check the IIS Logfiles again, yes works again, solved.

 

References for the absolut crap Apple iPhone function which kills your exchange:

Time to Leave causing unexpected meeting … – Apple Community

https://discussions.apple.com/thread/7905692

 


 Category published:  Exchange 2010 Exchange 2013 Exchange 2016 Microsoft Exchange   Click on the Category button to get more articles regarding that product.

Related Post

13.06.2024 False-Postive with ENS 10.7, AMCORE 5554 on Windows Defender AM_Delta_Patch Server 2019 German

16.07.2024, Office 365 / M365 EX814289 shared calendar not working

Microsoft Exchange Server SE (Subscription Edition) ab Herbst 2025

Template theme: Newsup by Themeansar (External Link, you will leave www.butsch.ch).