<div>
<div class="content wysiwyg-content">
Hello,<br />
I'm rolling out exchange 2010 currently into my server 2008 AD environment (we're in coexistence with 2003 currently). &nbsp;So far everything is going well, and I am working on getting activesync to work properly. <br />
<br />
So, after I moved my mailbox to the new server, I was unable to get emails and calendar sync to my phone (Droid X) using the native app. &nbsp;Touchdown (3rd party paid app) works. &nbsp;So after doing a bit of digging, I found that if I open the ADSI snap-in, open the properties to my AD account, go to security and advanced, the &quot;Allow Inheritable permissions from this objects parent object&quot; box is unchecked. &nbsp;Once I checked this, Viola! &nbsp;mail and calendar begin to sync on my phone.<br />
<br />
So, the actual question, is there any type of script that could be done to do this across the organization? &nbsp;I have over 450 users, a good 100 of which will need access to active sync. &nbsp;I'd rather not have to go about doing this manually (although running a script on my entire AD does seem a bit scary)....<br />
<br />
Any thoughts?<br />
JJ
</div>
</div>


Hello,
I'm rolling out exchange 2010 currently into my server 2008 AD environment (we're in coexistence with 2003 currently).  So far everything is going well, and I am working on getting activesync to work properly. 

So, after I moved my mailbox to the new server, I was unable to get emails and calendar sync to my phone (Droid X) using the native app.  Touchdown (3rd party paid app) works.  So after doing a bit of digging, I found that if I open the ADSI snap-in, open the properties to my AD account, go to security and advanced, the "Allow Inheritable permissions from this objects parent object" box is unchecked.  Once I checked this, Viola!  mail and calendar begin to sync on my phone.

So, the actual question, is there any type of script that could be done to do this across the organization?  I have over 450 users, a good 100 of which will need access to active sync.  I'd rather not have to go about doing this manually (although running a script on my entire AD does seem a bit scary)....

Any thoughts?
JJ

Active Directory 2008 - Allow Inheritable permissions from this objects parent object.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.