ActiveSync and Exchange 2010

Posted on 2011-10-18
Last Modified: 2012-05-12
I am migrating from Exchange 2003 to Exchange 2010 and cannot get active sync to work on any users mailboxes that are transferred to the 2010 server.

I have read some techdocs related to the issue about permissions: but do not seem to fix the issue.

I changed the permissions for inheritance and this does not seem to be the problem as I have tested a standard account as well as high level privileged accounts.

I have done a comprehensive test with a standard domain user account. I tested it while it was on the Exchange 2003 server and it sync's fine with a phone. I transfer it to 2010 Exchange and it will not complete account set up. I then TRANSFER it back to the 2003 exchange server and I can complete the exchange account setup on the phone but it does not pull down any email...but willn send an email.

Activesync seems to be enabled on 2010 server, no event viewer errors.

Question by:sydleg
    LVL 6

    Expert Comment

    by:Em Man
    have you try using this tool to troubleshoot the issue?

    LVL 28

    Expert Comment

    Please post back the output of these commands
    Run this from Exch Shell

    get-clientaccessserver | fl
    get-autodiscovervirtualdirectory | fl
    get-activesyncvirtualdirectory | fl
    get-webservicesvirtualdirectory | fl

    LVL 6

    Expert Comment

    If Adminsdholder folder doesnt have inheritance permission disabled users on whom u r enabling it it will be disable after some time. for this you have to enable it on adminsdholder and then on users. for more info check this article

    try to browse MicrosoftactiveSync virtual directory on e2k10 server and make sure you are getting 501/505 error

    If you are getting 500 then its the issue

    Authentication On Microsoft-Server-ActiveSync virtual directory in IIS
     Basic  Required
    LVL 24

    Expert Comment

    Is 2003 still handling ActiveSync traffic?

    Has the authentication been amended to include Integrated Authentication? If not, integrated authentication on the Microsoft-ActiveSync-Server vdir should be set.


    Accepted Solution

    There were a number of helpful posts here but the main thing that fixed this issue was changing the advanced permissions on the AdminSDholder directory in SYSTEM in AD. The complete solution is listed below.

    1.      Set the Microsoft-Server-Activesync authentication as basic on the CAS server.
    2.      SSL enabled on Microsoft-Server-Activesync with Ignore Client certificate.
    3.      Removed the redirection on HTTP Redirect on Microsoft-Server-Activesync.
    4.      Enabled the Allow Inherit permissions in ADminSDHolder under ActiveDirectory Users & Computers-¿System.
    5.      Allow inherit permissions enabled for Activesync users in ActiveDirectory Users & Computers.
    6.      Set the correct External & Internal URL for Exchange Activesync in Exchange Management console.
    7.      Did iisreset.
    8.      Reset the Microsoft-Server-Activesync Virtual directory in Exchange Management console.
    9.      Reset the Samsung mobile device to default factory settings.
    10.      Activesync issue resolved.

    Author Closing Comment

    My answer was solved by a Microsoft technical request.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Find out how to use dynamic social media in email signatures with this top 10 DOs & DON’Ts.
    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now