• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

ActiveSync and Exchange 2010

I am migrating from Exchange 2003 to Exchange 2010 and cannot get active sync to work on any users mailboxes that are transferred to the 2010 server.

I have read some techdocs related to the issue about permissions:
http://technet.microsoft.com/en-us/magazine/2009.09.sdadminholder.aspx but do not seem to fix the issue.

I changed the permissions for inheritance and this does not seem to be the problem as I have tested a standard account as well as high level privileged accounts.

I have done a comprehensive test with a standard domain user account. I tested it while it was on the Exchange 2003 server and it sync's fine with a phone. I transfer it to 2010 Exchange and it will not complete account set up. I then TRANSFER it back to the 2003 exchange server and I can complete the exchange account setup on the phone but it does not pull down any email...but willn send an email.

Activesync seems to be enabled on 2010 server, no event viewer errors.

1 Solution
Em ManCommented:
have you try using this tool to troubleshoot the issue?


Please post back the output of these commands
Run this from Exch Shell

get-clientaccessserver | fl
get-autodiscovervirtualdirectory | fl
get-activesyncvirtualdirectory | fl
get-webservicesvirtualdirectory | fl

If Adminsdholder folder doesnt have inheritance permission disabled users on whom u r enabling it it will be disable after some time. for this you have to enable it on adminsdholder and then on users. for more info check this article



try to browse MicrosoftactiveSync virtual directory on e2k10 server and make sure you are getting 501/505 error

If you are getting 500 then its the issue

Authentication On Microsoft-Server-ActiveSync virtual directory in IIS
 Basic  Required
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
Is 2003 still handling ActiveSync traffic?

Has the authentication been amended to include Integrated Authentication? If not, integrated authentication on the Microsoft-ActiveSync-Server vdir should be set.

Check http://blogs.msexchange.org/walther/2011/05/14/exchange-20032010-activesync-coexistence-lesson-learned/
sydlegAuthor Commented:
There were a number of helpful posts here but the main thing that fixed this issue was changing the advanced permissions on the AdminSDholder directory in SYSTEM in AD. The complete solution is listed below.

1.      Set the Microsoft-Server-Activesync authentication as basic on the CAS server.
2.      SSL enabled on Microsoft-Server-Activesync with Ignore Client certificate.
3.      Removed the redirection on HTTP Redirect on Microsoft-Server-Activesync.
4.      Enabled the Allow Inherit permissions in ADminSDHolder under ActiveDirectory Users & Computers-┬┐System.
5.      Allow inherit permissions enabled for Activesync users in ActiveDirectory Users & Computers.
6.      Set the correct External & Internal URL for Exchange Activesync in Exchange Management console.
7.      Did iisreset.
8.      Reset the Microsoft-Server-Activesync Virtual directory in Exchange Management console.
9.      Reset the Samsung mobile device to default factory settings.
10.      Activesync issue resolved.
sydlegAuthor Commented:
My answer was solved by a Microsoft technical request.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now