adembo
asked on
Members of child domain cannot use activesync after migration to exchange 2010 sp1
I have successfully migrated all my users from exchange 2007 to exchange 2010. All my users in domain.local are syncing fine with all types of phones. Android/iphone/windows7/IP AD.
I have several users who are in a child domain of domain.local who I had issues with migrating. I found out it was that there was not the appropriate permissions being inherited in the child domain from the parent domain. So i overcame that by granting the exchange servers security group on each of their accounts full control, which then allowed the mailboxes to be moved. Everything is working, except the syncing of phones for them. This is what I get in the event log:
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync .AirSyncPe rmanentExc eption
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevic es,CN=John Doe,OU=Project Management,OU=Domain South,DC=south,DC=domain,D C=local.
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse:
This request does not contain a WBXML response.
Exception stack trace: at Microsoft.Exchange.AirSync .ADDeviceM anager.Set ActiveSync DeviceCont ainerPermi ssions(Act iveSyncDev ices container)
at Microsoft.Exchange.AirSync .ADDeviceM anager.Cre ateActiveS yncDeviceC ontainer(B oolean retryIfFailed)
at Microsoft.Exchange.AirSync .ADDeviceM anager.Cre ateActiveS yncDevice( GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
at Microsoft.Exchange.AirSync .Command.U pdateADDev ice(Global Info globalInfo)
at Microsoft.Exchange.AirSync .Command.C ompleteDev iceAccessP rocessing( )
at Microsoft.Exchange.AirSync .Command.W orkerThrea d()
--- Exception end ---.
Any help would be appreciated. I have the latest rollup 6 for exchange 2010 sp1 installed as well.
The users accounts in the child domain do have the inherit permission box selected on their accounts, which was a common theme upon searching through forums for that error.
I have several users who are in a child domain of domain.local who I had issues with migrating. I found out it was that there was not the appropriate permissions being inherited in the child domain from the parent domain. So i overcame that by granting the exchange servers security group on each of their accounts full control, which then allowed the mailboxes to be moved. Everything is working, except the syncing of phones for them. This is what I get in the event log:
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevic
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse:
This request does not contain a WBXML response.
Exception stack trace: at Microsoft.Exchange.AirSync
at Microsoft.Exchange.AirSync
at Microsoft.Exchange.AirSync
at Microsoft.Exchange.AirSync
at Microsoft.Exchange.AirSync
at Microsoft.Exchange.AirSync
--- Exception end ---.
Any help would be appreciated. I have the latest rollup 6 for exchange 2010 sp1 installed as well.
The users accounts in the child domain do have the inherit permission box selected on their accounts, which was a common theme upon searching through forums for that error.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
or setup.com /pad
Eventhough inherit permission is ticked it's still a permission issue. You can compare both users permission. One of OKuser and the other NotOKuser with :
[PS] C:\>Get-ADPermission -Identity NotOKuser |ft -AutoSize -Wrap