I'm about to pull my hair out on this one. :)
A user changed their Active Directory password, which is no big deal usually. Her iPhone asked for the new password when they tried to sync, she entered the new password, did not work. We reset the AD password to something simple for testing purposes, still did not work. We also tried on her device:
Remove and re-add the Exchange account
Restart the phone
Cleared network settings
Tried other accounts and they are able to be set up
The user is able to log into OWA. This is the only user this is happening for, all other iPhone users are working fine. On my own iPhone I've tried to add her account with no success, but I was able to remove and re-add my own account and add a test account just fine.
Inheritable permissions are enabled on her AD user object. Account is not locked or disabled.
I've tried recycling the app pools on both CAS servers, which are set up in a CAS array. The problem occurs when trying to set up the account over any connection. I'm at a loss as to what to check next as it appears to be her user account. She is middle management and I don't want to delete and recreate the mailbox or user account when everything else is working perfectly fine for her.
Environment is Exchange 2010, latest service packs, AD forest and domain levels are 2008 R2. Exchange RCA reports no problems, SSL is enabled, and I have a trusted 3rd party cert installed (Network Solutions) which is not expired or revoked.
EDIT: Message is the very specific "unable to verify account information" message.
EDIT: User is not in any kind of administrative or protected group outside of local workstation admin.