Did a mailbox move for a mailbox from Exchange 2007 to Exchange 2010.
Mobile device did not sync properly after making a connection to the ActiveSync url, but OWA in browser could connect fine.
The fix was, I think: Checking the "Include inheritable permissions from this object's parent" for the AD account's properties belonging to the mailbox, under Security tab > Advanced in Active Directory on the user object (with advanced settings view enabled).
Why is this checked necessary? Does it interfere with AD?
Surely MS doesn't expect to check this after a 1000+ user migration, right?
Is there a better way to handle this?