If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.
Exchange 2010. 403 error. activesync not working for some users.
Hello Experts
We have some mobile users that has trouble connecting to exchange via activesync.
When using exchange analyzer and activesync tester i get the error 403 from both of them, saying access denied.
I used to fix this problem by enabling inherit in AD. But now it doesn't work.
I have enabled "Basic authentication" on the IIS side for active-sync folder.
Active sync policies from exchange have "allow non-provisible devices" enabled.
I am suspecting it could be an AD issue, since this user had a working activesync previously. no membership or permissions has been changed.
We have some mobile users that has trouble connecting to exchange via activesync.
When using exchange analyzer and activesync tester i get the error 403 from both of them, saying access denied.
I used to fix this problem by enabling inherit in AD. But now it doesn't work.
I have enabled "Basic authentication" on the IIS side for active-sync folder.
Active sync policies from exchange have "allow non-provisible devices" enabled.
I am suspecting it could be an AD issue, since this user had a working activesync previously. no membership or permissions has been changed.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Here are my notes on troubleshooting ActiveSync. Do this for your troubled users.
ActiveSync Mailbox Logging
Open Exchange management shell on any Exchange server. Run cmd below,
Set-CASMailbox aliasofUser -ActiveSyncDebugLogging:$t
To retrieve logs.
Get-ActiveSyncDeviceStatis
Set-CASMailbox aliasofUser -ActiveSyncDebugLogging:$f
http://blogs.technet.com/b/jasonsla/archive/2013/03/19/exchange-activesync-mailbox-logging.aspx
1) Delete the email account from the device. (Remove the profile)
2) Find out what ActiveSync devices are associated with a user’s mailbox:
Get-ActiveSyncDevice -Mailbox "Redmond\TonySmith"
3) Remove the device in question from ActiveSync:
Remove-ActiveSyncDevice -Identity iPhone_TonySmith -Confirm $true
4) Enable ActiveSync logging for the user’s mailbox:
Run the following command on the server where the user’s mailbox is located “Set-CASMailbox alias -ActiveSyncDebugLogging:$t
5) Re-add the device
6) Allow syncing to commence and complete
7) Dump the captured log file to an email address:
Get-ActiveSyncDeviceStatis
ActiveSync Mailbox Logging
Open Exchange management shell on any Exchange server. Run cmd below,
Set-CASMailbox aliasofUser -ActiveSyncDebugLogging:$t
To retrieve logs.
Get-ActiveSyncDeviceStatis
Set-CASMailbox aliasofUser -ActiveSyncDebugLogging:$f
http://blogs.technet.com/b/jasonsla/archive/2013/03/19/exchange-activesync-mailbox-logging.aspx
1) Delete the email account from the device. (Remove the profile)
2) Find out what ActiveSync devices are associated with a user’s mailbox:
Get-ActiveSyncDevice -Mailbox "Redmond\TonySmith"
3) Remove the device in question from ActiveSync:
Remove-ActiveSyncDevice -Identity iPhone_TonySmith -Confirm $true
4) Enable ActiveSync logging for the user’s mailbox:
Run the following command on the server where the user’s mailbox is located “Set-CASMailbox alias -ActiveSyncDebugLogging:$t
5) Re-add the device
6) Allow syncing to commence and complete
7) Dump the captured log file to an email address:
Get-ActiveSyncDeviceStatis
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
i think your debug comment helped me solve it. Testing it now.
i saw in the log this:
WARNING: You currently have 10 Exchange ActiveSync partnerships out of 10 maximum partnerships allowed per user. After
you reach the maximum, no new partnerships can be created until you remove some from your account.
I have removed some devices and waiting for them to remove the old devices. Gonna try again. You might just have given me the solution!
Gonna test it first :)
i saw in the log this:
WARNING: You currently have 10 Exchange ActiveSync partnerships out of 10 maximum partnerships allowed per user. After
you reach the maximum, no new partnerships can be created until you remove some from your account.
I have removed some devices and waiting for them to remove the old devices. Gonna try again. You might just have given me the solution!
Gonna test it first :)
Yes. Too many partnerships will cause that.
That article is a great read. I personally know the author and worked with him first-hand at MS.
That article is a great read. I personally know the author and worked with him first-hand at MS.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2010 Inter… 173 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.