We help IT Professionals succeed at work.

Exchange 2010. 403 error. activesync not working for some users.

Member_2_8001432
on
310 Views
Last Modified: 2017-03-14
Hello Experts

We have some mobile users that has trouble connecting to exchange via activesync.

When using exchange analyzer and activesync tester i get the error 403 from both of them, saying access denied.

I used to fix this problem by enabling inherit in AD. But now it doesn't work.

I have enabled "Basic authentication" on the IIS side for active-sync folder.

Active sync policies from exchange have "allow non-provisible devices" enabled.

I am suspecting it could be an AD issue, since this user had a working activesync previously. no membership or permissions has been changed.
Comment
Watch Question

Author

Commented:
just to add, i just created a new account, and created a new mailbox. Activesync works.
Senior Engineer
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Author

Commented:
i think your debug comment helped me solve it. Testing it now.

i saw in the log this:
WARNING: You currently have 10 Exchange ActiveSync partnerships out of 10 maximum partnerships allowed per user. After
you reach the maximum, no new partnerships can be created until you remove some from your account.


I have removed some devices and waiting for them to remove the old devices. Gonna try again. You might just have given me the solution!

Gonna test it first :)
Scott CSenior Engineer
CERTIFIED EXPERT

Commented:
Yes.  Too many partnerships will cause that.

That article is a great read.  I personally know the author and worked with him first-hand at MS.

Author

Commented:
Yep, max devices were reached. Thanks!
Scott CSenior Engineer
CERTIFIED EXPERT

Commented:
Glad I could help.