Link to home
Start Free TrialLog in
Avatar of Nick Ferraro
Nick FerraroFlag for United States of America

asked on

No iphone exchange 2016 sync

Iphone no sync with Exchage 2016

Log Name:      Application
Source:        MSExchange ActiveSync
Date:          6/13/2018 4:36:06 AM
Event ID:      1053
Task Category: Configuration
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      KBC-Exchange.kbc.local
Description:
Exchange ActiveSync doesn't have sufficient permissions to create the "CN=N Ferraro,OU=Kbc Users,DC=kbc,DC=local" container under Active Directory user "Active Directory operation failed on KBC-DATA.kbc.local. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03152870, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
Make sure the user has inherited permission granted to domain\Exchange Servers to allow List, Create child, Delete child of object type "msExchangeActiveSyncDevices" and doesn't have any deny permissions that block such operations.

Details:%3
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange ActiveSync" />
    <EventID Qualifiers="49156">1053</EventID>
    <Level>2</Level>
    <Task>2</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2018-06-13T08:36:06.525034600Z" />
    <EventRecordID>452029</EventRecordID>
    <Channel>Application</Channel>
    <Computer>KBC-Exchange.kbc.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>CN=N Ferraro,OU=Kbc Users,DC=kbc,DC=local</Data>
    <Data>Active Directory operation failed on KBC-DATA.kbc.local. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03152870, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
</Data>
  </EventData>
</Event>
Avatar of Valentina Perez
Valentina Perez
Flag of France image

Hi Nick,

Check that if you have configured correctly activesync:

Get-ActiveSync | fl *url*

Do you have the same issue with all the users?

Or only this mailbox?

Regards
Valentina
ASKER CERTIFIED SOLUTION
Avatar of Nick Ferraro
Nick Ferraro
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi Nick,

I suppose if it was only one user. You need to check inheritance for the user in Active Directory.

Regards
Valentina
Avatar of Nick Ferraro

ASKER

Answer was found in general search.
@Nick Ferraro
Appreciate if you post the solution.

Thanks
Hi I know it's solved but as a side note, if the user is a domain admin it will probably revert the settings on the security tab. Glad all sorted.