After the user mailbox was moved to Exchange 2010 mailbox server from Exchange 2007, ActiveSync got broken.
There are many warning messages on Exchange 2010 CAS servers:
Log Name: Application
Source: MSExchange ActiveSync
Date: 4/10/2014 10:35:08 AM
Event ID: 1008
Task Category: Requests
Level: Warning
Keywords: Classic
User: N/A
Computer: Exchange2010CASservername.mydomain.com
Description:
An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.
URL=/Microsoft-Server-ActiveSync/default.eas?Cmd=Provision&User=username%40userdomain.com&DeviceId=android1342529324&DeviceType=MotoDROIDRAZR
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=username@userdomain.com,OU=OUname1,OU=OUname2,OU=OUname3,DC=mydomain,DC=com.
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse:
This request does not contain a WBXML response.
Google bringing up the following Microsoft article: http://support.microsoft.com/kb/2680321
It suggests "Include inheritable permissions from this object's parent" is selected... But my users already had it selected.
Comparing the security settings on the OU level with OUs that work, I found that 'Exchange Trusted Subsystem' is missing from the list... I added it with the 'Full Control' and it fixed the problem.
Thursday, April 10, 2014
Subscribe to:
Posts (Atom)