During the course of my Exchange 2010 migration I have quite a few crazy little errors which caused me to pull my hair out. Not something I need to be doing. With that being said, I hope you don’t get stuck searching for the answer for some common problems like I have.
Here was the issue. Some users were not able to sync their Windows Mobile or iPhones with the Exchange 2010 server. The server would return an HTTP 500 response. Microsoft has a neat little utility which checks ActiveSync connectivity. It is web based so you can simulate external access to your Exchange server.
If you click on the ActiveSync test, it fails at Attempting an ActiveSync session with the server.
As well, in a completely different scenario, when I was unable to find an valid option to certificate validation warnings from my signed SSL cert this same fix worked. I received the error “The certificate chain did not end in a trusted root” when it in fact did end in a trusted VeriSign Cert
Open Active Directory Users and Computers
Click View –> Advanced Features
Find the affecting user account/s
Go to Properties –> Security –> Advanced
Click the box that says Inherit permissions from the parent and click ok.
Somehow it magically just works now. I guess this has something to do with Microsoft nudging you away from using protected Windows groups. That’s really as far into it as I got. I did check other accounts and they had the box checked so I figured it would be no harm if I had the box checked as well.
Hope this helps some else!