EAS issues after moving user mailboxes to Exchange 2010

by Henrik Walther [Published on 13 Sept. 2009 / Last Updated on 13 Sept. 2009]

In each environments that I’ve transitioned from either Exchange 2003 or Exchange 2007 to Exchange 2010, I’ve hit an issue related to Exchange ActiveSync. After moving user mailboxes to Exchange 2010, mobile devices could no longer synchronize with a mailbox. When performing a manual synchronization, I saw this error on the device: Result: ActiveSync registered a problem on the server. Support code: 0x85010014 This issue occurs if the AD user object of the Exchange 2010 user doesn’t have “Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.” Once this setting is checked, Exchange ActiveSync works again. This issue is easy to fix for a few users (when you know the above that is!), but what if you need to change this setting for several thousands of users? You could go create a script, but then again what you you don’t have any scripting skills? Well don’t worry, I’ve found out that ADModify.NET is capable of changing this setting on users in bulk. Just fire up ADModify.NET and select the OU(s) containing the users and check the setting under the Account tab as shown below.   Cheers, Henrik WaltherTechnology Architect/WriterMCM: Exchange 2007 | MVP: Exchange Architecture MCITP: EMA + EA | MCSE: M + S | TechNet Influent

In each environments that I’ve transitioned from either Exchange 2003 or Exchange 2007 to Exchange 2010, I’ve hit an issue related to Exchange ActiveSync. After moving user mailboxes to Exchange 2010, mobile devices could no longer synchronize with a mailbox. When performing a manual synchronization, I saw this error on the device:

Result:

ActiveSync registered a problem on the server.

Support code: 0x85010014


This issue occurs if the AD user object of the Exchange 2010 user doesn’t have “Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.

Once this setting is checked, Exchange ActiveSync works again.

image

This issue is easy to fix for a few users (when you know the above that is!), but what if you need to change this setting for several thousands of users?

You could go create a script, but then again what you you don’t have any scripting skills? Well don’t worry, I’ve found out that ADModify.NET is capable of changing this setting on users in bulk.

Just fire up ADModify.NET and select the OU(s) containing the users and check the setting under the Account tab as shown below.

image

 

Cheers,

Henrik Walther
Technology Architect/Writer
MCM: Exchange 2007 | MVP: Exchange Architecture
MCITP: EMA + EA | MCSE: M + S | TechNet Influent

clip_image001

Add Review or Comment

Featured Links