Today, a customer told me that one of users cannot success to sync emails at his phone, I tried to use Microsoft Remote Connectivity Analyzer to test Exchange ActiveSync Connectivity, it has no issues with Exchange ActiveSync Autodiscover but not Exchange ActiveSync, it failed to attempt the FolderSync command on the Exchange ActiveSync session and error message is “Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).”.
I figured out the issues after troubleshooting, the user is a member of domain admins, Exchange server group does not have the appropriate permission to his mailbox object in Active Directory. It’s easy to fix issues as follow:
- Login to the domain controller server.
-
On the Server Manager page, select Tools and click Active Directory Users and Computers.
-
On the Active Directory Users and Computers page, select View and click Advance Feature.
-
Right-click the mailbox account and select Properties.
-
On the user Properties page, select Security.
-
On the Security page, click Advanced.
-
On Advanced Security Settings for the user page, click Enable inheritance and then click OK
-
On the Permissions Warning page, click Yes.
-
On the user Properties page, click Ok.
- Go back to Microsoft Connectivity Analyzer toll and everything should be fine now, also his phone start to sync his email.
But I would recommend that you do not use a member of domain admins for e-mail purposes. You should have two Active Directory user accounts. These Active Directory accounts include one user account that is added to a domain admin and one user account that is used for e-mail purposes.
Hope you enjoy this post.
Cary Sun
Twitter: @SifuSun