Exchange 2010 activesync doesn’t work domain admin group members

By default members of an AD protected group like domain admins or enterprise admin cannot use microsoft activesync with a exchange 2010 server. They get a error like this: “Result: ActiveSync encountered a problem on the server. Support code: 0x85010014”.

Solution 1: Remove the protected group memberships for this account, more information about protected groups can be found here.

Solution 2: Goto active directory users and computers, turn on advanced features on the view menu. Go to the user account, security tab and tick the advanced button. After that you have to enable Include inheritable permissions from this object’s parent. Now activesync will work.

Note: some rules apply every hour and will disable inheritance so you have to activesync within this time otherwise you have to repeat the step in Solution 2. When get a other device to activesync with you also have to repeat this action.

Posted in Blog, Exchange 2010 by ronnypot at August 3rd, 2010.
Tags: ,

6 Responses to “Exchange 2010 activesync doesn’t work domain admin group members”

  1. Bakir says:

    Thanks this helped me.

  2. Michelle says:

    Does the rule not disconnect the activeSync from phone?

  3. Mark says:

    This saved us!!

  4. Stuart Hill says:

    Thanks, exactly what was required – I ticked the box for inheritance on that account and there were no ill effects, added the account on the mobile and it is working ok.

  5. I sure wish I could get this working as it’s been a pain in my side for a long time. Any chance you could give me a hand?

Leave a Reply

Sharing Buttons by Linksku