Activesync Not Working in Exchange 2013 for Some Users Issue

Tej Pratap Shukla | Modified: December 19, 2024 | Exchange Server 2013, General Exchange Issue | 5 Minutes Reading

In this article, we are going to discuss how to resolve Activesync not working issue in Exchange Server 2013. As you might know in this digital world, users want to get connected to their emails and other Exchange services at the same time. However, it is not possible for the user to always have continuous access to their desktops or PC.

So, the users prefer to use the Activesync feature to synchronize their mobile phones with the Exchange server account. It leads to easy handling of the Exchange account on handheld devices and manually transfers the files from the computer to mobile phones for easy access. However, recently an issue has been detected where the Activesync is not working in Exchange 2013 for some users due to some unknown reasons.
Activesync Not Working
Consider the following situation “I have recently configured Activesync with my official Exchange Server account on my iPhone. However, when I try to access it from my mobile, it displays a message indicating that the synchronization cannot be done with Exchange Server 2013 using this device. Hence, I become unable to access my mailbox, and none of the emails get synced with my mobile phone. Even after logging again into the account does not help me to access the server.”

Possible Reason Behind Activesync Dysfunctionality

The most common reason behind Activesync not working in Exchange 2013 for some users is that full control permission may not be provided for that device from the Owner Rights Security principal. Due to the lack of full control permission, the Exchange cannot be synced with any of the EAS devices. So, it is very important to have all complete permission grants from the admin department who is handling the Exchange Server configuration for the organization.

Manual Solution to Resolve Activesync not working issue

The above-discussed Activesync issue can be resolved by assigning permission against msExchActiveSyncDevices for the particular EAS device. The following manual approach should be performed to change the settings and let the users experience Activesync features in a smooth manner:

  1. Click on Active Directory Users and Computers
  2. Select advanced features under the View option
  3. Pick the mailbox object (user, domain, unit, organization) for which the ActiveSync is not working and double click on it.
  4. Under the Security tab, click on Advanced
  5. Click on Add and type Exchange Servers
  6. Under Exchange Servers click on Apply choose Descendant msExchActiveSyncDevices objects
  7. Enable the permission by clicking Modify Permissions. There you need to Include inheritable permissions from this object’s parent.
  8. Save the changes made to enable the permission by clicking OK.

Steps to Use the Inbuilt Exchange Remote Connectivity Analyzer

We match the Autodiscover connection with the Activesync feature.

Incase the database swells up too much you can try to defrag Exchange Database & see if it boost server performance before you try the fix.

  • Go to Microsoft Remote Connectivity Analyzer.
  • Choose “Exchange ActiveSync Autodiscover” you will it under the Microsoft Exchange ActiveSync Connectivity Tests.
  • Type in the credentials and test.

A test failure will give you the specific error details and the steps to address them. Repeat till you pass the test without any failure alert then continue on to the UPN stage.

User Principle Name Verification to Fix ActiveSync

UPN is the parameter that Active sync protocol uses to match the SMTP email address across all devices. So admins need to verify whether this match is happening correctly or not. For that, the following steps will do the trick.

Open the Exchange Management Shell.
Run the following command to retrieve the UPN and primary SMTP address:

Get-Mailbox user | fl UserPrincipalName, PrimarySmtpAddress

Compare both fields thoroughly or add custom logic to the cmdlet to do the matching for you.

In case you find a difference in value, see if there is a corresponding domain suffix available in Active Directory. Then match the UPN with the primary SMTP address.

Ensure that the UPN matches the primary SMTP address.
If Mismatch Exists:
Check if the appropriate domain suffix is available in Active Directory.
Modify the UPN to match the primary SMTP address.

Next up admins need to look out for any address policy errors that might riggre the issue. We have laid out the exact steps for this.

Eliminate All Address Policy Errors that Lead to Exchange 2010, 2013, 2016, 2019 Activesync not Working Problem

ActiveSync relies on admin/user-made and prebuilt mailbox policies. If these policies are in conflict within one or more devices then can cause Active sync to break.
SO if you believe this is happening in your case here are the troubleshooting Steps:

Make a new default ActiveSync mailbox:

New-ActiveSyncMailboxPolicy -Name "Test ActiveSync Policy"

Assign this policy to the affected user:

Set-CASMailbox user -ActiveSyncMailboxPolicy "Test ActiveSync Policy"

See if this resolves the issue. If so make it the new permanent policy.

Conclusion

Activesync can be easily configured on various Android and iPhones to access the Exchange mailbox anywhere and anytime. Users are advised to take care of all the permissions granted from the admin. In the above blog, we have discussed an issue where Activesync not working in Exchange 2013 for some users. The manual solution is provided to help them easily synchronize and access the Exchange account mailbox on handheld devices without any configuration issues.

Tej Pratap Shukla
about.me/tejpratap