Exchage ActiveSync – HTTP 500 Internal Server Error for some users.

For some users Microsoft Connectivity Analyser is trowing error :

Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.

Tell me more about this issue and how to resolve it

Additional Details
Exchange ActiveSync returned an HTTP 500 response (Internal Server Error). HTTP

Test-ActivesyncConnectivity for the same user is generation error :

Error : [System.Net.WebException]: Der Remoteserver hat einen Fehler zurückgegeben: (500)
Interner Serverfehler.

If you search for solution in Internet almost all solutions are to activate the Inheritance for the affected user. But this is not helping.

So after some more research I found that in the test-ActiveSyncConnectivity error with |FL we see that the ActiveSyncDevices are mentioned:

Für den Benutzergerätecontainer ‘CN=ExchangeActiveSyncDevices,CN=username,OU=Users,OU=OU1,OU=User,DC=domain,DC=com’ in Active Directory konnten keine Sicherheitseinstellungen übernommen werden. Löschen Sie den Container, sofern dieser leer ist.”

in English

Exception message: Security settings couldn’t be applied to the user device container ‘CN=ExchangeActiveSyncDevices,CN=username,OU=Users,OU=OU1,OU=User,DC=domain,DC=com’ in Active Directory. Delete the container if it’s empty.

The Solution was to delete the CN=ExchangeActiveSyncDevices from ADSI.edit for the affected user.

 

Advertisements

Exchange 2013/2016 – Outlook cannot connect to Exchange server with MAPI over HTTP only internal.

I had one very interesting Issue with Exchange 2013 server and MAPI over HTTP.

When creating profile internal Outlook is failing on the last step “logon to server” with the well known error:

The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action.

When turned off MAPIoverHttp for the user, he connects without problem. In logs we see 401 unauthorized from mapi/nspi .

After testing with different internal URL vor MAPI Virtual directory. I found that the problem exists only with the name which was currently assigned as internal and external URL for mapi.

It was Remote.domain.com/mapi

It turns out that there is a Computer object in AD with name Remote. This is causing outlook to make connection attempts to this PC.

setspn -l remote

shows that there is HTTP spn for this record.

So the solution is to use another DNS entry for internal MAPI URL or remove the computer object.