Friday, July 5, 2013

HTTP 500 (Internal Server Error) in Exchange 2010


Environment: -

In our Microsoft Exchange 2003 Environment and just a started move the Mailboxes to Microsoft Exchange 2010. Recently we had the problem that some Mobile Devices weren’t able to sync via ActiveSync. At the beginning it seemed that just iPad & iPhone Mobiles.

Error Message: -

On the mobiles we just got an HTTP 500 (Internal Server Error). Also in the IIS-Log file I didn’t get that much information. Also just HTTP 500. Also verified the same in Exchange Test connectivity analyzer (https://www.testexchangeconnectivity.com) it’s giving the same Folder Sync HTTP 500 (Internal Server Error).

Problem Statement: -

Due to the above error user will not able to sync the corporate emails in mobile device.

Resolution: -

I have verified user mailbox association list by Login to ECP and Exchange Management Shell no device associated in the user account.

Get-ActivesyncDevice –Mailbox “Gengaiyan”

So after a moment of thinking I remembered that need to check some couple of things in Active Directory. Because I always use “Advanced Features” and especially “Users, Contacts, Groups, and Computers as containers” within DSA.MSC. I just switched to that MMC and changed to a user account where I knew that ActiveSync is working.



So, beyond an ActiveSync enabled user account (which already synced with a device) you’ll find a new container called “ExchangeActiveSyncDevices“. Within that container you’ll find entries for every device this user is currently syncing or synced once in the life time (unless the device was removed within ECP or so).
           
Actually the error (HTTP 500 Internal Error) occurs because Exchange isn’t able to create this container. This can happen if user account Inheritance was not “Checked”.





So within the Properties of a user account at the Security Tab (if you can’t see that one you have so enable the “Advanced Features” within View) -> Advanced the Check Box “Include inheritable permission from this object’s parent” should be checked.

And Exchange 2010 grants special permissions to the group “Exchange Servers” at the Domain Level that actually grants “Create/Delete msExchActiveSyncDevices objects“.




Once I have given the Exchange server permission on affected user account user start syncing the emails in iPhone/iPad without any issues. Also I have re-run the Exchange Test Connectivity analyzer and all the test got successful. J

Thanks

Keep your comments..