Windows Phone 7 ActiveSync error 86000C09 (My First Post!)

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Chris Heacock on Geeks with Blogs See other posts from Geeks with Blogs or by Chris Heacock
Published on Wed, 29 Jun 2011 13:32:25 GMT Indexed on 2011/06/30 0:22 UTC
Read the original article Hit count: 833

Filed under:

Hello fellow geeks!

I'm kicking off this new blog with an issue that was a real nuisance, but was relatively easy to fix.

During a recent Exchange 2003 to 2010 migration, one of the users was getting an error on his Windows Phone 7 device. The error code that popped up on the phone on every sync attempt was 86000C09

We tested the following:

  1. Different user on the same device: WORKED
  2. Problem user on a different device: FAILED

 

Seemed to point (conclusively) at the user's account as the crux of the issue. This error can come up if a user has too many devices syncing, but he had no other phones. We verified that using the following command:

Get-ActiveSyncDeviceStatistics -Identity USERID

Turns out, it was the old familiar inheritable permissions issue in Active Directory. :-/ This user was not an admin, nor had he ever been one. HOWEVER, his account was cloned from an ex-admin user, so the unchecked box stayed unchecked. We checked the box and voila, data started flowing to his device(s).

Here's a refresher on enabling Inheritable permissions:

Open ADUC, and enable Advanced Features:

Then open properties and go to the Security tab for the user in question:

Click on Advanced, and the following screen should pop up:

Verify that "Include inheritable permissions from this object's parent" is *checked*.

 

You will notice that for certain users, this box keeps getting unchecked. This is normal behavior due to the inbuilt security of Active Directory. People that are in the following groups will have this flag altered by AD:

  • Account Operators
  • Administrators
  • Backup Operators
  • Domain Admins
  • Domain Controllers
  • Enterprise Admins
  • Print Operators
  • Read-Only Domain Controllers
  • Replicator
  • Schema Admins
  • Server Operators

Once the box is cheked, permissions will flow and the user will be set correctly. Even if the box is unchecked, they will function normally as they now has the proper permissions configured.

You need to perform this same excercise when enabling users for Lync, but that's another blog. :-)

 

-Chris

© Geeks with Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle