Reset Search



KB40906 - ActiveSync users are unable to sync mail after mailbox is moved to different Exchange server

« Go Back


Last Modified Date8/21/2020 11:55 PM

ActiveSync Users are uUnable to Sync Mail after Mailbox is Moved to Different Exchange Server

This article describes an issue and provides a solution for ActiveSync users who are unable to sync email to a different Exchange server once their mailbox has been moved.
Problem or Goal
This issue can occur under the following conditions/configuration:
  • ActiveSync is being enforced on a sign-in URL configured for a virtual host name of the Exchange server.
  • User's device is preconfigured to sync mail from a specific PCS gateway.
  • Exchange administrator moves the user's mailbox to a different Exchange server.
  • Device uses autodiscover to determine new Exchange server host name.
  • New Exchange server host name is located, however, user is not able to sync mail to new Exchange server.

This issue will occur if the forwarding Exchange server host name has not been added to the Web ACL on the originating PCS device.

The User Access Log will contain the following error where the "Host" logged is the Exchange server that the user's email account has been forwarded to:

info - [] -[ActiveSync Role] - 2017/08/22 01:18:47 - Access blocked after DNS lookup. Check Web ACL settings - Host:, Request: /Microsoft-Server-ActiveSync?User=ABC2010&DeviceId=OS0ETKOBND00V2N03J94A2HOUG&DeviceType=iPad&Cmd=Ping

To resolve this issue, create a Web ACL on the originating PCS device to allow access to the forwarding server's host name that is logged in the User Access log with the DNS error, and specify both port 80 and 443 in the Web ACL.  

For example, in the above error message, the forwarding host is  Therefore, the Web ACL should be created for the following host:,443
Related Links
Attachment 1 
Created ByKaren Mayberry



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255