Everybody knows the “problem” that an administrative account can’t use Active Sync (Keyword: AdminSDHolder / Active Directory Inheritance). But a few time ago I got into a new situation. Over the ECP I couldn’t open/delete a mobile device, because the device couldn’t be found.
In the next step I saw that also the access to the device was denied.
So I thought it was the familiar problem from Exchange 2010 with the changed organization unit. In this case the console use the wrong path to the device, but you can still delete the device over the PowerShell.
But also PowerShell wasn’t able to find the device:
The interesting thing is that I got statistics to that device:
My next step was to check the user container in Active Directory.
With ADSI-Edit I could only find information from the statistics like the Blocked Device ID:
Finally I found a way to delete the mobile device.
Connect with the tool “MFCMapi” to the affected profile.
In the “Root Container” under “ExchangeSyncData” you can delete the device.