Only for some users, the ExRCA returns HTTP ERROR 500 on FolderSync but the user affected have check box for "Include inheritable permissions from this object's parent" are already selected.
The is not a member of the following protected group.
Administrators, Administrator, Account Operators, Server Operators, Print Operators, Backup Operators, Domain Admins, Schema Admins, Enterprise Admins, Cert Publishers, Krbtgt, Read-only Domain Controllers, Replicator
To resolve this issue we can follow the followings steps:
a. Open Active Directory Users and Computers.
b. Open the Properties of "Aftected user".
c. Click the Security tab and click Advanced.
d. Click the "Effective Permissions" tab.
e. Click Select, input "Exchange Servers", click "Check Names" and click OK.
f. Scroll down and check whether the following permissions exist:
g. If the permission does not exist, please switch back to the Permissions tab. Click Add.
h. Input "Exchange Servers", click "Check Names" and click OK.
i. In the "Apply to" drop down box, please select "Descendant msExchActiveSyncDevice objects" and add the following permissions: List contents, Read all properties, Write all properties, Delete, Modify Permissions
j. Click OK.
k. Click OK and click OK.
The related permissions are set when installing the Exchange 2010 server. You may also run "setup /PrepareDomain" command to reset the permissions again if the default permissions have been changed.