Exchange 2013 ActiveSync IIS Error

I'm running a 2010/2013 environment in coexistence, and everything is working great except for ActiveSync.

Any users that are still living on the 2010 servers, can connect with ActiveSync just fine. However, and users that get moved over to 2013, cant connect. When I use one of these accounts with the ExRCA site, I get the error below.

These accounts are not admin accounts, and I've checked the the "inherited permissions" box in advanced features of the accounts within AD (an issue I remember with 2010).

I've also checked the permissions assigned to the virtual directories through EAC and IIS itself, and all permissions are assigned correctly per Microsoft's technet article regarding the matter.

Any ideas?

Attempting to send the OPTIONS command to the server.
 	Testing of the OPTIONS command failed. For more information, see Additional Details.
	Additional Details
An HTTP 403 forbidden response was received. The response appears to have come from IIS7. Body of the response: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><title>403 - Forbidden: Access is denied.</title><style type="text/css"><!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;;}
--></style></head><body><div id="header"><h1>Server Error</h1></div><div id="content"><div class="content-container"><fieldset><h2>403 - Forbidden: Access is denied.</h2><h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3></fieldset></div></div></body></html>


HTTP Response Headers:
request-id: 6be0f5dd-bddc-48c4-be6d-e5fe4f4da762
X-CalculatedBETarget: smschsexch2.sms.com
X-FEServer: FFXEXCH2
Content-Length: 1233
Cache-Control: private
Content-Type: text/html
Date: Wed, 30 Apr 2014 20:03:59 GMT
Set-Cookie: X-BackEndCookie=S-1-5-21-976081934-1044163499-2373175572-14762=rJqNiZqNgayyrLy3rLqnvLfN0YySjNGckJKBzsbMyMbGyMbLyIHPy9DMz9DNz87L383Pxc7Lxc/P; expires=Thu, 01-May-2014 00:14:00 GMT; path=/Microsoft-Server-ActiveSync; secure; HttpOnly
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Elapsed Time: 20198 ms.