• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

activesync mailbox policy

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2007] >> Mobility >> activesync mailbox policy Page: [1]
Login
Message << Older Topic   Newer Topic >>
activesync mailbox policy - 26.Jun.2008 11:59:32 AM   
dsl1011

 

Posts: 44
Joined: 16.Jan.2006
Status: offline
I'm running Exchange 2007 with sp1 and working with activesync. I've found interesting information so i'm wondering if these issues are by design or if there is a way to do this.

I've modified the Default ActiveSync Mailbox Policy to suit our needs and applied it to a user i was testing with. The pda (palm 700w) connected via activesync without a problem and was requested to install the policy on their pda. So the policy was installed on the pda which required a password so i was prompted to enter a password which was fine. These are the things i wanted to test and here are my results...

1) Can I modify the activesync policy within EMC and have the policy updated on the PDA the next time it sync'd (for instance changing the password requirement to no longer requiring a password)?
Findings: It doesn't seem to work. I waited for mailbox mantenance to run so it would update the policy and then i sync'd the pda. i then shut off the pda and turned it back on and it still required a password. I even removed the partnership and resync'd the pda but it doesn't pick up the new activesync policy change. It looks like you need to get your activesync policy right the first time as it doesn't appear you can change the policy on the pda after the initial policy is applied. Is this right?

2) Once you remove the partnership from the pda, does the activesync policy on the pda get removed?
Findings: After i removed the partnership and resync'd, i didn't get a prompt to install the activesync policy so it looks like it maintains the policy that is already installed on the device. Is this right?

3) Can i switch a users activesync policy after the 1st activesync policy has already been applied to the pda device?
Findings: If an activesync policy was created for a user called "General" and was applied to the PDA, then this person switches departments so is now applied the "Finance" activesync policy, they will get the following error when they try to sync.

"Support code: 0x85010004 - Your account in Microsoft Exchange Server does not have permission to synchronize with your current settings.  Contact your Exchange Server administrator."

Once i switched the user back to their original policy it worked fine so it looks like once a pda device installs a policy, that is it, you can't change it to use a different activesync policy. Is this right?

4) I guess in the end i would like to be able to remove an activesync policy from a PDA device. Is there any way to do this?
Findings: The only way i found to do this was to do a hard reset on the device or remotely wipe it which essentially does the same thing. Maybe this is a security feature on the device requiring you to completely wipe the device to get rid of the policy. 

Thanks for any help!
Post #: 1
RE: activesync mailbox policy - 30.Jun.2008 2:39:54 PM   
Sembee

 

Posts: 4093
Joined: 17.Jan.2008
From: Somewhere near London, UK
Status: offline
A lot of the changes that you have seen are what I would expect to see as they are modifying the behaviour of the device.

The password requirement for example - the fact that you have set a password is enough for the device to always require a password. The policy doesn't control the feature being enabled or disabled. After the policy as been removed the user would then have to go in to the password control and disable the password - which wouldn't be possible if the policy was enabled.

With regards to changing the policy, you haven't said what was different with the two policies so it is impossible to comment.

Polices are not removed from the device - they simply cease to be enforced. Therefore to remove the settings changes you have to hard wipe the device - as you have found.

Simon.

_____________________________

Simon Butler,
Exchange MVP
Blog: http://blog.sembee.co.uk/
Web: http://www.amset.info/
In the UK? Hire me: http://www.sembee.co.uk/
Exchange Resources: http://exbpa.com/

(in reply to dsl1011)
Post #: 2
RE: activesync mailbox policy - 1.Jul.2008 1:45:59 PM   
dsl1011

 

Posts: 44
Joined: 16.Jan.2006
Status: offline
thanks for the reply. i did notice that once a policy was changed, it did take effect on the pda. you were right, even though the policy was no longer applied to the pda device, i still needed to go into the password settings which allowed me to remove the password requirement.

In terms of the 2 policies that i was trying to switch between, 1 policy required a password and 1 did not. once i applied the password policy to the pda and then tried to change the policy for the user to one that no longer required a password, that is when i got the error described above.

(in reply to dsl1011)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2007] >> Mobility >> activesync mailbox policy Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter