Restricting Activesync/Windows Mobile-Ex2007 SP1 (Full Version)

All Forums >> [Microsoft Exchange 2007] >> Mobility


sbouse -> Restricting Activesync/Windows Mobile-Ex2007 SP1 (5.Nov.2008 5:00:30 PM)

I have 10000 mailboxes on ex2007 sp1--how can I restrict which users can have windows mobile. For the bes users, we need to add them to the server/set the activation pw and then they do enterprise activation. i know about the ex2007 console/mb features/activesync and disable it---but is there a way to lock it down so that we give them approval before synching a WM device? thanks. steve

Elan Shudnow -> RE: Restricting Activesync/Windows Mobile-Ex2007 SP1 (5.Nov.2008 5:49:02 PM)

There's a few things you may be interested in knowing about.
1.  Disable a user from using EAS (which you already know).  You can easily do this by doing something like get-mailbox | set-casmailbox -ActiveSyncEnabled $false.  If users are already using EAS, this wouldn't be a smart thing to do.
2. If you did #1 above, when you enable EAS on a person by person basic, you can use the Set-CASMailbox and use the ActiveSyncAllowedDeviceIDs to restrict what specific device a user can use to sync to their account.  Any other device will be restricted.
3. You can restrict what types of devices in general can sync to Exchange.  But in order to do this, you'll need a firewall like ISA as Exchange doesn't support this functionality.  You can read more about this here.

Page: [1]