Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to disable OMA for all users except few of them...

Posted on 2010-08-23
21
Medium Priority
?
1,559 Views
Last Modified: 2013-11-25
Hi,

I have checked and found that OMA (Active Sync) is enabled for all of our users whether its officlally approved for few of them. Now i want to disable it for all and then enable only for business justified users.
Please let me know the way to do it for *all* users in 1 shot.
I have exchange 2003 enterprise with SP2.
0
Comment
Question by:pdixit1977
  • 8
  • 6
  • 4
  • +3
21 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33501827
double click on the user from ADUC - on your exchange server
Click on Exchange Features TAB
Select OMA
Click Disable

test it out for one user and see if it's disabled.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33501828
these things can be scripted in 2007,
2003 = hard to do.
0
 
LVL 33

Expert Comment

by:Busbar
ID: 33501837
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 6

Expert Comment

by:Elwin3
ID: 33501853
0
 
LVL 8

Expert Comment

by:ZombieAutopsy
ID: 33501865
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33501867
@elwin3
how do you customize that script for *some* users
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33501928
Easiest way to do this for all users is below...
- Open Exchange System Manager
- Expand Global Settings, Right click Mobile Services, click Properties
- On the General Tab, Under Outlook Mobile Access, uncheck "Enable Outlook Mobile Access"

Hope this helps~!
0
 

Author Comment

by:pdixit1977
ID: 33501985
I dont think apart of Elwin anybody else has read my question properly.

Thanks elwin, but what should i change in given script if i want to disable it only for a particular OU. I think i have to given DN of my OU in place of "LDAP://cn=Users,"
0
 
LVL 6

Expert Comment

by:Elwin3
ID: 33502134
Ok run the script for all users and it will disable it for everyone. Then put the users you want to enable in a OU.  Modify the script LDAP://cn=Users to the OU.

Also change If strWirelessEnabled = "" Then      to      If strWirelessEnabled = "7" Then

Also change  objUser.Put "msExchOmaAdminWirelessEnable", "7"    to     objUser.Put "msExchOmaAdminWirelessEnable", ""
 
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33502160
msExchOmaAdminWirelessEnable", "7"
>> this disables OMA

To disable only OMA correct value is 2.

See the table here
http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1179958_mem1,00.html
0
 

Author Comment

by:pdixit1977
ID: 33514375
I ran this script successfully with domain admin previledges on DC but OMA is still enable for all users.
0
 

Author Comment

by:pdixit1977
ID: 33514467
with both values 2 & 7.
0
 
LVL 6

Expert Comment

by:Elwin3
ID: 33518965
are the users in the root users ou?
0
 

Author Comment

by:pdixit1977
ID: 33521631
I made some changes in script to see its impact on few users. I ran it thru command prompt successfully wihout a single error.

On Error Resume Next
Set objRootDSE = GetObject("LDAP://rootDSE")
Set objUsers = GetObject("LDAP://CN=IT Linux Team,CN=IT Team,CN=india,DC=domain,DC=com," & objRootDSE.Get("defaultNamingContext"))
' set msExchOmaAdminWirelessEnable to 7 if currently null
For Each objUser In objUsers
            strname = objUser.Get("name")
'            WScript.Echo "name: " & strname
            strWirelessEnabled = objUser.Get("msExchOmaAdminWirelessEnable")
            If strWirelessEnabled = "" Then
                        objUser.Put "msExchOmaAdminWirelessEnable", "7"
                        objUser.setinfo
            End If
            strWirelessEnabled = objUser.Get("msExchOmaAdminWirelessEnable")          
Next
WScript.Echo "Mobile Services disabled for Few users"
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33521666
7 will disable OMA for all.
I think you are going for 2 > to disable OMA for specific users ?

http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1179958_mem1,00.html
0
 

Author Comment

by:pdixit1977
ID: 33521854
If you are talking about this then i have tried to change it as "2" but no luck.

objUser.Put "msExchOmaAdminWirelessEnable", "7"
0
 

Author Comment

by:pdixit1977
ID: 33545508
I am not a scripting guy so its very difficult for me to utilize given link.
If you have a readymade or easy to use way please let me know..


Elwin 3 :  Need your help
0
 
LVL 6

Accepted Solution

by:
Elwin3 earned 1000 total points
ID: 33588026
OK - Sorry been away.First thing to do is to make sure the value you are changing is working. So go to Exchange Console and choose one user. Look at the properties of that users mailbox and go to the Mailbox Features tab. You will see Exchange ActiveSync set to Enabled (0).Now go to Active Directory Users and Computers and find the same user there. Make sure Advanced Features are ticked under the View menu bar along the top. In the properties of the user click on the Attribute Editor tab and find the value msExchOmaAdminWireless and change the value from "not set"  to 7.Now if you go back into Exchange and look at the user's features again you will see ActiveSync is now diabled.If that's ok then run your sscript against a OU with a couple of users in and see if it changed the value.
0
 

Author Comment

by:pdixit1977
ID: 33600163
can u pelase elaborate "go to Exchange Console and choose one user. Look at the properties of that users mailbox and go to the Mailbox Features tab. You will see Exchange ActiveSync set to Enabled (0)."
I have exchange and active directory both running on 2003 so let me know how can i find/enable attribute editor in 2003 ?
0
 

Author Closing Comment

by:pdixit1977
ID: 33671512
g
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question