Restricting only iPhone through Active Sync

Posted on 2010-09-21
Last Modified: 2012-05-10
I have a group of users who have OMA enabled.
They are using iPhone for accessing emails. Is there any way we can restrict just iPhone in Active Sync?
I dont want any one connecting to my exchange using any other mobile which supports active sync.

Question by:Shabarinath Ramadasan
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 26

Accepted Solution

e_aravind earned 167 total points
ID: 33724795
I have the following answer for windows mobile...hope this should be fine for iPhone too

How to allow only Provisioned Windows Mobile Devices to Connect to your Network
LVL 14

Author Comment

by:Shabarinath Ramadasan
ID: 33725103
Thanks Aravind..
We are about to migrate to E2k10.. currently on 2003.

Any other option? or any third party tool?


Assisted Solution

jebeckham earned 166 total points
ID: 33725240
Are you reverse proxing through ISA?  I've setup ActiveSync through ISA before such that users need to be a member of an AD group in order to use ActiveSync (rather than all users).  It would require you to manage a group in AD containing all of your iPhone user mailboxes (and not prevent them from using another device) but will allow you to manage who is using ActiveSync.
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 14

Author Comment

by:Shabarinath Ramadasan
ID: 33725998
Good suggestion jebeckham.
I am pretty clear on that part. By default, users wont have active sync enabled.

My only worry is how to make sure that company provided iPhone is only used to connect to our network.


Expert Comment

ID: 33726690
Right, corporate management of iPhones becomes challenging rather quickly, particularly if you're using Exchange Server 2003 on the back-end.
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 167 total points
ID: 33727100
Short answer is that you can't restrict Activrsync devices on Exchange 2003.  You can on Exchange 2010 happily, but until you migrate, you can only allow or disallow activesync to specific users.

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question