Restricting only iPhone through Active Sync

Posted on 2010-09-21
Last Modified: 2012-05-10
I have a group of users who have OMA enabled.
They are using iPhone for accessing emails. Is there any way we can restrict just iPhone in Active Sync?
I dont want any one connecting to my exchange using any other mobile which supports active sync.

Question by:Shabarinath Ramadasan
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 26

Accepted Solution

e_aravind earned 167 total points
ID: 33724795
I have the following answer for windows mobile...hope this should be fine for iPhone too

How to allow only Provisioned Windows Mobile Devices to Connect to your Network
LVL 14

Author Comment

by:Shabarinath Ramadasan
ID: 33725103
Thanks Aravind..
We are about to migrate to E2k10.. currently on 2003.

Any other option? or any third party tool?


Assisted Solution

jebeckham earned 166 total points
ID: 33725240
Are you reverse proxing through ISA?  I've setup ActiveSync through ISA before such that users need to be a member of an AD group in order to use ActiveSync (rather than all users).  It would require you to manage a group in AD containing all of your iPhone user mailboxes (and not prevent them from using another device) but will allow you to manage who is using ActiveSync.
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 14

Author Comment

by:Shabarinath Ramadasan
ID: 33725998
Good suggestion jebeckham.
I am pretty clear on that part. By default, users wont have active sync enabled.

My only worry is how to make sure that company provided iPhone is only used to connect to our network.


Expert Comment

ID: 33726690
Right, corporate management of iPhones becomes challenging rather quickly, particularly if you're using Exchange Server 2003 on the back-end.
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 167 total points
ID: 33727100
Short answer is that you can't restrict Activrsync devices on Exchange 2003.  You can on Exchange 2010 happily, but until you migrate, you can only allow or disallow activesync to specific users.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In-place Upgrading Dirsync to Azure AD Connect
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question