Solved

What are the consequences of not having an Exchange 2010 ActiveSync policy?

Posted on 2010-11-09
5
1,051 Views
Last Modified: 2012-05-10
Hello,

I installed SP1 to Exchange 2010 this morning and as soon as it was complete, my Android users lost their ability to connect.  So, I used Google to find a work around that fixed the problem.  Here it is (http://code.google.com/p/android/issues/detail?id=11177):

1) Remove the Android mobile devces affected from each users mailboxes.

2) Remove the Default (and any other ActiveSync) policy using EMC  -- Remove-ActiveSyncMailboxPolicy -id <Default>

         Note: this will set all user to no activesync policy (this is what we want temporarily)....

3) Setup the Andriod phones to sync and let them get past the initial syncronization.

4) Recreated the ActiveSync Policy and set it back to default - (this will reapply the policy to all mailboxes).

Problem is: When I perform Step 4 - Recreate the ActiveSync policy, they all stop working again.

So, I could either go-on without an ActiveSync policy or find another way to fix this problem.

QUESTIONS:

(1)  Could someone please explain to me what the consequences are to not having an ActiveSync policy?  Is it dangerous?

(2)  Could anyone think of another way to solve this problem where Droid 2.2.1 users can no longer use built-in email functionality to access Exchange?

Thanks,
Jason

P.S.  I already know that other email programs (such as TouchDown) don't seem to have the same connection problem.
0
Comment
Question by:SqueezeOJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:yash_varma
yash_varma earned 75 total points
ID: 34098115
http://technet.microsoft.com/en-us/library/bb123484.aspx : Understanding Exchange ActiveSync Mailbox Policies

0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 175 total points
ID: 34098601
this is an issue with the activesync client developed for the droid phone
exchange 2010 sp1 exposes "bad" code on these devices which breaks activesync

you could create a policy and the run the Get-ActiveSyncDevice cmdlet to identify the Droid users and remove the policy from them

http://technet.microsoft.com/en-us/library/dd335068.aspx
0
 

Author Comment

by:SqueezeOJ
ID: 34098911
endital1097 -

I only have 4 Droid users, so I already know who they are.  Are you saying that I could remove the policy on a per user basis?

yash varma -

I read through http://technet.microsoft.com/en-us/library/bb123484.aspx, and I appreciate the list of settings available...but what's the risk of not having a policy?

Thanks to both of you,
Jason
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 175 total points
ID: 34101132
the risk is a lost or stolen device
without a password policy someone that gains access to the device could read current messages and send malicious messages as the user

the use can always use owa to remote wipe the device in this scenario
0
 

Author Closing Comment

by:SqueezeOJ
ID: 34129476
Thanks for your help!
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question