Solved

What are the consequences of not having an Exchange 2010 ActiveSync policy?

Posted on 2010-11-09
5
1,017 Views
Last Modified: 2012-05-10
Hello,

I installed SP1 to Exchange 2010 this morning and as soon as it was complete, my Android users lost their ability to connect.  So, I used Google to find a work around that fixed the problem.  Here it is (http://code.google.com/p/android/issues/detail?id=11177):

1) Remove the Android mobile devces affected from each users mailboxes.

2) Remove the Default (and any other ActiveSync) policy using EMC  -- Remove-ActiveSyncMailboxPolicy -id <Default>

         Note: this will set all user to no activesync policy (this is what we want temporarily)....

3) Setup the Andriod phones to sync and let them get past the initial syncronization.

4) Recreated the ActiveSync Policy and set it back to default - (this will reapply the policy to all mailboxes).

Problem is: When I perform Step 4 - Recreate the ActiveSync policy, they all stop working again.

So, I could either go-on without an ActiveSync policy or find another way to fix this problem.

QUESTIONS:

(1)  Could someone please explain to me what the consequences are to not having an ActiveSync policy?  Is it dangerous?

(2)  Could anyone think of another way to solve this problem where Droid 2.2.1 users can no longer use built-in email functionality to access Exchange?

Thanks,
Jason

P.S.  I already know that other email programs (such as TouchDown) don't seem to have the same connection problem.
0
Comment
Question by:SqueezeOJ
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:yash_varma
yash_varma earned 75 total points
ID: 34098115
http://technet.microsoft.com/en-us/library/bb123484.aspx : Understanding Exchange ActiveSync Mailbox Policies

0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 175 total points
ID: 34098601
this is an issue with the activesync client developed for the droid phone
exchange 2010 sp1 exposes "bad" code on these devices which breaks activesync

you could create a policy and the run the Get-ActiveSyncDevice cmdlet to identify the Droid users and remove the policy from them

http://technet.microsoft.com/en-us/library/dd335068.aspx
0
 

Author Comment

by:SqueezeOJ
ID: 34098911
endital1097 -

I only have 4 Droid users, so I already know who they are.  Are you saying that I could remove the policy on a per user basis?

yash varma -

I read through http://technet.microsoft.com/en-us/library/bb123484.aspx, and I appreciate the list of settings available...but what's the risk of not having a policy?

Thanks to both of you,
Jason
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 175 total points
ID: 34101132
the risk is a lost or stolen device
without a password policy someone that gains access to the device could read current messages and send malicious messages as the user

the use can always use owa to remote wipe the device in this scenario
0
 

Author Closing Comment

by:SqueezeOJ
ID: 34129476
Thanks for your help!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2007 standard - defrag (eseutul /d) 10 38
Impact of disabling SMB v1 on Mac and Linux clients 4 321
EXCHANGE SENDER POLICY FRAMWORK 6 16
Admin account lockout 10 36
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now