Solved

What are the consequences of not having an Exchange 2010 ActiveSync policy?

Posted on 2010-11-09
5
993 Views
Last Modified: 2012-05-10
Hello,

I installed SP1 to Exchange 2010 this morning and as soon as it was complete, my Android users lost their ability to connect.  So, I used Google to find a work around that fixed the problem.  Here it is (http://code.google.com/p/android/issues/detail?id=11177):

1) Remove the Android mobile devces affected from each users mailboxes.

2) Remove the Default (and any other ActiveSync) policy using EMC  -- Remove-ActiveSyncMailboxPolicy -id <Default>

         Note: this will set all user to no activesync policy (this is what we want temporarily)....

3) Setup the Andriod phones to sync and let them get past the initial syncronization.

4) Recreated the ActiveSync Policy and set it back to default - (this will reapply the policy to all mailboxes).

Problem is: When I perform Step 4 - Recreate the ActiveSync policy, they all stop working again.

So, I could either go-on without an ActiveSync policy or find another way to fix this problem.

QUESTIONS:

(1)  Could someone please explain to me what the consequences are to not having an ActiveSync policy?  Is it dangerous?

(2)  Could anyone think of another way to solve this problem where Droid 2.2.1 users can no longer use built-in email functionality to access Exchange?

Thanks,
Jason

P.S.  I already know that other email programs (such as TouchDown) don't seem to have the same connection problem.
0
Comment
Question by:SqueezeOJ
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:yash_varma
yash_varma earned 75 total points
ID: 34098115
http://technet.microsoft.com/en-us/library/bb123484.aspx : Understanding Exchange ActiveSync Mailbox Policies

0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 175 total points
ID: 34098601
this is an issue with the activesync client developed for the droid phone
exchange 2010 sp1 exposes "bad" code on these devices which breaks activesync

you could create a policy and the run the Get-ActiveSyncDevice cmdlet to identify the Droid users and remove the policy from them

http://technet.microsoft.com/en-us/library/dd335068.aspx
0
 

Author Comment

by:SqueezeOJ
ID: 34098911
endital1097 -

I only have 4 Droid users, so I already know who they are.  Are you saying that I could remove the policy on a per user basis?

yash varma -

I read through http://technet.microsoft.com/en-us/library/bb123484.aspx, and I appreciate the list of settings available...but what's the risk of not having a policy?

Thanks to both of you,
Jason
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 175 total points
ID: 34101132
the risk is a lost or stolen device
without a password policy someone that gains access to the device could read current messages and send malicious messages as the user

the use can always use owa to remote wipe the device in this scenario
0
 

Author Closing Comment

by:SqueezeOJ
ID: 34129476
Thanks for your help!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now