Solved

What are the consequences of not having an Exchange 2010 ActiveSync policy?

Posted on 2010-11-09
5
1,032 Views
Last Modified: 2012-05-10
Hello,

I installed SP1 to Exchange 2010 this morning and as soon as it was complete, my Android users lost their ability to connect.  So, I used Google to find a work around that fixed the problem.  Here it is (http://code.google.com/p/android/issues/detail?id=11177):

1) Remove the Android mobile devces affected from each users mailboxes.

2) Remove the Default (and any other ActiveSync) policy using EMC  -- Remove-ActiveSyncMailboxPolicy -id <Default>

         Note: this will set all user to no activesync policy (this is what we want temporarily)....

3) Setup the Andriod phones to sync and let them get past the initial syncronization.

4) Recreated the ActiveSync Policy and set it back to default - (this will reapply the policy to all mailboxes).

Problem is: When I perform Step 4 - Recreate the ActiveSync policy, they all stop working again.

So, I could either go-on without an ActiveSync policy or find another way to fix this problem.

QUESTIONS:

(1)  Could someone please explain to me what the consequences are to not having an ActiveSync policy?  Is it dangerous?

(2)  Could anyone think of another way to solve this problem where Droid 2.2.1 users can no longer use built-in email functionality to access Exchange?

Thanks,
Jason

P.S.  I already know that other email programs (such as TouchDown) don't seem to have the same connection problem.
0
Comment
Question by:SqueezeOJ
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:yash_varma
yash_varma earned 75 total points
ID: 34098115
http://technet.microsoft.com/en-us/library/bb123484.aspx : Understanding Exchange ActiveSync Mailbox Policies

0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 175 total points
ID: 34098601
this is an issue with the activesync client developed for the droid phone
exchange 2010 sp1 exposes "bad" code on these devices which breaks activesync

you could create a policy and the run the Get-ActiveSyncDevice cmdlet to identify the Droid users and remove the policy from them

http://technet.microsoft.com/en-us/library/dd335068.aspx
0
 

Author Comment

by:SqueezeOJ
ID: 34098911
endital1097 -

I only have 4 Droid users, so I already know who they are.  Are you saying that I could remove the policy on a per user basis?

yash varma -

I read through http://technet.microsoft.com/en-us/library/bb123484.aspx, and I appreciate the list of settings available...but what's the risk of not having a policy?

Thanks to both of you,
Jason
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 175 total points
ID: 34101132
the risk is a lost or stolen device
without a password policy someone that gains access to the device could read current messages and send malicious messages as the user

the use can always use owa to remote wipe the device in this scenario
0
 

Author Closing Comment

by:SqueezeOJ
ID: 34129476
Thanks for your help!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This video is in connection to the article "The case of a missing mobile phone (https://www.experts-exchange.com/articles/28474/The-Case-of-a-Missing-Mobile-Phone.html)". It will help one to understand clearly the steps to track a lost android phone.
This video discusses moving either the default database or any database to a new volume.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question