I have ActiveSync infrastructure in place in my current environment.
With our AD password policy set for users to change their password every 60 days this presents a minor issue for users using iPhone's, iPad's or Driod's connecting via EAS since they then need to manually change it.
We give the users a tutorial and the heads up that they will need to change the EAS password when they change it for their computer, but it goes in one ear and out the other. So we get the calls saying "My email is not working" or "My email is not showing up on my phone".
So is there a way to use my CA to issue certs for these devices and use it for authentication?