Solved

Questions on two Power Shell command to control ActiveSync connections

Posted on 2013-02-03
5
240 Views
Last Modified: 2013-05-28
We run Exchange 2010 SP1. We have an established ActiveSync community with about 500 users connecting. The only thing we use to control connections is applying a policy to the devices. It is standard practice to use to have everyone including new users disabled for ActiveSync except the ones that are currently using it but this practice is not always followed.

I didn't think there was anything available to control access and then I read about the two Power Shell commands below:

Set-ActiveSync OrganizationSettings
New-ActiveSyncDeviceAccessRule

I don't know if the second command is anything like, or is, the ABQ (Allow, Block, Quarantine) that I have read about.

My question is since our current Org policy allows everything, if I set it to Quarantine to catch a new user that gets created with AS enabled and then tries to connect, will this have any affect on our current users?

As for the New-ActiveSyncDeviceAccessRule, if you establish a rule or rules for some devices, does this automatically block everthing else that tries to connect.
0
Comment
Question by:osiexchange
  • 3
5 Comments
 
LVL 18

Expert Comment

by:suriyaehnop
ID: 38849778
If not mistaken, new user maibox will have Exchnage Activesync disabled by default.
0
 

Author Comment

by:osiexchange
ID: 38849826
That may or may not be true. We provision with ILM but still, there have been cases where users have been enabled either because someone in the Help Desk was asked or there at time of user creation and this catch all command would be nice to implement.
0
 

Expert Comment

by:DeanUnited
ID: 39050144
Good question. We have 25 users on activesync now but want to start implementing some sort of check so that not anyone can activate their home ipad on activesync and download all their work email. We'd like to setup a quarantine for all new devices so that we can approve them first, however I'm afraid turning this on will automatically quarantine all 25 users that are already currently active. Does anyone know a work around?
0
 

Accepted Solution

by:
osiexchange earned 0 total points
ID: 39190744
We decided to stick with the manual process.  As part of the user account setup, once the mailbox has been provisioned we go in and disable ActiveSync manually until we get the OK to enable it again.
0
 

Author Closing Comment

by:osiexchange
ID: 39200628
We decided to stick with the manual process.  As part of the user account setup, once the mailbox has been provisioned we go in and disable ActiveSync manually until we get the OK to enable it again.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now