Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 444
  • Last Modified:

Remove-ActiveSyncDevice Removes the phones... but they come back

So I have ran this command multiple times trying to figure this one out: Remove-ActiveSyncDevice -Identity "id goes here"
When I run it it asks me to confirm.
I then run: get-activesyncdevicestatistics -Mailbox "mailbox name" | fl identity
Nothing shows up. It removed the device.
I do to my WP8 and my GalaxyS3 and refresh the mail... they sync.
running the activesyncdeviestatistics cmdlet shows they have returned!
I have repeated these steps over and over. It won't go away. I have also tried removing the device from the Exchange 2010 OWA as well as the Exchange 2010 Console. The only thing that works is wiping the device. I can't do that.

Any suggestions?
Exchange 2010 SP2
WP8
Android 4.1.2
0
mauisun
Asked:
mauisun
  • 2
1 Solution
 
AmitIT ArchitectCommented:
Disable Active Sync under mailbox properties.
0
 
peter197911Commented:
What is exactly what you want to accomplish?
No sync possible anymore with your galaxy???


I can setup  a activesync connection with multiple phones if I want to.
I think this function " Remove-ActiveSyncDevice -Identity "id goes here" " is ment to be used to cleanup AD's with their mobile devices.
So when you are not using your old Samsung anymore, the device will be in the active directory as long your account exists (and probably you can also setup a sort of cleanup system for this sort of unused devices)
If you want to cleanup your AD, you use the Remove-activesyncdevice cmd-let.



What you are looking for ( I think) is a way to block your Samsung to ActiveSync with Exchange.

See this link with info howto allow/block/quarantaine a mobile device
http://technet.microsoft.com/en-us/library/ff959225(v=exchg.141).aspx
0
 
mauisunAuthor Commented:
We are establishing a policy where users can get their exchange email on their personal phones. In the event of their departure, we would like to remove email from their phones but not completely wipe their personal data, as it is their personal phone.
0
 
peter197911Commented:
So,
You also want to remove the cached email on the personal phone?
Denying access for ActiveSync is quite easy when they loose their login credential.

Did you notice what happens when you cannot login anymore to the Exchange server?

I think I had it once (my account was disabled) and i could not see my email anymore (also not the cached ones). Maybe something went wrong on my device.

What you actually want.
- when a user leaves his account will be disabled
   -- His email stored on the personal phone should be removed.
      --- a "small" wipe of the company exchange account  would be a nice solution.

I'm not sure if this is supported in Exchange already.

My idea, but maybe there's someone else with a better solution:
solution is:   "When users sign of on the company, let them remove the email box in front of you". Tell them when they don't do this, their devices will be wiped on a short notice.  

I think there are some tools also, that can remove the exchange account access only.
http://community.spiceworks.com/pages/maas360
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now