Solved

Securing the Exchange ActiveSync 2007 ?

Posted on 2013-07-02
5
395 Views
Last Modified: 2013-07-03
What can we do to make the Exchange Server 2007 Active Sync connection secure ?

because I believe that out of the box, Exchange HT server allows anyone to connect to receive email as long as they know the HT server name and got AD credentials.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 39292824
What do you mean by secure?

By default you will be secure because you will be using SSL.

Do you want to block access unless specifically allowed?

If that is the case, you can globally disable ALL accounts using the following command:

get-mailbox | set-casmailbox -activesyncenabled:$false

Then you can manually enable a specific account using the Exchange Management Console or the shell.

Alan
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39292936
Exactly, so in this case, Exchange 2007 allows ActiveSync to be enabled by default.
what about Exchange Server 2010 or 2013 ?
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 39292979
Activesync is enabled by default on ALL versions of Exchange.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39293616
ok, so in this case after I execute the powershell script

get-mailbox | set-casmailbox -activesyncenabled:$false

Open in new window


I need to do it again everytime I created new mailbox ?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39293866
The command will disable it for ALL existing mailboxes and if you add a new one, you can run the same command again providing you have not enabled it for anyone manually.

If you have enabled some and want to keep them enabled, then you need to run:

Set-CASMailbox -Identity newuser@yourdomain.com -ActiveSyncEnabled $false
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question