Albert Widjaja
asked on
How to prevent device connecting to Exchange Server using Active Sync ?
Hi,
How is it possible to prevent non approved device to connect to the Exchange Server 2007 using Active Sync ?
How is it possible to prevent non approved device to connect to the Exchange Server 2007 using Active Sync ?
Setup active sync policy. Read more here http://blogs.technet.com/b/exchange/archive/2007/05/23/3402905.aspx
Hello,
Please refer the below link..
http://www.msexchange.org/articles-tutorials/exchange-server-2007/mobility-client-access/uncovering-exchange-activesync-enhancements-exchange-server-2007-service-pack-1.html
Do let us know if you are looking to block particular device using active sync.
Please refer the below link..
http://www.msexchange.org/articles-tutorials/exchange-server-2007/mobility-client-access/uncovering-exchange-activesync-enhancements-exchange-server-2007-service-pack-1.html
Do let us know if you are looking to block particular device using active sync.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
well yes,
I'd like to use the existing Threat Management Gateway 2010 Standard to allows only Phone and iPad.
is that possible ? my HT-CAS server are Unicast NLB clustered in the internal zone, the TMG 2010 is in DMZ-I would that be working ?
I'd like to use the existing Threat Management Gateway 2010 Standard to allows only Phone and iPad.
is that possible ? my HT-CAS server are Unicast NLB clustered in the internal zone, the TMG 2010 is in DMZ-I would that be working ?
ASKER
is it possible to enforce globally which device that are registered can be allowed for the existing Active Sync while blocking the rest ?
Check below link...
http://blogs.technet.com/b/exchange/archive/2010/11/15/3411539.aspx
Do let us know if further assistance required..
http://blogs.technet.com/b/exchange/archive/2010/11/15/3411539.aspx
Do let us know if further assistance required..
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
you can enabled the ABQ list in your organization , below article for your reference
http://blogs.technet.com/b/exchange/archive/2010/11/15/3411539.aspx
http://blogs.technet.com/b/exchange/archive/2010/11/15/3411539.aspx
ASKER
@SreRaj: thanks for the advice, how can I do this in TMG 2010 ?
@vijayhakcers: I'm using Exchange Server 2007 so I guess the ABQ is irrelevant.
@vijayhakcers: I'm using Exchange Server 2007 so I guess the ABQ is irrelevant.
Hi
I didnt notice , Exchange 2007
If Exchange 2007
New-ActiveSyncDeviceAccess Rule -QueryString "iOS 6.1 10B142" -Characteristic DeviceOS -AccessLevel Block
I didnt notice , Exchange 2007
If Exchange 2007
New-ActiveSyncDeviceAccess
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thanks all !
ASKER
SreRaj,
Does in this case I will have to run the powershell to disable the ActiveSync in a regular basis in case there is new user created ?
Does in this case I will have to run the powershell to disable the ActiveSync in a regular basis in case there is new user created ?
That is not required. This rule works by analyzing headers and it will block all the traffic which meets the signature configured.
ASKER
Ok cool, so in this case I can then just add the new device signature as it is available to allow it.
Rule will be blocking the devices whose signatures are added. So if you want to allow a particular type of device, for example all Nokia devices, then you should remove the signature "Nokia" from the rule.