Maas360/Exchange 2010 Blocking Device...

My android device is misbehaving still.  Its a maas360 managed device and i think this is the cause of the problems, not exchange.

But, I see today in my OWA settings:
Access set by:      Security Policy Application

Maas shows:
Mailbox Approval State
Approved (Approval Pending)

Nothing has changed.

So i am wondering what policy this is and how to fix it!?

Thanks
LVL 1
CHI-LTDAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rodney BarnhardtServer AdministratorCommented:
So, just to confirm, you have approved the device in Exchange? Even though you use MaaS 360, Exchange 2010 will quarantine the device. Usually, the configured administrator will receive an email stating the device has been blocked with a link to authorize or approve the device. Unless, there has been a default "accept" policy created on Exchange to allow that type of device.
0
CHI-LTDAuthor Commented:
I have just manually approved it.
A few days ago i had the blocked email and managed to get tit sync'd up ok, in the end...

The policy has 'allow non provisioned devices ticked'
0
Rodney BarnhardtServer AdministratorCommented:
Yes, but unfortunately Exchange 2010 has its own blocking capability. From my understanding, Fiberlink is working with Microsoft to be able to automatically approve the device on the Exchange side. This started with one of the service packs, I am not sure which one, but it was not a problem with Exchange 2007. We started running into it after we migrated to 2010.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Rodney BarnhardtServer AdministratorCommented:
While we have not done it, you can create a device profile\policy on Exchange to automatically approve specific devices. This goes into how to create a rule for a family of devices.

http://blogs.technet.com/b/exchange/archive/2010/11/15/3411539.aspx
0
CHI-LTDAuthor Commented:
I have tried this...
Doesn't seem to quarantine or block my ipad for example...  or at least i don't see the device quarantined or get an email from admin...
0
Rodney BarnhardtServer AdministratorCommented:
That is strange because we have a combination of IOS devices and BB 10's. It does not matter what the device is, it gets blocked on Exchange and we have to authorize it.
0
CHI-LTDAuthor Commented:
because you have a rule set or because exchange is using a default setting/rule somewhere?

are you locking the devices down much?
0
Rodney BarnhardtServer AdministratorCommented:
We uses MaaS on our IOS devices to block some applications link DropBox. This way no corporate data gets place on services like that. We also force things like MaaS has to be on the device, password protect the device, it cannot be jail broken, etc. We also publish some apps for the devices. We block everything from the beginning to prevent someone from just placing their personal device on ActiveSync. They have to sign a document before personal devices are added.
0
CHI-LTDAuthor Commented:
sounds similar to how we have deployed it.

Are you using exchange policies too?
0
CHI-LTDAuthor Commented:
looks like maas have issues as i haven't touched anything since and today its sync'ing..
there seems to be a number of android devices found on the portal that could be conflicting..
0
Rodney BarnhardtServer AdministratorCommented:
No, we are not using any Exchange Policies. As far as MaaS, we haven't really experienced any problems. However, I have not managed any Android devices. We only allow IOS and Blackberry devices. Our security department does not permit any Android devices to connect to our network. They feel they are to prone to the applications possibly having malware.
0
CHI-LTDAuthor Commented:
It looking like a bug in their portal...

at least, its syncing fine today.
0
Rodney BarnhardtServer AdministratorCommented:
We do periodically see sync issues with ActiveSync devices, even the new BB 10's which are not managed by MaaS. MS has a whole KB on why some of this happens.

http://support.microsoft.com/kb/2563324

There are apparently some "fixes" for ActiveSync in SP3 for Exchange 2010 although we have not installed it yet.
http://blogs.technet.com/b/exchange/archive/2013/05/29/released-update-rollup-1-for-exchange-server-2010-sp3.aspx

Depending on your Exchange 2010 patch level, there were some fixes for synchronization put in rollup 3 for Exchange 2010 SP1
http://www.techrepublic.com/blog/google-in-the-enterprise/troubleshooting-android-activesync-problems-with-exchange-2010/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CHI-LTDAuthor Commented:
back to square one.  same device, wiped and enrolled for new user isn't working (in terms of activesync in workplace)
0
Rodney BarnhardtServer AdministratorCommented:
You should be able to contact Fibrelink for any issues or assistance. Particularly, if you are a new customer. We really have seen no issues with this. We really have had no issues with the product. However, is the device still attached to the former user in Exchange? That may cause an issue.
0
CHI-LTDAuthor Commented:
Sure, have case open with them.

Yes, the device is still listed on exchange as my device, not the new users...

This is where and why it could prove flakey, as im sure i removed activesync on my account and in maaas.!
0
CHI-LTDAuthor Commented:
Well we still are having issues with the demo/test.

The device simply fails to sync reliably in the workplace email area of the device.
However native AS works fine with exchange/device..

Any other solutions out there that is similar price and spec?
0
Rodney BarnhardtServer AdministratorCommented:
There are many out there, I am not sure on pricing since we have used MaaS for several years. If you have Citrix, they have a new MDM solution that we are going to test since we already have enterprise licensing with them. Here is a list of those on the market. Also, according to this, there are currently only a limited number that support IOS 7 if you have any users that have iPhones and have upgraded.

http://www.enterpriseios.com/wiki/Comparison_MDM_Providers

It does look like Airwatch does seem to have comparable pricing.
http://www.air-watch.com/pricing
0
CHI-LTDAuthor Commented:
thanks for the info.
looks like a maas issue and going to test a little longer...
0
Jesse MoraNetwork AdministratorCommented:
It's 2015 and we are getting similar issues regarding this. I am not sure if this issue has been solved. What we started to use in our case is MS Outlook for Android and it works flawlessly.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.