?
Solved

O365 Permissions = EAS Device Quarantine Question

Posted on 2014-02-25
2
Medium Priority
?
1,277 Views
Last Modified: 2014-03-12
We are wanting to allow our local helpdesk technicians at each of our sites to have the ability to look at users ActiveSync devices thru the O365 tenant portal. By default we quarantine all EAS devices and manually allow/block or delete device access requests.

These users don't have any admin access on the tenant. As mentioned, we JUST want them to have permission to quarantine/unquarantine user devices via the web interface as they wouldn't have powershell access. They shouldn't have access edit any mailbox features other that the mobile devices for users.

How is this managed? Please provide as granular details as possible and perhaps specific how to's.

I assume a new Role and permissions would required? Then users of the local helpdesk be added?

Thanks in advance.
0
Comment
Question by:GCTTechs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 43

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 1000 total points
ID: 39885261
You can use the Exchange RBAC. If you want them to ONLY have access to allow/block devices, you can create a custom Role  the cmdlet you need is "Set-CasMailbox" cmdlet.

Here are some articles to get you started:

http://technet.microsoft.com/en-us/library/dd298183(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/dd298043.aspx

And here is a suitable example that will work in your case:

http://blogs.technet.com/b/exchange/archive/2012/09/12/rbac-walkthrough-of-creating-a-role-that-can-wipe-activesync-devices.aspx
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 1000 total points
ID: 39886026
In order to manage quarantined devices, they must be assigned the "Organization Client Access" administrator role as well as one of the following:

View-Only Recipients
User Options
or
Mail Recipients

Full documentation about this is here:
http://help.outlook.com/en-us/140/Ff969895.aspx

Jeff
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft is moving in-place eDiscovery & hold from ECP to EOP console under Content Search in Search and Investigation Options.  In this post, I will be showing you how to export emails to a PST file using the Content Search Options.
New style of hardware planning for Microsoft Exchange server.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question