Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to limite mobile accesss/activesysnc only to allowed devices on office 365.

Posted on 2014-12-08
6
Medium Priority
?
209 Views
Last Modified: 2015-01-12
We have office 365 with 70 users. Up to know, anyone has been allowed to connect both company and personal devices to Exchange and setup work email. We have been using the default policy without changes.  I would like to now limit this to only company mobile devices. This means that if I need to do something that if anyone decides to setup exchange account on their phone, we would allow it and somehow know that its our phone and not personal. If I somehow get that done, what happens to the existing phones.( d0 the existing phones have to be approved ). I still have to figure out a way which existing  phone and mobile is personal or company owned as there  phone number nor the IMEI number is being listed in Exchange or powershell . Thank you,
0
Comment
Question by:netcomp
  • 3
  • 2
6 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40487865
You need to setup the Allow / Block / Quarantine configuration for mobile devices and you can do this with help from the following link:

https://support.office.com/en-gb/article/Set-up-and-manage-mobile-access-for-your-users-478a9944-ae8e-4a95-937d-11a0c5ee1b6c?ui=en-US&rs=en-GB&ad=GB

Once configured - anyone adding a device will have to be approved before being allowed to use their device.

Alan
0
 
LVL 1

Author Comment

by:netcomp
ID: 40487889
The issue is that office 365 does not show nay serial, phone,IMEI, number. How would I know if this is or company owned device. We only buy Iphones for staff, but so many others do personally as well.  
Also, if I do configure the allow/block/quarntine, what happens to existing devices? Thanks,
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40487911
When the ABQ is configured, you can configure a recipient or several recipients who will receive and email and they allow or deny the request to sync.

You should know who has been given devices and thus should know who to approve.

Existing devices will need to be disabled / disallowed from syncing or you can disable Activesync for all users other than those who have been given company devices.

The ABQ will show you the Make / Model of device trying to connect to 365 so you should be able to figure out which ones to allow or block.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:netcomp
ID: 40487975
How do i disable existing devices ? Would they be able to connect  back to Exchange again after having been disabled. ?Thanks
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 40488383
Please have a read of the following MS article for details of how to disable Activesync:

http://support.microsoft.com/kb/2795303

If Activesync is disabled for a user - they won't be able to use their mobiles as it will stop working.

You can (optionally) go through 365 and get a list of users / mobile devices that have been added and then manually delete them via OWA (logged in as each user), then you can re-enable activesync and allow the ABQ to govern access.
0
 
LVL 5

Expert Comment

by:John Christopher
ID: 40489017
As mentioned above by Alan - you can disable and same way enable by changing the $false to $true
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question