We are doing a risk assessment of certain security settings on a number of our key systems, including 3 internal 2010 exchange servers. on each server, we can go to the exchange management console and view the active sync policies within organization configuration > client access > exchange ActiveSync mailbox policies. There are some concerns about the active sync policies set here. However, the admin has shown some completely contradictory AS policies set in some sort of web admin console (exchange control panel? > phone & video > ActiveSync access?). How can we tell which policies are taking effect, or whether both are valid. Or can policies set via either management console, if so which takes precedent and overrules the other?