?
Solved

exchnage, active sync

Posted on 2016-10-06
10
Medium Priority
?
135 Views
Last Modified: 2016-10-07
what are the security requirements we require for mobile device connections to exchange email for exchange 2007 having outlook 2007 and above
0
Comment
Question by:pramod1
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 17

Expert Comment

by:Ivan
ID: 41832584
What do you mean?

Mobile device like mobile phones, or you are referring to mobile computers, like computers from people that work in field?

Regards,
Ivan.
0
 
LVL 32

Expert Comment

by:Scott C
ID: 41832589
All you should need is a valid cert from a CA and an Exchange server.

Though you are going to want to consider upgrading your Exchange.   2007 is very quickly nearing it's EOL support cycle.
0
 
LVL 17

Expert Comment

by:Todd Nelson
ID: 41832642
SSL would be my recommended requirement.

Agree with ScottCha.  This environment really should be transitioned to Exchange 2010 and Office 2010 (at a minimum) or migrated to O365.

And support for Office 2007 is scheduled to expire on 10 Oct 2017 (one year from now) ... https://support.microsoft.com/en-us/lifecycle/search/?p1=8753
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:pramod1
ID: 41832712
I have this attached figure for active sync mobile policies on 0365

do we have such security options for mobiles ( exchange active sync) which are used for exchange 2007

like password length, number of sign in failures etc.
capture.png
0
 
LVL 17

Expert Comment

by:Ivan
ID: 41832747
Yes, you do.

Here is a list of options on Exchange 2007: https://blogs.technet.microsoft.com/exchange/2007/05/23/exchange-2007-activesync-policies/

Regards,
Ivan.
0
 

Author Comment

by:pramod1
ID: 41833519
but ivan, how would I know if these policies are applied to users
0
 
LVL 17

Expert Comment

by:Ivan
ID: 41833524
Hi,

you would go to user mailbox, and in properties --> mailbox features --> ActiveSync --> you can see what policy is applied to that user.

More on that: https://technet.microsoft.com/en-us/library/aa997929(v=exchg.80).aspx

Picture is attached.

Regards,
Ivan.
policy.jpg
0
 

Author Comment

by:pramod1
ID: 41833545
it says default policy

how can I find what are in defaults
0
 
LVL 17

Expert Comment

by:Ivan
ID: 41833559
Follow this guide to get to default policy, and see what is in it.

Link: https://technet.microsoft.com/en-us/library/aa995989(v=exchg.80).aspx

Regards,
Ivan.
0
 
LVL 17

Accepted Solution

by:
Todd Nelson earned 2000 total points
ID: 41833668
These are screenshots of the default EAS policy...

eas0.png
eas1.png
eas2.png
eas3.png
eas4.png
eas5.png

And here is the text output of that same policy...

[PS] C:\>Get-ActiveSyncMailboxPolicy | fl


AllowNonProvisionableDevices             : True
AlphanumericDevicePasswordRequired       : False
AttachmentsEnabled                       : True
DeviceEncryptionEnabled                  : False
RequireStorageCardEncryption             : False
DevicePasswordEnabled                    : False
PasswordRecoveryEnabled                  : False
DevicePolicyRefreshInterval              : unlimited
AllowSimpleDevicePassword                : True
MaxAttachmentSize                        : unlimited
WSSAccessEnabled                         : True
UNCAccessEnabled                         : True
MinDevicePasswordLength                  : 4
MaxInactivityTimeDeviceLock              : 00:15:00
MaxDevicePasswordFailedAttempts          : 8
DevicePasswordExpiration                 : unlimited
DevicePasswordHistory                    : 0
IsDefaultPolicy                          : True
AllowStorageCard                         : True
AllowCamera                              : True
RequireDeviceEncryption                  : False
AllowUnsignedApplications                : True
AllowUnsignedInstallationPackages        : True
AllowWiFi                                : True
AllowTextMessaging                       : True
AllowPOPIMAPEmail                        : True
AllowIrDA                                : True
RequireManualSyncWhenRoaming             : False
AllowDesktopSync                         : True
AllowHTMLEmail                           : True
RequireSignedSMIMEMessages               : False
RequireEncryptedSMIMEMessages            : False
AllowSMIMESoftCerts                      : True
AllowBrowser                             : True
AllowConsumerEmail                       : True
AllowRemoteDesktop                       : True
AllowInternetSharing                     : True
AllowBluetooth                           : Allow
MaxCalendarAgeFilter                     : All
MaxEmailAgeFilter                        : All
RequireSignedSMIMEAlgorithm              : SHA1
RequireEncryptionSMIMEAlgorithm          : TripleDES
AllowSMIMEEncryptionAlgorithmNegotiation : AllowAnyAlgorithmNegotiation
MinDevicePasswordComplexCharacters       : 3
MaxEmailBodyTruncationSize               : unlimited
MaxEmailHTMLBodyTruncationSize           : unlimited
UnapprovedInROMApplicationList           : {}
ApprovedApplicationList                  : {}
AllowExternalDeviceManagement            : False
MailboxPolicyFlags                       : 0
AdminDisplayName                         :
ExchangeVersion                          : 0.1 (8.0.535.0)
Name                                     : Default
DistinguishedName                        : CN=Default,CN=Mobile Mailbox Policies,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=d1,DC=com
Identity                                 : Default
Guid                                     : 53e4840b-9bff-47de-a23a-e548935766f1
ObjectCategory                           : contoso.com/Configuration/Schema/ms-Exch-Mobile-Mailbox-Policy
ObjectClass                              : {top, msExchRecipientTemplate, msExchMobileMailboxPolicy}
WhenChanged                              : 8/21/2015 7:14:51 PM
WhenCreated                              : 8/21/2015 7:14:51 PM
OriginatingServer                        : server1.contoso.com
IsValid                                  : True



[PS] C:\>

Open in new window

0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
Will the future of mobile app development include the same trends as those most relevant today? Find out by checking out the 7 trends of the future.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses

755 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question