Best Practice to only allow Company phones on Exchange Server

Hello,

I've read a few articles but am looking for the best practice or best solution to block non company phones from our exchange server (2012). We utilize android devices, and only want approved devices to access email (no iphone, ipad, etc). Is there a good way to do this using just exchange? We are looking into Airwatch as an mdm as well.

Thank You for your time.
Michael CerliniAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jose Gabriel Ortega CastroCEOCommented:
There's no such a thing as "Exchange Server 2012".

The versions are here:
https://technet.microsoft.com/en-us/library/hh135098%28v=exchg.150%29.aspx

Exchange server 2010, 2013 or 2016.
2012 is the Operating system, and that's a different history (Windows server 2008r2,2012,2012r2 and 2016).


For exchange 2010 you can have something like this:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-phone/cc182235(v=technet.10)

And for exchange server 2013 or 2016:
https://practical365.com/exchange-server/exchange-best-practices-device-encryption-for-mobile-devices/
And
Enforce password on the device. (also in that link).
0
Michael CerliniAuthor Commented:
I apologize, I meant to type Windows Server 2012 and Exchange 2013, Possible Implementation of Airwatch as our MDM.  I read the articles but not 100% sure this will solve our problem, I will do some testing today, thanks for the quick reply.
0
Jose Gabriel Ortega CastroCEOCommented:
I don't know Airwatch, sorry.
0
Jackie ManIT ManagerCommented:
Is there a good way to do this using just exchange?

Yes. But you need to manually allow them one by one.

You have to enable Quarantine for Mobile devices in Exchange Server 2013.

http://itprocentral.com/how-to-enable-quarantine-for-mobile-devices-in-ex2013/

Before enabling the quarantine policy, you can whitelist the mobile devices owned by your company using cmdlet command.

https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365legacy-mso_mobaccess/commands-to-whitelist-the-device-before-applying/67016436-54ab-4208-9e8b-5c6081bc15cf?auth=1
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Seth SimmonsSr. Systems AdministratorCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Jackie Man (https:#a42440109)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.