Link to home
Start Free TrialLog in
Avatar of Tyler Brooks
Tyler BrooksFlag for Canada

asked on

Disable remote wipe capability in Exchange 2019

I'm configuring an Exchange 2019 server for a client and the business owner saw the permission request for mobile device wipe when setting up the email on his phone. He is now insisting that he doesn't want his phone to be able to be wiped from the server. I've emphasized to him that this has been a feature of Exchange since at least 2010, and that it's an important security feature but he is adamant.

As far as I'm aware there isn't anyway to actually prevent the server from being able to do this short of having him connect IMAP which I don't want to even bring up.

Am I correct in this or is there something I've overlooked?
Avatar of Saif Shaikh
Saif Shaikh
Flag of India image

Use Exchange Online PowerShell to wipe a user's phone
You can use the Clear-MobileDevice cmdlet in Exchange Online PowerShell to wipe a user's phone.

The following command wipes the device named WM_TonySmith and sends a confirmation message to admin@contoso.com.

PowerShell

Clear-MobileDevice -Identity WM_TonySmith -NotificationEmailAddresses "admin@contoso.com"


OR you can use ECP to do the wipe.

Select the user mailbox and click on ‘View details’.

You will be seeing the devices the user has used to connect through ActiveSync protocol. Select the device and click on details to find out more information about the device including last sync date and time. This will be helpful to find out which devices are being used by user currently to access corporate emails.

To wipe a device such as smartphone iPhone or Android or tablet like iPad and Samsung Android tablet, select the device and click Wipe option.

Remember: This normal wipe from Exchange 2013/2016 control panel will wipe the entire phone/tablet and reset the device to factory default. This is not a selective wipe to erase only company data. It will erase company data/emails and also all the other personal data on the phone to reset factory defaults.

The wipe will be initiated once the device tries to connect mail server. As the warning message says, it will erase the all data on the phone/tablet.
Avatar of Tyler Brooks

ASKER

Saif, I'm trying to disable the capability to wipe the phone from the server. I know how to do it for clients who want it, what I'm asking is how do I prevent the server from being able to wipe users phones?
I don't think the server does it on it';s own.
Sorry I mis-spoke, I don't want an Exchange admin on the server to be able to wipe users phones.
ASKER CERTIFIED SOLUTION
Avatar of Tyler Brooks
Tyler Brooks
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Ok Well that fines. Education is always necessary cause at times people try to change the DESIGN.