How to manage Exchange Server mobile devices and ActiveSync policies.

Courses
- Microsoft
  - All Microsoft
  - Azure
    - Trending Courses (Azure)
  - Power BI
    - Trending Courses (Power BI)
  - Power Platform
    - Trending Courses (Power Platform)
  - Dynamics 365
    - Trending Courses (Dynamics 365)
  - Windows 10
    - Trending Courses (Windows 10)
  - Microsoft 365
    - Trending Courses (Microsoft 365)
  - Security Engineer
    - Trending Courses (Security Engineer)
  - Microsoft Teams
    - Trending Courses (Microsoft Teams)
  - SQL Server
    - Trending Courses (SQL Server)
  - Exchange Server
    - Trending Courses (Exchange Server)
  - Solution Architect
    - Trending Courses (Solution Architect)
  - Trending Courses (Microsoft)
- Oracle
  - All Oracle
  - EBS Functional
    - Trending Courses (EBS Functional)
  - EBS Technical
    - Trending Courses (EBS Technical)
  - EBS SCM
    - Trending Courses (EBS SCM)
  - Fusion
    - Trending Courses (Fusion)
  - Financials Cloud
    - Trending Courses (Financials Cloud)
  - HCM Cloud
    - Trending Courses (HCM Cloud)
  - SCM Cloud
    - Trending Courses (SCM Cloud)
  - Sales Cloud
    - Trending Courses (Sales Cloud)
  - Procurement
    - Trending Courses (Procurement)
  - Database 19C
    - Trending Courses (Database 19C)
  - EDM
    - Trending Courses (EDM)
  - EPM
    - Trending Courses (EPM)
  - OTM
    - Trending Courses (OTM)
  - Fusion HCM
    - Trending Courses (Fusion HCM)
  - Fusion SCM
    - Trending Courses (Fusion SCM)
  - Fusion Cloud
    - Trending Courses (Fusion Cloud)
  - DRM
    - Trending Courses (DRM)
  - Apps DBA
    - Trending Courses (Apps DBA)
  - BPM
    - Trending Courses (BPM)
  - Golden Gate
    - Trending Courses (Golden Gate)
  - Exadata
    - Trending Courses (Exadata)
  - EBS
    - Trending Courses (EBS)
  - EPROC
    - Trending Courses (EPROC)
  - FCCS
    - Trending Courses (FCCS)
  - TRCS
    - Trending Courses (TRCS)
  - EPBCS
    - Trending Courses (EPBCS)
  - GTM
    - Trending Courses (GTM)
  - HRMS
    - Trending Courses (HRMS)
  - 12C
    - Trending Courses (12C)
  - PCMCS
    - Trending Courses (PCMCS)
  - Trending Courses (Oracle)
- Cisco
  - All Cisco
  - Routing & Switching
    - Trending Courses (Routing & Switching)
  - Security
    - Trending Courses (Security)
  - SD WAN
    - Trending Courses (SD WAN)
  - Enterprise
    - Trending Courses (Enterprise)
  - Meraki
    - Trending Courses (Meraki)
  - NGFW
    - Trending Courses (NGFW)
  - Network Automation
    - Trending Courses (Network Automation)
  - Cisco DevOps
    - Trending Courses (Cisco DevOps)
  - Wireless
    - Trending Courses (Wireless)
  - Cisco DevNet
    - Trending Courses (Cisco DevNet)
  - Trending Courses (Cisco)
- AWS
  - All AWS
  - Architect
    - Trending Courses (Architect)
  - Data Analytics
    - Trending Courses (Data Analytics)
  - AWS Data Science
    - Trending Courses (AWS Data Science)
  - AWS Cloud
    - Trending Courses (AWS Cloud)
  - AWS Machine Learning
    - Trending Courses (AWS Machine Learning)
  - AWS Development
    - Trending Courses (AWS Development)
  - AWS Security
    - Trending Courses (AWS Security)
  - AWS DevOps
    - Trending Courses (AWS DevOps)
  - Data Warehouse
    - Trending Courses (Data Warehouse)
  - Trending Courses (AWS)
- VMware
  - All VMware
  - vSphere
    - Trending Courses (vSphere)
  - NSX T
    - Trending Courses (NSX T)
  - vRealize
    - Trending Courses (vRealize)
  - Tanzu
    - Trending Courses (Tanzu)
  - vSAN
    - Trending Courses (vSAN)
  - Workspace ONE
    - Trending Courses (Workspace ONE)
  - Horizon
    - Trending Courses (Horizon)
  - Kubernetes
    - Trending Courses (Kubernetes)
  - Automation
    - Trending Courses (Automation)
  - Trending Courses (VMware)
- ISACA
  - All ISACA
  - Cyber Security
    - Trending Courses (Cyber Security)
  - COBIT
    - Trending Courses (COBIT)
  - IT Governance
    - Trending Courses (IT Governance)
  - IT Fundamentals
    - Trending Courses (IT Fundamentals)
  - Data Engineer
    - Trending Courses (Data Engineer)
  - Trending Courses (ISACA)
- AXELOS
  - All AXELOS
  - ITIL
    - Trending Courses (ITIL)
  - PRINCE2
    - Trending Courses (PRINCE2)
  - MSP
    - Trending Courses (MSP)
  - M o R
    - Trending Courses (M o R)
  - Trending Courses (AXELOS)
- PECB
  - All PECB
  - ISO Risk Manager
    - Trending Courses (ISO Risk Manager)
  - ISO Lead Implementer
    - Trending Courses (ISO Lead Implementer)
  - ISO Lead Auditor
    - Trending Courses (ISO Lead Auditor)
  - GDPR
    - Trending Courses (GDPR)
  - SCADA
    - Trending Courses (SCADA)
  - ISO Foundation
    - Trending Courses (ISO Foundation)
  - Trending Courses (PECB)
- EC Council
  - All EC Council
  - Ethical Hacking
    - Trending Courses (Ethical Hacking)
  - Security Operations Center
    - Trending Courses (Security Operations Center)
  - Penetration Testing
    - Trending Courses (Penetration Testing)
  - Security Engineers
    - Trending Courses (Security Engineers)
  - Security Testing
    - Trending Courses (Security Testing)
  - SIEM
    - Trending Courses (SIEM)
  - Disaster Recovery
    - Trending Courses (Disaster Recovery)
  - Block chain
    - Trending Courses (Block chain)
  - CyberSecurity
    - Trending Courses (CyberSecurity)
  - Trending Courses (EC Council)
- CompTIA
  - All CompTIA
  - CompTIA Cyber Security
    - Trending Courses (CompTIA Cyber Security)
  - CompTIA Networking
    - Trending Courses (CompTIA Networking)
  - CompTIA Data Center
    - Trending Courses (CompTIA Data Center)
  - IT Support & Help Desk
    - Trending Courses (IT Support & Help Desk)
  - CompTIA Project Management
    - Trending Courses (CompTIA Project Management)
  - CompTIA Penetration Testing
    - Trending Courses (CompTIA Penetration Testing)
  - CompTIA Data Analytics
    - Trending Courses (CompTIA Data Analytics)
  - Linux
    - Trending Courses (Linux)
  - Trending Courses (CompTIA)
- PMI
  - All PMI
  - Agile
    - Trending Courses (Agile)
  - Business Process Management
    - Trending Courses (Business Process Management)
  - PMI Project Management
    - Trending Courses (PMI Project Management)
  - Business Analysis
    - Trending Courses (Business Analysis)
  - Program Management
    - Trending Courses (Program Management)
  - Trending Courses (PMI)
- Red Hat
  - All Red Hat
  - Ansible
    - Trending Courses (Ansible)
  - System Administration
    - Trending Courses (System Administration)
  - Cloud Storage
    - Trending Courses (Cloud Storage)
  - Red Hat Linux
    - Trending Courses (Red Hat Linux)
  - JBoss
    - Trending Courses (JBoss)
  - Virtualization
    - Trending Courses (Virtualization)
  - Red Hat Security
    - Trending Courses (Red Hat Security)
  - Red Hat OpenStack
    - Trending Courses (Red Hat OpenStack)
  - Red Hat OpenShift
    - Trending Courses (Red Hat OpenShift)
  - RHEL
    - Trending Courses (RHEL)
  - Trending Courses (Red Hat)
- Coupa
  - All Coupa
  - Coupa
    - Trending Courses (Coupa)
  - Trending Courses (Coupa)
- Business Rule Engine
  - All Business Rule Engine
  - Drools
    - Trending Courses (Drools)
  - Trending Courses (Business Rule Engine)
- DevOps Institute
  - All DevOps Institute
  - SRE
    - Trending Courses (SRE)
  - Risk Management
    - Trending Courses (Risk Management)
  - VSM Foundation
    - Trending Courses (VSM Foundation)
  - Agile DevOps
    - Trending Courses (Agile DevOps)
  - DeveOps
    - Trending Courses (DeveOps)
  - Trending Courses (DevOps Institute)
- Explore All

Microsoft Articles

Table of Contents

With the increasing use of mobile devices in the workplace, Exchange Server administrators must ensure that mobile devices are secure and comply with organizational policies. Exchange Server provides a feature called ActiveSync, which enables mobile devices to synchronize with Exchange Server, allowing users to access their emails, contacts, and calendars on their mobile devices. In this blog post, we will explore how to manage Exchange Server mobile devices and ActiveSync policies.

Enabling and Configuring ActiveSync

Before we can manage mobile devices and ActiveSync policies, we need to ensure that ActiveSync is enabled and properly configured on Exchange Server.

To enable ActiveSync on Exchange Server, use the following PowerShell command:

Set-CASMailbox -Identity <MailboxID> -ActiveSyncEnabled $true
Replace <MailboxID> with the identity of the mailbox that you want to enable for ActiveSync.

To configure ActiveSync policies, use the following PowerShell command:

New-ActiveSyncMailboxPolicy -Name <PolicyName>
Replace <PolicyName> with the name of the policy that you want to create.

After you create the policy, you can configure the settings such as password requirements, device encryption, and device block or allow list.

Managing Mobile Devices

Once ActiveSync is enabled and configured, we can manage mobile devices that are connected to Exchange Server. Exchange Server provides several tools to manage mobile devices, including the Exchange Admin Center (EAC), Exchange Management Shell (EMS), and Microsoft Intune.

To manage mobile devices using EAC, follow these steps:

Open EAC and go to the Recipients > Mobile tab.
Click on the mobile device that you want to manage.
From the mobile device details page, you can view information about the device, such as the model, operating system, and last sync time.
You can also perform actions such as remote wipe, clear passcode, and block or allow the device.

To manage mobile devices using EMS, use the following PowerShell command:

Get-ActiveSyncDeviceStatistics -Mailbox <MailboxID>
Replace <MailboxID> with the identity of the mailbox that you want to view device statistics for.

This command retrieves information about the mobile devices that are connected to the mailbox, such as the device ID, device type, and device model.

To manage mobile devices using Microsoft Intune, follow these steps:

Open Microsoft Endpoint Manager Admin Center and go to Devices > All devices.
Select the mobile device that you want to manage.
From the device details page, you can perform actions such as wipe, retire, and delete the device.

ActiveSync Policies

ActiveSync policies allow administrators to enforce security policies on mobile devices that are connected to Exchange Server. ActiveSync policies can be configured at the mailbox level or the organization level.

To configure ActiveSync policies at the mailbox level, use the following PowerShell command:

Set-CASMailbox -Identity <MailboxID> -ActiveSyncMailboxPolicy <PolicyName>
Replace <MailboxID> with the identity of the mailbox that you want to configure the policy for, and <PolicyName> with the name of the policy that you want to apply.

To configure ActiveSync policies at the organization level, use the following PowerShell command:

Set-ActiveSyncOrganizationSettings -DefaultAccessLevel <Policy>
Replace <Policy> with the policy that you want to set as the default access level for all mobile devices that connect to Exchange Server.

ActiveSync policies can be configured to enforce the following security settings:

Password requirements: Enforce password length, complexity, and expiration.
Device encryption: Require devices to be encrypted.
Device block or allow list: Block or allow specific devices to connect to Exchange Server.
Remote wipe: Allow administrators to wipe the data on a mobile device that is lost or stolen.
Allow or block external devices: Allow or block devices that are not managed by the organization.

Managing ActiveSync Policies

To manage ActiveSync policies, use the following PowerShell command:

Get-ActiveSyncMailboxPolicy <PolicyName>
Replace <PolicyName> with the name of the policy that you want to view.

This command retrieves information about the policy, such as the password requirements, device encryption, and device block or allow list.

To create a new ActiveSync policy, use the following PowerShell command:

New-ActiveSyncMailboxPolicy -Name <PolicyName>
Replace <PolicyName> with the name of the policy that you want to create.

After you create the policy, you can configure the settings such as password requirements, device encryption, and device block or allow list.

To apply the ActiveSync policy to a mailbox, use the following PowerShell command:

Set-CASMailbox -Identity <MailboxID> -ActiveSyncMailboxPolicy <PolicyName>
Replace <MailboxID> with the identity of the mailbox that you want to apply the policy to, and <PolicyName> with the name of the policy that you want to apply.

Conclusion

Managing mobile devices and ActiveSync policies in Exchange Server is essential to ensure the security of organizational data. Exchange Server provides several tools, including EAC, EMS, and Microsoft Intune, to manage mobile devices. ActiveSync policies can be configured at the mailbox level or the organization level and can enforce security settings such as password requirements, device encryption, and device block or allow list. By properly managing mobile devices and ActiveSync policies, Exchange Server administrators can ensure that organizational data is secure and compliant with organizational policies.