Configure Microsoft
Exchange to allow only authorized devices to access Exchange ActiveSync
Microsoft
Exchange
to allow only authorized devices to access Exchange ActiveSync
You must configure
Microsoft Exchange
Server
to allow only authorized devices to access Exchange ActiveSync
. Devices for existing users that are not explicitly added to the allowed list in Microsoft
Exchange
must be quarantined until BlackBerry UEM
allows them access.Only one email client can be allowed for each device. The priority for allowing email applications is as follows:
- Email applications with App config that contains Exchange Server allowed data (only for Android Enterprise or Samsung KNOX Play for Work
- BlackBerry Work
- Email client in which EAS ID is sent during enrollment
To perform this task, you must be a
Microsoft
Exchange
administrator with the appropriate permissions to configure the Set-ActiveSyncOrganizationSettings. For information about how to allow only authorized devices to access Exchange ActiveSync
, visit technet.microsoft.com to read article Enable a Device for
.Exchange ActiveSync
- Verify with yourMicrosoft Exchangeadministrator whether or not there are any users currently usingExchange ActiveSync.
- If your organization’s default access level forExchange ActiveSyncis set to allow, and you have users setup and successfully synchronizing their devices, you must make sure that these users have a personal exemption or device rule associated to their user account or device before you set the default access level to quarantine. If they do not, then they are quarantined and their devices do not synchronize until they are allowed byBlackBerry UEM. For more information about setting the default access level forExchange ActiveSyncto quarantine, visit support.blackberry.com/community to read article 36800.
- On a computer that hosts theMicrosoft Exchange Management Shell, open theMicrosoft Exchange Management Shell.
- TypeSet-ActiveSyncOrganizationSettings –DefaultAccessLevel Quarantine. Press ENTER.