Skip Navigation

Configure
Microsoft Exchange
to allow only authorized devices to access
Exchange ActiveSync

You must configure
Microsoft Exchange Server
to allow only authorized devices to access
Exchange ActiveSync
. Devices for existing users that are not explicitly added to the allowed list in
Microsoft Exchange
must be quarantined until
BlackBerry UEM
allows them access.
To perform this task, you must be a
Microsoft Exchange
administrator with the appropriate permissions for the Set-ActiveSyncOrganizationSettings command. Visit technet.microsoft.com to find more information about the command and managing devices that access
Exchange ActiveSync
.
  • Verify with your
    Microsoft Exchange
    administrator whether or not there are any users currently using
    Exchange ActiveSync
    . If your organization’s default access level for
    Exchange ActiveSync
    is set to allow, and you have users set up and successfully synchronizing their devices, you must make sure that these users have a personal exemption or device rule associated to their user account or device before you set the default access level to quarantine. If they do not, then they are quarantined and their devices do not synchronize until they are allowed by
    BlackBerry UEM
    . For more information about setting the default access level for
    Exchange ActiveSync
    to quarantine, visit support.blackberry.com/community to read article 36800.
  1. On a computer that hosts the
    Microsoft Exchange Management Shell
    , open the
    Microsoft Exchange Management Shell
    .
  2. Type
    Set-ActiveSyncOrganizationSettings –DefaultAccessLevel Quarantine
    . Press ENTER.