Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.19
  3. Managing email, calendar, and contacts
  4. Controlling which devices can access Exchange ActiveSync for work email and organizer data
  5. Configure Microsoft Exchange to allow only authorized devices to access Exchange ActiveSync

Configure
Microsoft Exchange
 to allow only authorized devices to access
Exchange ActiveSync

You must configure
Microsoft Exchange Server
 to allow only authorized devices to access
Exchange ActiveSync
. Devices for existing users that are not explicitly added to the allowed list in
Microsoft Exchange
 must be quarantined until
BlackBerry UEM
 allows them access.
To perform this task, you must be a
Microsoft Exchange
 administrator with the appropriate permissions for the Set-ActiveSyncOrganizationSettings command. Visit technet.microsoft.com to find more information about the command and managing devices that access
Exchange ActiveSync
.
  • Verify with your
    Microsoft Exchange
     administrator whether or not there are any users currently using
    Exchange ActiveSync
    . If your organization’s default access level for
    Exchange ActiveSync
     is set to allow, and you have users set up and successfully synchronizing their devices, you must make sure that these users have a personal exemption or device rule associated to their user account or device before you set the default access level to quarantine. If they do not, then they are quarantined and their devices do not synchronize until they are allowed by
    BlackBerry UEM
    . For more information about setting the default access level for
    Exchange ActiveSync
     to quarantine, visit support.blackberry.com/community to read article 36800.
  1. On a computer that hosts the
    Microsoft Exchange Management Shell
    , open the
    Microsoft Exchange Management Shell
    .
  2. Type
    Set-ActiveSyncOrganizationSettings –DefaultAccessLevel Quarantine
    . Press ENTER.