Exchange ActiveSync Policies

Create ActiveSync Policies

new-ActiveSyncMailboxPolicy -Name 'CEO' -AllowNonProvisionableDevices $false -DevicePasswordEnabled $true -AlphanumericDevicePasswordRequired $true -MaxInactivityTimeDeviceLock '00:15:00' -MinDevicePasswordLength '4' -PasswordRecoveryEnabled $true -RequireDeviceEncryption $true -AttachmentsEnabled $true -AllowSimpleDevicePassword $true -DevicePasswordExpiration 'unlimited' -DevicePasswordHistory '0'

new-ActiveSyncMailboxPolicy -Name 'Manager' -AllowNonProvisionableDevices $false -DevicePasswordEnabled $true -AlphanumericDevicePasswordRequired $false -MaxInactivityTimeDeviceLock '00:30:00' -MinDevicePasswordLength '7' -PasswordRecoveryEnabled $true -RequireDeviceEncryption $false -AttachmentsEnabled $true -AllowSimpleDevicePassword $true -DevicePasswordExpiration 'unlimited' -DevicePasswordHistory '0'

Assign a ActiveSync policy to users

Scenario 1: All mailboxes use the same ActiveSync policy: CEO

Get-Mailbox | Set-CASMailbox -ActiveSyncMailboxPolicy (Get-ActiveSyncMailboxPolicy "CEO").Identity

Scenario 2: Each OU is assigned its own ActiveSync policy

Get-Mailbox -OrganizationalUnit "test OU" | Set-CASMailbox -ActiveSyncMailboxPolicy (Get-ActiveSyncmailboxPolicy "CEO").Identity

Get-Mailbox -OrganizationalUnit "Albert OU" | Set-CASMailbox -ActiveSyncMailboxPolicy (Get-ActiveSyncmailboxPolicy "Manager").Identity

Scenario 3: Add a filtered mailboxes to an ActiveSync Policy

Set-Mailbox "Mary Will" -CustomAttribute1 "CEO"

Set-Mailbox "Mike Anderson" -CustomAttribute1 "CEO"

Get-Mailbox | where { $_.CustomAttribute1 -match "CEO" } | Set-CASMailbox -activesyncmailboxpolicy (Get-ActiveSyncMailboxPolicy "CEO").Identity

Sometimes, the Microsoft-Server-ActiveSync has become corrupted. You have to remove it and recreate one.

Get-ActiveSyncVirtualDirectory | fl identity,websiteName,Virtual*

Identity : TEST1\Microsoft-Server-ActiveSync (Default Web Site)
WebsiteName : Default Web Site
VirtualDirectoryName : Microsoft-Server-ActiveSync

Remove-ActiveSyncVirtualDirectory "TEST1\Microsoft-Server-ActiveSync (Default Web Site)"

New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site"

A user can synchronize its mail using any device.

Set-CASMailbox -identity "Mary Will" -ActiveSyncAllowedDeviceIDs $Null

A user can synchronize its mail using a specific device.

Set-CASMailbox -identity "Mary Will" -ActiveSyncAllowedDeviceIDs 2389445666364354353

A user can synchronize its mail using two specific devices.

Set-CASMailbox -identity "Shane Williams" -ActiveSyncAllowedDeviceIDs 88222344556563222;22334455621100