If you’re an Exchange admin happy about how Exchange ActiveSync (EAS) just hums along with mobile devices supporting the EAS protocol, and the multitude of devices that can now access Exchange without any admin intervention (OTA device activation and all that…), but also unhappy about the multitude of devices that can now access Exchange without any admin intervention, there’s news for you.
Yes, you can enable or disable EAS per-device. Yes, you also prevent unprovisionable devices (you know the ones… ) from connecting. But how do you have some REAL control over devices trying to connect to your Exchange 2010 and later servers? How do you, for instance, allow devices of a specific device model or family to access Exchange but block other devices? Can you set up a default device access policy which can allow, block or quarantine (and therefore the acronym, ABQ) new devices?
To find out more, head over to Controlling Exchange ActiveSync device access using the Allow/Block/Quarantine list on the Exchange team blog.
{ 2 comments… read them below or add one }
I have an array of CAS servers on my primary site.Do I need to put the ABQ list on all the CAS servers or putting it on one will automatically replicate it to all the CAS servers in the array.
Client Access Servers are stateless for the most part. Exchange configuration details, including Allow/Block/Quarantine details, are stored in Active Directory and thus accessible by all CAS servers in the organization.