Join Brien Posey for an in-depth discussion in this video Configure mobile device mailbox policies using the Exchange Admin Center, part of Windows 10: Provision and Manage Mobile Devices.
- [Instructor] The Exchange Admin Center can be used to configure and apply ActiveSync policy settings. Right now I'm logged into the Exchange Admin Center and I'm on the recipients tab. In order to configure an ActiveSync policy, what I would do is go to the mobile tab and then go to mobile device mailbox policies. And as you can see, there is a default policy that's created when you install Exchange. To take a look at the settings within this policy, we simply select the policy and then click on the edit icon.
So this brings up the general tab, but the individual ActiveSync policy settings are on the security tab. So when I click security, you can see those policy settings. And it's worth noting that the Exchange Admin Center only shows a subset of the policy settings that are actually available. To access the others, you have to go through the Exchange Management Shell. But let's take a look at the policy settings that are available to us. There's a setting to require a password. And if you enable this setting, you can choose to allow simple passwords, you can require an alphanumeric password of a certain number of characters, you can require device encryption, a minimum password length, you can choose to wipe the device after a number of sign-in failures, you can choose to require the user to sign back in after the device has been inactive for a specific number of minutes, and you can enforce the password lifetime and the password recycle count.
You also have the option of creating additional policies, and the way that you would do that is by clicking on the new icon. I'll go ahead and do that now. And when you create a policy, you have to provide a name. I'll just call this one Mobile Policy. And you have the option of making this the default policy if you like, and there's also a checkbox that you can use to allow mobile devices that don't fully support the policy settings that you use to be able to synchronize using this policy. And then once you get beyond that, we have the same basic options that you saw a moment ago.
Require a password, allow simple passwords, et cetera. So I'm going to go ahead and save this. And you can see the new mobile policy has been created. Now, these policies have to link to recipients. So to show you how this works, I'm going to go to the recipients container, I'm going to click on an individual recipient, User5 in this case, and I'm going to click edit. And this brings up the various settings for this recipient. So I'm going to go to the mailbox features tab, and as I scroll down on this tab, you'll notice that we have a mobile devices section.
I'm going to click view details. And the first setting on the Mobile Device Details screen is the mobile device mailbox policy. Right now, User5 is configured to use the default policy. But if I wanted to configure this so that User5 uses the policy that we just created, all I would have to do is click browse, choose the Mobile Policy. That's the policy that we just created. And click okay. And now we've configured User5 to use our new mobile policy. I would then click save and save again, and now User5 is using the policy that we just created.
So that's how you use the Exchange Admin Center to create a mobile policy and to apply that policy to a user.
This course also maps to the corresponding domain within the Microsoft exam 70-696, Administering System Center Configuration Manager and Intune, and will help you prepare for MCSE certification.
- Configuring mobile device mailbox policies in Exchange
- Viewing mobile device information
- Managing ActiveSync policies with Configuration Manager
- Configuring profiles: VPN, certificate, email, and Wi-Fi
- Configuring Intune for mobile device management
- Enrolling mobile devices in MDM
- Managing devices with Intune