ActiveSync help
hi,
I posted this in another section, but I didn't get any bites....hoping someone can help......below is whati posted
have been asking to setup Active-Sync in our Exchange organization.....we are using Exchange 2007 SP1.....I have never previously setup active-sync........speaking with an associate I was told that with Active-Sync, first you need to manually install a certificate on the device......and also, you the user must save his/her network username and password in the device to get emails to direct push? Talk about a security risk.
Is this info correct? From what I was reading, i thought as long as I have a trusted certificate, and set the external url to that, the certificate wouldnt have to be manually installed.
The username and password saving also concerns me....what happens when the password needs to be changed? we require new passwords every 60 days
August 23rd, 2008 7:02pm
Hi,
Yes this is correct you first need to get the certificate on the device. This needs to be done manually. Then the user credentials need to be saved to enable direct push.
Another option is to authenticate a uservia a certificate this is a little bit more complicated then just typing in the credentials.
About the security issue you mentioned, in Exchange 2007 there is an option to set a
MaxInactivityTimeDeviceLock here you can define maximuminactive time. If you define a time of 15 minutes then the user has to reauthenticate after 15 minutes with his pin.
About the password changing if a password needs to be changed I am not sure how this is actually done but I think it should be done via the owa or a desktop/laptop.
Regards,
Johan
visit my site: http://www.johanveldhuis.nl
Free Windows Admin Tool Kit Click here and download it now
August 23rd, 2008 9:44pm
Hi,
Johan's answer is cool. Here is a article for your reference:
Exchange 2007: Deploying Exchange ActiveSync
http://technet.microsoft.com/en-us/library/aa995962.aspx
Thanks,
Elvis
August 26th, 2008 12:53pm
Hi,First I would like to update some information regarding Certificates, If you are using public certificate like versign or entrust.Then you need not import it to mobile device, If you use internal CA certificate then you need to import CA Chain in device.Second thing about storing user name and password, if you are storing user name and password, it secured coz information is send using encryption (Cert6ificate used on exchange).You can event set the password policy.Incase mobile is lost by user, you can wipe it out using ESM........ Abhishek
Free Windows Admin Tool Kit Click here and download it now
March 12th, 2009 9:05pm