Applies to: Exchange Server 2007
Topic Last Modified: 2007-06-21
Use the New Policy page in the New Exchange ActiveSync Mailbox Policy Wizard to create a new Exchange ActiveSync mailbox policy.
|You can also use the Exchange Management Shell to create a new Exchange ActiveSync mailbox policy. For more information, see New-ActiveSyncMailboxPolicy (RTM).|
To perform this procedure, the account you use must be delegated the following:
- Exchange Recipient Administrator role
For more information about permissions, delegating roles, and the rights that are required to administer Exchange Server 2007, see Permission Considerations.
A mobile mailbox policy holds a group of settings for Microsoft Exchange ActiveSync. These settings include password, encryption, and attachment settings.
- Mailbox policy name
Use this field to create a unique name for the policy.
- Allow non-provisionable devices
Select this option to allow devices that cannot be provisioned automatically.
- Allow attachments to be downloaded to device
Select this option to allow attachments to be downloaded to the device.
- Require password
Select this option to require that users enter a password when they access their device. Then select from the following options:
- Require alphanumeric password Select
this option to require that the device password include non-numeric
- Enable password recovery Select this
option to enable password recovery for the mobile device. Users can
use Outlook Web Access to look up their recovery password and
unlock their device. Administrators can use the Exchange Management
Console to look up a user's recovery password.
- Require encryption on device Select
this option to require device encryption. This increases security
by encrypting all information about the device in addition to any
- Allow simple password Select this option to allow simple
passwords such as 1111 to be used on the device.
- Minimum password length Select this
option to specify a minimum length for the device password. Longer
passwords can provide increased security. However, they can
decrease device usability.
- Time without user input before password must be
re-entered When a device password is required,
you can select this option to prompt the user for the password
after the device has been inactive for a specified period of time.
For example, if this option is set to 15 minutes, the user will
have to enter the device password every time that the device has
not been used for 15 minutes or longer. If the device sits idle for
10 minutes, the user will not have to re-enter the password.
- Password expiration (days) Select this option and enter
a value to specify how frequently the device password will
- Enforce password history Enter a value in this text box
to specify the number of past passwords stored in Active Directory.
When a user creates a new password, they cannot reuse one of the
- Require alphanumeric password Select this option to require that the device password include non-numeric characters.
For More Information
For more information about Exchange ActiveSync mailbox policies, see the following topics: