Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2011-03-19

You can use the New Exchange ActiveSync Mailbox Policy wizard to create a new Exchange ActiveSync mailbox policy. An Exchange ActiveSync mailbox policy contains a variety of settings, including password settings, attachment settings, and device settings.

Looking for other management tasks related to mobile phones? Check out Managing Exchange ActiveSync Devices.

Prerequisites

The Client Access server role has been installed on an Exchange Server 2010 computer.

What Do You Want to Do?

Use the EMC to create an Exchange ActiveSync mailbox policy

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Exchange ActiveSync mailbox policy settings" entry in the Client Access Permissions topic.

  1. In the console tree, navigate to Organization Configuration > Client Access.

  2. Select the Exchange ActiveSync Mailbox Policies tab and then, in the action pane, click New Exchange ActiveSync Mailbox Policy.

  3. On the New Exchange ActiveSync Mailbox Policy page, enter a Mailbox policy name, and then choose from a variety of options including the following:

    • Allow non-provisionable devices   Select this check box to allow mobile phones that can't be provisioned automatically. These mobile phones may be unable to enforce all the Exchange ActiveSync policy settings. By selecting this box, you are allowing these mobile phones to synchronize even though all policy settings may not be applied.

    • Allow attachments to be downloaded to device   Select this option to allow attachments to be downloaded to the mobile phone. If selected, files that are attached to synchronized e-mail messages can be downloaded to the mobile phone. Users must select the attachment to mark it for download. After the attachment is selected, it's downloaded at the next scheduled synchronization for users who don't have Direct Push. For users who have Direct Push, the attachment is downloaded immediately.

    • Require password   Select this option to require users to enter a password to access information on their mobile phones. If you select this option, you can also select a variety of other password options, including settings for password length, password time-out settings, and password recovery.

  4. The Completion page will confirm whether your new Exchange ActiveSync mailbox policy was successfully created and will also display the syntax for the New-ActiveSyncMailboxPolicy cmdlet.

Use the Shell to create an Exchange ActiveSync mailbox policy

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Exchange ActiveSync mailbox policy settings" entry in the Client Access Permissions topic.

This example creates a new Exchange ActiveSync mailbox policy that requires a password of four characters, encryption, and also a new password every 30 days.

Copy Code
New-ActiveSyncMailboxPolicy -Name 'All Users' -AllowNonProvisionableDevices $false -DevicePasswordEnabled $true -AlphanumericDevicePasswordRequired $false -MaxInactivityTimeDeviceLock '00:15:00' -MinDevicePasswordLength '4' -PasswordRecoveryEnabled $false -RequireDeviceEncryption $true -AttachmentsEnabled $true -AllowSimpleDevicePassword $true -DevicePasswordExpiration '30.00:00:00' -DevicePasswordHistory '0'

Other Tasks

In addition to using the New Exchange ActiveSync Policy wizard, you may also want toPerform a Remote Wipe on a Mobile Phone.

For More Information