We want to provide BYOD access to email when our hourly employees are on the clock, but don't want to allow them access when they are not punched is so we don't have to pay overtime. Our employees use Active Sync and Outlook Web Access so we want
to enforce each employees schedule on both means of getting email outside the building.
You can set the users "Logon Hours" inside their Active Directory account. This would prevent the user from authenticating outside their logon hours. To do this, from Active Directory Users and Computers, Select the User object, click "Account" tab, select
Please note, this has a greater effect than just OWA and ActiveSync. It will prevent the user from authenticating to anything outside their logon hours.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.