For Exchange 2013, enable ActiveSync based on AD group membership RRS feed

  • Question

  • Hi,

    May I know using FIM 2010, In Exchange 2013 - how to enable/disable ActiveSync based on AD group membership.

    Any help/suggestion would be much appreciated.

    Thanks in advance.


    Friday, June 24, 2016 4:09 PM

All replies

  • Unfortunately, ActiveSync is a permission granted in Exchange.


    You can use PowerShell to enable and disable for a particular user

    Set-CASMailbox –ActiveSyncEnabled $false –Identity

    Set-CASMailbox –ActiveSyncEnabled $true –Identity

    You could have a PowerShell workflow activity that would run these commands based on joining and leaving a set.

    David Lundell, Get your copy of FIM Best Practices Volume 1

    Friday, June 24, 2016 9:56 PM
  • You can manage ActiveSync by playing with this attribute (msExchOmaAdminWirelessEnable) or using PowerShell as David suggested.

    here's a good ref:

    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Thursday, July 7, 2016 2:35 PM
  • Taher -- I didn't know that was the attribute behind it! Thanks for sharing that tidbit.

    Here is another reference on it: that seems to indicate what values are valid and what aren't valid anymore

    David Lundell, Get your copy of FIM Best Practices Volume 1

    Thursday, July 7, 2016 4:00 PM