none
Exchange 2013 移动设备邮箱策略怎么设置? RRS feed

答案

  • https://justaucguy.wordpress.com/2013/02/25/exchange-2013-configure-your-mobile-device-mailbox-policy/

    PowerShell

    Configuring the Mobile Policies via Powershell in Exchange 2013 is almost exactly the same as in Exchange Server 2010 and the options that can be configured are essentially the same as well.

    Below is a comparison of the options for Exchange 2010 and Exchange 2013 when it comes to configuring the ActiveSync or Mobile Device policies (depending on the Exchange version). Differences are noted by the blue text. Some that are highlighted are just named differently in the versions:

    Exchange Server 2013

    Exchange Server 2010

    -AllowBrowser -AllowBluetooth
    -AllowCamera -AllowBrowser
    -AllowConsumerEmail -AllowCamera
    -AllowDesktopSync -AllowConsumerEmail
    -AllowExternalDeviceManagement -AllowDesktopSync
    -AllowHTMLEmail -AllowExternalDeviceManagement
    -AllowInternetSharing -AllowHTMLEmail
    -AllowIrDA -AllowInternetSharing
    -AllowMobileOTAUpdate -AllowIrDA
    -AllowNonProvisionableDevices -AllowMobileOTAUpdate
    -AllowPOPIMAPEmail -AllowNonProvisionableDevices
    -AllowRemoteDesktop -AllowPOPIMAPEmail
    -AllowSimplePassword -AllowRemoteDesktop
    -AllowSMIMEEncryptionAlgorithmNegotiation -AllowSimpleDevicePassword
    -AllowSMIMESoftCerts -AllowSMIMEEncryptionAlgorithmNegotiation
    -AllowStorageCard -AllowSMIMESoftCerts
    -AllowTextMessaging -AllowStorageCard
    -AllowUnsignedApplications -AllowTextMessaging
    -AllowUnsignedInstallationPackages -AllowUnsignedApplications
    -AllowWiFi -AllowUnsignedInstallationPackages
    -AlphanumericPasswordRequired -AllowWiFi
    -ApprovedApplicationList -AlphanumericDevicePasswordRequired
    -AttachmentsEnabled -ApprovedApplicationList
    -Confirm -AttachmentsEnabled
    -DeviceEncryptionEnabled -Confirm
    -DevicePolicyRefreshInterval -DeviceEncryptionEnabled
    -DomainController -DevicePasswordEnabled
    -Identity -DevicePasswordExpiration
    -IrmEnabled -DevicePasswordHistory
    -IsDefault -DevicePolicyRefreshInterval
    -MaxAttachmentSize -DomainController
    -MaxCalendarAgeFilter -Identity
    -MaxEmailAgeFilter -IrmEnabled
    -MaxEmailBodyTruncationSize -IsDefaultPolicy
    -MaxEmailHTMLBodyTruncationSize -MaxAttachmentSize
    -MaxInactivityTimeLock -MaxCalendarAgeFilter
    MaxPasswordFailedAttempts -MaxDevicePasswordFailedAttempts
    MinPasswordComplexCharacters -MaxEmailAgeFilter
    -MinPasswordLength -MaxEmailBodyTruncationSize
    -MobileOTAUpdateMode -MaxEmailHTMLBodyTruncationSize
    -Name -MaxInactivityTimeDeviceLock
    -PasswordEnabled -MinDevicePasswordComplexCharacters
    -PasswordExpiration -MinDevicePasswordLength
    -PasswordHistory -MobileOTAUpdateMode
    -PasswordRecoveryEnabled -Name
    -RequireDeviceEncryption -PasswordRecoveryEnabled
    -RequireEncryptedSMIMEMessages -RequireDeviceEncryption
    -RequireEncryptionSMIMEAlgorithm -RequireEncryptedSMIMEMessages
    -RequireManualSyncWhenRoaming -RequireEncryptionSMIMEAlgorithm
    -RequireSignedSMIMEAlgorithm -RequireManualSyncWhenRoaming
    -RequireSignedSMIMEMessages -RequireSignedSMIMEAlgorithm
    -RequireStorageCardEncryption -RequireSignedSMIMEMessages
    -UnapprovedInROMApplicationList -RequireStorageCardEncryption
    -UNCAccessEnabled -UnapprovedInROMApplicationList
    -WhatIf -UNCAccessEnabled
    -WSSAccessEnabled -WhatIf
    -WSSAccessEnabled

    The main differences are name changes for the options and the dropping of Bluetooth in the options configuration:

    Exchange Server 2013

    Exchange Server 2010

    -AllowBluetooth
    -AllowSimplePassword -AllowSimpleDevicePassword
    -AlphanumericPasswordRequired -AlphanumericDevicePasswordRequired
    -PasswordEnabled -DevicePasswordEnabled
    -PasswordExpiration -DevicePasswordExpiration
    -PasswordHistory -DevicePasswordHistory
    -IsDefault -IsDefaultPolicy
    -MaxInactivityTimeLock -MaxInactivityTimeDeviceLock
    -MaxPasswordFailedAttempts -MaxDevicePasswordFailedAttempts
    -MinPasswordComplexCharacters -MinDevicePasswordComplexCharacters
    -MinPasswordLength -MinDevicePasswordLength

    On to configuring! First step is to create a new policy for your mobile active sync devices. The cmdlet we use here is ‘New-MobileDeviceMailboxPolicy’. Here is an example of this command used to create a new policy for your IT department:

    New-MobileDeviceMailboxPolicy -name:”IT Mobile Devices” -AlphaNumericPasswordRequired:$true -MinPasswordComplexCharacters:3 -PasswordHistory:10


    Now we have a basic policy that enforces an alphanumeric password with three types of characters and has a ten password history.

    MailboxPolicy04

    Once we have a policy created we can verify the policies that are enabled in Exchange with the Get-MobileDeviceMailboxPolicy PowerShell command:

    MailboxPolicy06

    Now let’s say that in the future you are required to change some of the settings in your policy. For example you are required to have a 15 password history and allow password recovery. For this we can use the ‘Set-MobileDeviceMailboxPolicy’:

    MailboxPolicy07

    If you need to remove a policy, simply use the Remote-MobileDeviceMailboxPolicy command:

    MailboxPolicy08



    Further Reading
    Get-MobileDeviceMailboxPolicy
    New-MobileDeviceMailboxPolicy
    Remove-MobileDeviceMailboxPolicy
    Set-ActiveSyncMailboxPolicy ***
    Set-MobileDeviceMailboxPolicy


    *** The Set-ActiveSyncMailboxPolicy cmdlet will be removed in a future version of Exchange. Use the Set-MobileMailboxPolicy cmdlet instead. If you have any scripts that use the Set-ActiveSyncMailboxPolicy cmdlet, update them to use the Set-MobileMailboxPolicy cmdlet.

    • 已标记为答案 as900 2015年12月6日 0:32
    2015年12月5日 1:22