Is there a way to block a specific Device ID in Exchange 2010 ActiveSync
I know you can block device types and device families but how about a specific device ID. Have a user that was termed back in April of 2014. The mailbox is long gone and the AD account was deleted but yet the mobile device continues to pound the Exchange server with ActiveSync hits. Apparently the user never deleted the AS profile on the mobile device. I am at a loss as to how to stop it. Any suggestions other than track the user down and insist they delete the AS profile. My FW guy tells me there is nothing he can do.
November 23rd, 2014 5:32am

Hi,

Please try to run following command to block specific device ID.

Set-CASMailbox -Identity: "EmailAlias" -ActiveSyncBlockedDeviceIDs: "<DeviceID_1>","<DeviceID_2>"

More details to see:

Disable a Mobile Phone for Exchange ActiveSync

http://technet.microsoft.com/en-us/library/bb232080(v=exchg.141).aspx

 

Thanks

Free Windows Admin Tool Kit Click here and download it now
November 24th, 2014 4:39am

You don't understand, there is no mailbox or AD account for that matter. They have both been deleted. I can't run Set-CasMailbox if there is no mailbox.
November 24th, 2014 7:25am

You don't understand, there is no mailbox or AD account for that matter. They have both been deleted. I can't run Set-CasMailbox if there is no mailbox.

The user left in April of 2014. The mailbox has been disabled and removed from Exchange a while ago. We recently had some CAS issues and Microsoft commented on this user with high ActiveSync hit rates.

It was then that I discovered the mailbox was gone as well as the AD account yet the phone continues to make hits against the Exchange server. Running Log Parser, all the hits fail (of course) with 4xx errors but it's still hits against the Exchange server.

Seems to me the only option available is to contact the user and have them delete their AS profile.

Free Windows Admin Tool Kit Click here and download it now
November 24th, 2014 3:15pm

Hi,

If the mailbox and account has been deleted, how does the user access your Exchange server via mobile?

 

Thanks 

November 27th, 2014 1:09am

Hi,

Identify IP of Mobile device and block it from Firewall.

Free Windows Admin Tool Kit Click here and download it now
November 27th, 2014 2:34am

Because the profile for ActiveSync was created when the AD account and mailbox were active. Even with both gone now, the phone will still try to authenticate against Exchange. It doesn't know the AD account and mailbox are gone. The authentication fails of course but its still a hit on the Exchange server.

It is even worse with the accounts gone because the client will try more often if it can't authenticate.

November 27th, 2014 7:27am

You can't block by IP because it's changing all the time.

I talked to Microsoft about this. The only way to stop this is have the user delete their AS profile from the phone.

Free Windows Admin Tool Kit Click here and download it now
November 27th, 2014 7:27am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics