Please try to run following command to block specific device ID.
Set-CASMailbox -Identity: "EmailAlias" -ActiveSyncBlockedDeviceIDs: "<DeviceID_1>","<DeviceID_2>"
More details to see:
Disable a Mobile Phone for Exchange ActiveSync
You don't understand, there is no mailbox or AD account for that matter. They have both been deleted. I can't run Set-CasMailbox if there is no mailbox.
The user left in April of 2014. The mailbox has been disabled and removed from Exchange a while ago. We recently had some CAS issues and Microsoft commented on this user with high ActiveSync hit rates.
It was then that I discovered the mailbox was gone as well as the AD account yet the phone continues to make hits against the Exchange server. Running Log Parser, all the hits fail (of course) with 4xx errors but it's still hits against the Exchange server.
Seems to me the only option available is to contact the user and have them delete their AS profile.
- Edited by shadowtuck 23 hours 54 minutes ago
If the mailbox and account has been deleted, how does the user access your Exchange server via mobile?
Identify IP of Mobile device and block it from Firewall.
Because the profile for ActiveSync was created when the AD account and mailbox were active. Even with both gone now, the phone will still try to authenticate against Exchange. It doesn't know the AD account and mailbox are gone. The authentication fails of course but its still a hit on the Exchange server.
It is even worse with the accounts gone because the client will try more often if it can't authenticate.
You can't block by IP because it's changing all the time.
I talked to Microsoft about this. The only way to stop this is have the user delete their AS profile from the phone.