Hello,

Is there any way to allow devices which are part of a security group?

I need to enable the Device Access Rules in a coexistence scenario of Exchange 2013 and Exchange 2010 and allow users one by one, based on security group partnership after migrated them to new Exchange server. If I'm trying to  modify the Exchange ActiveSync access settings on Exchange 2013, all users from Exchange 2010 are quarantined.

In fact.. I think that this will not resolve my issue:(...

I need to:

1. move a user to new Exchange server

2. assign mailbox policies

3. set to allow this user and his mobile device to sync and never send him on quarantine list

4. When all users are moved, send to quarantine list new users.

Thank you.

• Edited by laurentiun Wednesday, September 02, 2015 10:44 AM

There is no native way to control users via a group membership. You can find scripts that can do the job for you - basically they look for membership of a group and enable/disable as required.

If you want to control ActiveSync access then the easiest way is to set ActiveSync to quarantine all devices and then approve them on demand. It depends on how many devices it is likely to be.

However ActiveSync policies and quarantine are not server specific. Therefore if you enable it, then it will apply to all users. Again there are various scripts out there which can approve all existing devices, but that will apply when you move them to the new server.

Simon.