Hello, New to Exchange 2010 but I am an veteran Exchange 2003 admin. I'm still learning the EMS and I am having difficulty comming up with a command to add users to an ActiveSync Mailbox Policy based on group membership. Here is what I've come up with so far... Get-Mailbox | {$_.group -match "HighSecurityActiveSyncGroup"} | Set-CASMailbox -activesyncmailboxpolicy(Get-ActiveSyncMailboxPolicy "Group based ActiveSync Policy).Identity Bad thing about the EMS is it does not tell you if your command completed successfully. It just goes back to the command prompt. I have to go to the users account properties to see if the command was successful. Anyhow it's not working. Can someone help?

How many different groups/policies do you have?

We have departments who wish to have their own policies. How many could I end up having? Alot :)

You'll need to come up with way to map policy names to the department. Do you want to use the user's department name, or a DL membership (or something else)?

I want it based on DL membership as departments will want different policies based on who they are.

Okay. Will you be creating DLs with names that match the policy names?

Assumptions:You have a DL for each policy. The policy name and the DL name are the same, and all begin with AS_POL_No other DL's beging with that string$groups = get-distributiongroup AS_Pol_*foreach ($group in $groups){$members = Get-DistributionGroupMember $groupforeach ($member in $members){Set-CASMailbox $member -ActiveSyncMailboxPolicy $group.name}}

Assumptions: You have a DL for each policy. The policy name and the DL name are the same, and all begin with AS_POL_ No other DL's beging with that string $groups = get-distributiongroup AS_Pol_* foreach ($group in $groups){ $members = Get-DistributionGroupMember $group foreach ($member in $members){ Set-CASMailbox $member -ActiveSyncMailboxPolicy $group.name } } Thank You so much for your help. Yes I will have the DL name reflect the activesync policy. I was hoping to somehow modify the below command sequence so all I have to do is change the groupname and activesync policy name. We want to be able to setup one group pair at a time. The script you supplied would work for me although I would modify the AS_POL part to someting like ASPOL_DEPT_* or something like that. Would I run that directly from the EMS command prompt?

Yes. Since it's using the Exchange cmdlets, you'll need to either run if from an EMS prompt, or load the required Exchange snappins first if you're starting from a generic powershell prompt.I can give you a modified version that will prompt for the group name and only process one group if that will help.

$group = Read-Host "Enter the Group name" if (Get-DistributionGroup $group){ $members = Get-DistributionGroupMember $groupforeach ($member in $members){Set-CASMailbox -ActiveSyncMailboxPolicy $group.name}} else {Write-Host "That group name was not found."}

Thank you very much mjolinor for all your help.

No problem. You now owe the forum (pay it forward)...:)

$group = Read-Host "Enter the Group name" if (Get-DistributionGroup $group){ $members = Get-DistributionGroupMember $group foreach ($member in $members){ Set-CASMailbox -ActiveSyncMailboxPolicy $group.name } } else {Write-Host "That group name was not found."} I am trying to run this same command and it comes up and asks for the group name and i enter it in and then it wants an identity?? cmdlet Set-CASMailbox at command pipeline position 1 Supply values for the following parameters: Identity: This is using the EMS shortcut from the default exchange 2007 sp1 sr9 install.

Try this: $group = Read-Host "Enter the Group name" if (Get-DistributionGroup $group){ $members = Get-DistributionGroupMember $group foreach ($member in $members){ Set-CASMailbox $member -ActiveSyncMailboxPolicy $group.name } } else {Write-Host "That group name was not found."}[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "