Windows Mobile and ActiveSync


Currently two ActiveSync applications are available from Microsoft. First, the traditional ActiveSync is an application that is installed on to the desktop machine and allows synchronization through Outlook. Second, with Exchange 2003, Microsoft introduced Exchange ActiveSync (EAS), which allows synchronization directly to the Exchange server over a network or Internet connection. This was initially on-demand sync but Exchange 2003 service pack 2 enabled the "push mail" feature using HTTP or HTTPS. Push e-mail enables e-mail to be synchronized with the device as new message sarrive; when a message arrives in the user's Inbox, the Exchange server notifies connected mobile devices that a new message must be synchronized to the device.

Exchange 2007 takes EAS and has further enhanced it, although to take full advantage of the new features in EAS, you need to be using Windows Mobile 6.0 (aka Crossbow), which is still in development as this book is being written.

Exchange ActiveSync was available with Windows Mobile 2003 but really became popular only with Windows Mobile 2005. To use the push technology, you need to have a device with the Messaging and Security Feature Pack (MSFP) installed. This is not available as a separate download but will be part of a software update from the handset supplier.

Tip 

Microsoft Messaging and Security Feature Pack updates for mobile devices or Windows Mobile 6 updates must be obtained from the device vendor or the cell phone provider, not Microsoft.

If you have purchased a device since approximately June 2006, it almost certainly will come with a version of Windows Mobile 5.0 with MSFP. Many devices that run Windows Mobile 5 can be upgraded to the MSFP version

How Can You Tell Whether Your Device Has the MSFP?

You can identify whether your handset has the MSFP update in two ways. In both cases you need to look at the version information. This will be found in Settings Ø System under the About applet.

You need to look at the version information. You will see a string that is something like OS 5.1.195 (Build 14847.2.0.0). With some handsets, the build number says Messaging and Security Feature Pack. If that is the case, you know for sure. If yours does not, then you need to look at the build number. The key element is the last three digits. To have the MSFP installed, it needs to be 2.0.0 or higher. Build 2.0.0 was the first build to have the MSFP update.

image from book

Note 

We wrote this chapter using Windows Mobile 5.0 and are presuming that you are using a Windows Mobile-based device with at least that version of the software. You can find instructions for the older versions of Windows Mobile on Microsoft's website.

Tip 

As an administrator, you will want to test Windows Mobile for yourself; however, getting a hold of a device with the relevant software may be difficult. Microsoft has released an emulator for Windows Mobile, which was originally designed for developer use but is now available as a stand-alone product. You can install this onto your workstation and connect to the Exchange server over your network. At the time of writing, you can download the emulator from http://preview.tinyurl.com/otdx4.

Configuring Exchange to Support ActiveSync

Exchange ActiveSync (EAS) should be enabled by default from the standard installation of the Client Access server role. You can confirm whether this is the case by checking for the presence of a number of elements in IIS Manager. In the IIS Manager under Default Web Site (see Figure 19.15), check to see whether the virtual directory Microsoft-Server-ActiveSync exists.

image from book
Figure 19.15: Viewing Exchange-specific virtual directories and application pools

You can also check the Exchange-related application pools. For example, right-click the MSExchangeSyncAppPool application pool. If Start is available, then EAS is not running. Choose Start to enable the application pool.

You can do additional configuration of ActiveSync through the Exchange Management Console. Under Server Configuration, choose the Exchange ActiveSync tab. Right-click the virtual directory listed and choose Properties. You'll see three tabs. The first tab, General, allows you to set the internal and external URL for ActiveSync. The second tab, Authentication, allows you to control authentication, including whether to use client certificates. The third tab allows you to control remote file server access. This is identical in operation to remote file server access through Outlook Web Access but is not available with the current versions of Windows Mobile.

For Exchange Management Shell configuration, you use two cmdletss:

  • The cmdlet New-ActiveSyncVirtualDirectory will allow you to create a new virtual directory for another website on the same server.

  • The cmdlet Set-ActiveSycVirtualDirectory allows you to change settings for the ActiveSync virtual directory. This includes settings not available to you through Exchange Management Console. This command will enable basic authentication on a server named EXCHANGE01:

     Set-ActiveSyncVirtualDirectory-Identity"EXCHANGE01\microsoft-server-activesync" -BasicAuthEnabled:$true 

Defining an ActiveSync Policy

An ActiveSync policy allows you to define certain settings for the devices. With Exchange 2003, the policy applied to all devices, or there were exceptions for certain users. The level of control was very low. You can now have different settings for different users, allowing you more control over the devices - possibly depending on their job function.

ActiveSync policies are Exchange organization wide, so they are set in the Organization Configuration work center in the Client Access subcontainer. The policy is divided in to two main areas: access and password.

The General property page is for access-related settings. You can define whether attachments are downloaded to the device, configure access to UNC and WSS servers, and choose whether nonprovisionable devices can be configured.

image from book

Nonprovisionable devices are devices that do not support the Autodiscover service. Most sites will need to enable non-provisionable devices, at least initially until their devices are all users are using a version of Windows Mobile that supports provisioning via Autodiscover.

The Password property page is for the password policy. The settings on this tab are fairly self-explanatory. If you want to be able to take advantage of the remote wipe features, you need to require a password. If you do not, when you attempt to wipe the device, the end user will be asked to allow enforcement of a password policy. By saying no, they can maintain access to the device. Allow Simple Password is a policy that allows the end user to set a password such as 1234. If you have policies regarding passwords, you may not want to enable that option.

image from book

You can have more than one ActiveSync policy; to create another one, select New ActiveSync Policy from the Actions pane in Exchange Management Console, or run the cmdlet New-ActiveSyncPolicy with the required parameters.

This command will create a new policy called Sales, with Device Password enabled:

 New-ActiveSyncMailboxPolicy -Name:"Sales" -DevicePasswordEnabled:$true 

You can assign a policy to each user as required. To set a policy to a user through Exchange Management Console, open up the Recipient Configuration work center and select Mailbox. Find the user that you want to assign the policy to, and select Properties from the Actions pane.

Click the Mailbox Features tab and choose Exchange ActiveSync, and then click Properties. Enable the Apply an Exchange ActiveSync Policy option, and click Browse to choose the policy. Then click OK/Apply as required to close the user properties.

If you want to set multiple users at the same time, you need to use the Exchange Management Shell. To set the policy through the Exchange Management Shell, use the Set-CASMailbox command. For example, to set the policy Sales on user bsmith, you would run the following:

 Set-CASMailbox David.Sengupta -ActiveSyncMailboxPolicy (Get-ActiveSyncMailboxPolicy "Sales").Identity 

If you want to set a policy to all users, which may be a good way to start off, you have to use a combination of commands. This command will set the policy Default Policy on all users:

 Get-Mailbox | Set-CASMailbox -ActiveSyncMailboxPolicy (Get-ActiveSyncMailboxPolicy "Default Policy").Identity 

Configuring a Windows Mobile Device

This section guides you through configuring a Windows Mobile device. These instructions and screen shots were created using the Windows Mobile 5.0 emulator, which is running build 2.0.0. Therefore, you may find that a few screens look slightly different to what is shown here. The entries are identical, so it should be easy enough to adapt to the later versions of Windows Mobile that are released after this book is published.

To configure your device to sync with Exchange, follow these steps:

  1. Select ActiveSync from Programs. If this is the first time you have configured ActiveSync, you should simply select the text "set up your device to sync with it." If you already have ActiveSync configured to synchronize with a desktop, then you can change the settings from the menu, or use ActiveSync on the desktop to configure synchronization with a server.

    image from book

  2. You will be asked for the server address. This needs to be the external name of the Exchange server - for example, mail.domain.com. If you are going to use SSL, then the name needs to match what is on the certificate. The certificate also needs to be trusted by the device (either because you are using a commercial certificate that has a root certificate in the device or because you have imported the root or client certificate into the device in advance).

    image from book

  3. Enter the username, password, and domain for the account that is being used. If you want to sync automatically, you will need to save the password.

    Warning 

    Saving your password is a security risk, but it could also cause your account to be locked out if you change your password. When changing your Windows password, remember to change the password on the device as well.

    image from book

  4. Whether you want to set the advanced settings is up to you. Advanced settings deal with item conflict (default is Replace the Item on My Device) and event logging (default is None).

    image from book

  5. On the last screen, you can set what is synchronized over the server connection. Most users will be configuring all four options (Inbox, Calendar, Contacts, and Tasks). You cannot sync the Notes folder over the air, so if you are using the Notes feature in Outlook, you will need to continue to use the desktop ActiveSync as well.

    image from book

  6. You can adjust how much is synchronized for some of the types, such as Calendar and E-mail. Select the type and then choose Settings to adjust. Calendar allows you to change how much of your calendar is synchronized. E-Mail allows you to change how much old e-mail is synchronized and whether attachments come across.

  7. After you press Finish, the device will attempt to sync for the first time. If there is a lot of e-mail to come across, then you should have the device connected to the network via USB ActiveSync for that first sync.

Tip 

Exchange ActiveSync will sync over a wireless network connection. However, the push technology for e-mail does not operate over wireless. That requires a mobile phone connection. Furthermore, if you have ActiveSync set to push, you will need to initiate a manual sync to sync over the wireless network.

image from book

image from book




Mastering Microsoft Exchange Server 2007
Mastering Microsoft Exchange Server 2007 SP1
ISBN: 0470417331
EAN: 2147483647
Year: 2004
Pages: 198
Authors: Jim McBee

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net