This Content Component encountered an error

There are potential pitfalls you can run into when moving mobile device user mailboxes from Exchange 2003 to Exchange 2007. Find out how to avoid them and discover a few Exchange Management Shell commands that simplify ActiveSync mailbox policy management on Exchange 2007.


Exchange Server 2003 SP2 lets you create a global security policy that applies to all mobile device users. In contrast, Exchange Server 2007 allows you to create multiple mobile messaging policies (called ActiveSync Mailbox Policies) that can be assigned to different users, as needed. For example, you might create one ActiveSync Mailbox policy for your sales reps, and a different security policy for the company's executive management.

When moving mailboxes from Exchange 2003 to Exchange 2007, you should always use the Exchange Management Console or Exchange Management Shell.

Using the Exchange System Manager may cause some mailbox features to malfunction. For example, if a mailbox is migrated using Exchange System Manager, the user whose mailbox was moved usually cannot log into Outlook Web Access (OWA) afterward.

When you move a mailbox from Exchange 2003 to Exchange 2007 server, two things happen:

  • If a mobile messaging security policy is in effect on the Exchange 2003 server, it will no longer be in effect when the migration to Exchange 2007 is complete, because Exchange 2007 uses a different type of security policy for mobile users.

  • When any mailbox is moved to Exchange 2007, it automatically becomes ActiveSync-enabled, regardless of its previous Exchange 2003 server configuration. However, no ActiveSync mailbox policies are applied until you set them up manually.

Exchange 2007 and mobile administration resources:

Step-by-Step Guide: How to secure mobile devices in Exchange Server 2007

Learning Guide: Exchange Server mobile device management

Crash Course: Exchange ActiveSync tips and tutorials

Setting up a new mailbox from scratch on Exchange 2007 creates a similar result. New user mailboxes, resource and equipment mailboxes are all ActiveSync-enabled by default. The difference is that the New Mailbox Wizard gives you the opportunity to associate an ActiveSync Mailbox Policy with the new mailbox during the setup process.

If you want to disable ActiveSync for resource mailboxes, there is an Exchange Management Shell command you can use to disable it for all room and equipment mailboxes:

Get-Mailbox –ResultSize Unlimited –Filter {RecipientTypeDetails –eq 'EquipmentMailbox' –or RecipientTypeDetails –eq 'RoomMailbox'} -> Set-CasMailbox –ActiveSyncEnabled $False Get-Mailbox –ResultSize Unlimited –Filter {RecipientTypeDetails –eq 'UserMailbox' –and $_.ActiveSyncEnabled}

You also can use the Exchange Management Shell to display a list of all user accounts that have ActiveSync enabled:

Get-Casmailbox –ResultSize Unlimited -> where {$_.ActiveSyncEnabled}

This will display several columns after each username, each of which shows either True or False. The first column displays True for users who have ActiveSync enabled.

Because we have filtered the output, only users with ActiveSync enabled are displayed though. If you want to view all users and check their ActiveSync status manually, simply enter the command Get-CasMailbox.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.

Do you have comments on this tip? Let us know.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? editor@searchexchange.com to talk about writing for SearchExchange.com.

This was first published in October 2007

Dig deeper on Mobile Devices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close