Performing a remote wipe on ActiveSync devices in Exchange Server 2007

Exchange Server 2007 natively supports remotely wiping of ActiveSync mobile devices. This capability required an add-on to Exchange Server 2003 and the final result was not nearly as polished and easy to use as it is in Exchange 2007. Learn step-by-step how Exchange Server 2007 users can remotely wipe their ActiveSync mobile using either Exchange Management Console (EMC) or Outlook Web Access (OWA).

Exchange Server 2007 offers native support for remotely wiping ActiveSync mobile devices. This capability required

an add-on to Exchange Server 2003 and the final result was not nearly as polished and easy to use as it is in Exchange 2007. This tip from Microsoft Exchange Server expert William Schmied explains how to perform a remote wipe on ActiveSync mobile devices.


The best part of Exchange 2007's remote wipe capability is that it puts the mobile device responsibility in the hands of their end users. Using either Exchange Management Console (EMC) or Outlook Web Access (OWA), users can manage their ActiveSync mobile devices.

Managing ActiveSync devices in the EMC

ActiveSync device management is built right into Exchange Management Console (EMC). When you select a mailbox that has an ActiveSync device associated with it, click the Manage Mobile Device option in the Action area to open the Manage Mobile Device dialog box (Figure 1).

Manage the Mobile Device dialog box
Figure 1. The Manage Mobile Device dialog box. (Click to enlarge)

The Manage Mobile Device dialog box offers basic information about the ActiveSync device, such as its last synchronization time, the wipe status of the device and the device's recovery password. From this screen, you can either remove the ActiveSync device from the Exchange mailbox or perform a remote wipe of the device. After performing the remote wipe, you must remove the device's partnership so it can be used again with this mailbox. It is best practice, however, to remove the device regardless of your future intentions. Figure 2 shows what the Manage Mobile Device dialog box will look like after the remote wipe command has been issued.

The Manage Mobile Device dialog box after wiping a device
Figure 2. The Manage Mobile Device dialog box after wiping a device.(Click to enlarge)

Managing ActiveSync devices from OWA

Managing and wiping ActiveSync devices from within Outlook Web Access is even simpler than using the EMC. When an ActiveSync mobile device is associated with a mailbox, the Mobile Devices item becomes available in the Options menu at the top of the OWA interface (Figure 3).

The Mobile Devices menu option in OWA
Figure 3. The Mobile Devices menu option in OWA.

Selecting Mobile Devices displays the Mobile Devices page (Figure 4). This page lists all of the same options you see when using the EMC, and users can get their recovery password, remove the ActiveSync device or perform a remote wipe from this page.

The Mobile Devices page in OWA
Figure 4. The Mobile Devices page in OWA (Click to enlarge)

Clicking Wipe All Data from Device starts the remote wipe process. The command is processed after the choice is confirmed. Figure 5 shows the Mobile Devices page after the wipe has occurred. The user is instructed to remove the ActiveSync device from the list if they want to configure it for use on this mailbox again. However, as is the case in the EMC, it's recommended to remove the device from the list each time.

The Mobile Devices page in OWA after issuing the remote wipe command
Figure 5. The Mobile Devices page in OWA after issuing the remote wipe command (Click to enlarge)

Exchange Server 2007 puts the power to manage ActiveSync devices where you want it: in your users' hands. As part of the standard training and policy acceptance that goes along with issuing an ActiveSync device to a user, be sure to emphasize the self-management capabilities found in the EMC and OWA. You should also make sure that your users understand that they should immediately issue a remote wipe command for any lost mobile devices. If too much time passes, the device may be taken out of network coverage and the remote wipe command will fail -- potentially allowing an unauthorized person to gain access to data on the device.

About the author: Will Schmied is a senior systems administrator for a world renowned children's research hospital. He holds numerous Microsoft MCITP, MCTS and older certifications and has been involved with Exchange and Blackberry for many years. He has also been actively involved with the certification and training side of IT for many years, writing or contributing to several dozen books and also by founding the popular certification portal, MCSE World. Having passed the reigns to a good friend from down under, Will maintains a much smaller presence today with his blog, Tales of a System Administrator.

Do you have comments on this tip? Let us know.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com. 

This was first published in April 2009

Dig deeper on Mobile Devices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close