Exchange 2007 Service Pack 1 is coming soon to a server near you. As you've read here before, there are a lot of new mobility features coming in Service Pack 1 and I hope I can provide you with some of the juicy details you've been waiting for. Note As wonderful as these new features are, currently we do not know of any mobile phones that currently support them. We're pretty sure that eventually, you'll be able to get a device that supports them, but for now, just keep watching this blog for updates. Here's some of what you can look forward to. Default Exchange ActiveSync Mailbox Policies Exchange 2007 shipped with a wide variety of Exchange ActiveSync mailbox policy settings. You could enforce a password, require that password be a certain length, prohibit the downloading of attachments, prevent users from reusing past passwords, and specify whether users could access information stored in Windows SharePoint Services document libraries. However, all of these policy settings don't do much good unless you assign your users to a policy. In Exchange 2007 RTM, all users had to be explicitly assigned to a policy. You could do this one at a time, or use an Exchange PowerShell one-liner to do it for you. In case you were wondering, here's the PowerShell cmdlet to assign all existing users to a policy.
Get-Mailbox | Set-CASMailbox –ActiveSyncMailboxPolicy (Get-ActiveSyncMailboxPolicy "Sales Policy").IdentityThat's really pretty simple, but wouldn't you like it to be even easier? Well, now it is. Exchange 2007 Service Pack 1 allows Administrators to designate an existing policy as the default policy. When a policy is marked as default, all new users will automatically be assigned the policy. You can switch the default policy at any time through the Exchange Management Console or the Exchange Management Shell. New and Enhanced Policy Settings In addition to the default policy, there are a significant number of new policy settings available in Exchange 2007 Service Pack 1. Now for a little bit of legal text: the ability to use many of the new policy settings is a premium feature of Exchange ActiveSync and requires an Exchange Enterprise Client Access License for each mailbox on which the policies are implemented. As I mentioned previously, the new policy features are available in Exchange ActiveSync Protocol version 12.1 (Exchange 2007 RTM ships with Exchange ActiveSync protocol version 12.0). Windows Mobile 6.0 is compatible with Exchange ActiveSync Protocol version 12.0. It's a reasonably safe bet that a future device operating system will support Exchange ActiveSync version 12.1, but I can't make any guarantees. Policy Settings for Exchange ActiveSync:
Settings |
Ex2007 RTM |
Ex2007 SP1 STANDARD CAL |
Ex2007 SP1 ENTERPRISE CAL |
Password Required |
x |
X |
X |
Min Password Length |
X |
X |
X |
Alphanumeric Password |
X |
X |
X |
Inactivity Timeout |
X |
X |
X |
Max Failed Password Attempts |
X |
X |
X |
Policy Refresh Interval |
X |
X |
X |
Allow non-provisionable devices |
X |
X |
X |
Attachments Enabled |
X |
X |
X |
Storage Card Encryption |
X |
X |
X |
Password Recovery Enabled |
X |
X |
X |
Allow Simple Device Password |
X |
X |
X |
Max Attachment Size |
X |
X |
X |
WSS Access Enabled |
X |
X |
X |
UNC Access Enabled |
X |
X |
X |
Password Expiration |
X |
X |
X |
Password History |
X |
X |
X |
Require Manual Sync When Roaming |
|
X |
X |
Min Device Pwd Complex Characters |
|
X |
X |
Max Calendar Age Filter |
|
X |
X |
Allow HTML Email |
|
X |
X |
Max Email Age Filter |
|
X |
X |
Max Email Body Truncation Size |
|
X |
X |
Max Email HTML Body Truncation Size |
|
X |
X |
Require Signed SMIME Messages |
|
X |
X |
Require Encrypted SMIME Messages |
|
X |
X |
Require Signed SMIME Algorithm |
|
X |
X |
Require Encryption SMIME Algorithm |
|
X |
X |
Allow SMIME Encryption Algorithm Negotiation |
|
X |
X |
Allow SMIME Soft Certs |
|
X |
X |
Require Device Encryption |
|
X |
X |
Allow Storage Card |
|
|
X |
Allow Camera |
|
|
X |
Allow Unsigned Applications |
|
|
X |
Allow Unsigned Installation Packages |
|
|
X |
Allow Wi-Fi |
|
|
X |
Allow Text Messaging |
|
|
X |
Allow POP/IMAP Email |
|
|
X |
Allow Bluetooth |
|
|
X |
Allow IrDA |
|
|
X |
Allow Desktop Sync |
|
|
X |
Allow Browser |
|
|
X |
Allow Consumer Email |
|
|
X |
Allow Remote Desktop |
|
|
X |
Allow Internet Sharing |
|
|
X |
Unapproved InROM Application List |
|
|
X |
Approved Application List |
|
|
X |
You Had Me at EHLO.