Forum Discussion
Quarantined Mobile Devices - Powershell
Hey Everyone -- I am trying to put together a Powershell script to approve a device that has been quarantined. By default, we quarantine everything and allow only what we want. $MobileDevice = ...
The device state is stored in an Active Directory attribute which needs to be replicated across all domain controllers until the state is properly returned when queried by a Get-MobileDevice cmdlet.
Is the device shown in the list of quarantined devices still? Even after some hours after the device has been allowed?
Tom,
Thanks for getting back. Yes - it still is showing in the list of Quarantined devices.
I am running Exchange Hybrid - 100% online. I have 1 server on prem for management. Given that, mobile device information would not be stored in my on-prem AD, correct?
-Steve
Stephen,
That's correct. Registered mobile devices for cloud mailbox users are not stored in an on-premises AD. The device information is stored in the Office 365.
It seems to be a glitch in the UI, when mailbox access works for allowed device and the device still shows up as quarantined in the Admin Center.
- Thomas
So here is what I just found out -- here is what I was running, and the device was still in the quarantined list.
$MobileDevice = Get-MobileDevice -Mailbox jdoe -Filter {DeviceAccessState -eq 'Quarantined'}
# allow the device
Set-CASMailbox -Identity jdoe -ActiveSyncAlloweDeviceIDs $MobileDevice.DeviceIdIf I then run:
$MobileDevice.DeviceAccessState = 'Allowed'
$MobileDevice.DeviceAccessStateReason = 'Individual'The device is no longer shown in the mobile device list as quarantined.
-Steve
Nearly perfect. A small typo on this line:
Set-CASMailbox -Identity jdoe -ActiveSyncAlloweDeviceIDs $MobileDevice.DeviceId
Throws an error. This should work:
Set-CASMailbox -Identity jdoe -ActiveSyncAllowedDeviceIDs $MobileDevice.DeviceId
Que
