Exchange ActiveSync: What it is and how you can use it

Mobile devices are ubiquitous and have become an integral part of our lives. Can you imagine living without your mobile phone? Really makes us wonder what we did before these life-changing devices came to our hands! Today, we use our smartphones for many routine tasks such as checking emails, communicating with family and friends, conference calls, shopping, banking and so much more. Won’t it be nice if we can extend it to all work-related communications too? It will be handy to access all our Outlook information including tasks, calendars, and contacts through our smartphones, so we can stay on top of our work commitments regardless of our physical location. This is good for organizations too because it can enhance the productivity of its employees. But is this possible? Yes, through a protocol called Exchange ActiveSync.

What is Exchange ActiveSync?

Exchange ActiveSync is a proprietary protocol that syncs your mobile device with your Exchange mailbox, so you can access your email, calendar, contacts, tasks, and so much more. It is based on XML and communicates with a mobile device using HTTP or HTTPS.

This protocol, developed by Microsoft, is enabled by default when you install Exchange 2016, so there is nothing extra you need to do to set it up.

In addition, this protocol is designed to work well in high latency and low bandwidth networks as well, so you can access all your information from any location around the world, even if the signal strength of mobile data or wireless is not that great.

Microsoft has pretty much thought about everything for Exchange ActiveSync, including the security aspect, as you will be exchanging sensitive information over the open Internet. This is why it uses standard encryption services by default. You can also configure Exchange ActiveSync to use security sockets layer (SSL) encryption for communications between Exchange server and your mobile device.

Besides these aspects, here is a detailed look into the features of Exchange ActiveSync.

Features of Exchange ActiveSync

Below are the salient features of Exchange ActiveSync.

• Supports HTML messages.
• Makes it easy to group email messages by conversation.
• Gives the option to synchronize or not synchronize a conversation.
• Synchronizes short message service (SMS) messages with a user’s mailbox.
• Supports the viewing of message reply status.
• Retrieves messages as fast as possible, based on Internet speed.
• Gives information about attendees in a meeting.
• Supports extensive search of all information on Exchange server.
• Gives the option to reset PIN
• Protects the device with advanced password policy.
• Allows you to set up automatic replies when you are away from work or out of office.
• Supports task synchronization.
• Gives availability information of contacts.

These features greatly enhance the usability of Exchange ActiveSync and make it a handy tool for anyone who wants to stay on top of what is happening at work, even when they are on the move.

How to use Exchange ActiveSync?

Since exchange ActiveSync is enabled by default, no separate installation process is required. All users who use Exchange Server 2016 or Exchange Online can synchronize their mobile device with the Exchange server automatically.

Control for Exchange administrators

As an exchange administrator, you can control the settings and manage the way employees use this feature. Broadly speaking, below are some aspects you can control.

• Enable or disable Exchange ActiveSync for users at any time.
• Set security policies such as the minimum password length, maximum attempts for failed passwords, and so on.
• Do a remote wipe to erase all data from a lost or stolen mobile phone, so the company’s sensitive information does not fall into the wrong hands.
• Export user data into many formats.
• Create a wide range of reports for identifying problems and to stay on top of different usage metrics.
• Set up device access rules to restrict the types of mobile devices that can sync with the Exchange server.

As an exchange administrator, these features give you complete control over who accesses the organization’s Exchange Server and how.

Creating an Exchange ActiveSync profile

You have to create an exchange ActiveSync profile in Outlook to access mailbox information on your mobile device. Here is how you can set it up.

• Go to control panel and select mail. Click “show profiles”
• Give a name for your profile and press confirm.
• Choose “manual setup or additional server types” and click next.
• Select the second option in this screen, which is “Outlook.com or Exchange ActiveSync compatible service.” Click next.
• In the next window, enter your name, username, password, server name, and click next. If the user is not from the primary domain, you have to enter the domain name as well. For example, [email protected].
• Outlook will perform some tests to check the connection. Click close after Outlook completes all tests.
• Finally, click Finish. You are now all set to connect to Exchange server from your mobile device.

Disabling Exchange ActiveSync

As an exchange administrator, you can disable exchange ActiveSync at any time. To do it for the entire organization:

• Navigate to administrative tools > Internet information services (IIS) manager.
• Expand the IIS manager, double-click on the server name and double-click to expand the “application pools” folder.
• Right-click “MSExchangeSyncAppPool” and select “stop” from the list.

This should disable Exchange ActiveSync for the entire organization. To enable it, follow the same procedure, but instead of “stop,” click “start” from the right-click menu.

Disabling Exchange ActiveSync for a single user

Sometimes, you may want to enable or disable Exchange ActiveSync for a single user instead of for the entire organization. The steps for this process are:

• Open Exchange management console.
• Navigate to “recipient configuration” and select “mailbox.”
• Choose “properties” from the action pane. Alternately, right-click the user’s mailbox and choose “properties.”
• Click “mailbox features” tab.
• Select “Exchange ActiveSync” and click “disable.” Finally, click “OK” and you are done.

You can also run this command in Exchange management shell to disable Exchange ActiveSync for a user.

Set-CASMailbox -Identity<SMTP Address of user> -MobileSyncEnabled $false

To enable, follow the same procedure, but instead of “disable” choose “enable”. The command in Exchange management shell is

Set-CASMailbox -Identity <SMTP Address of user> -ActiveSyncEnabled $true

Please note that you need an Exchange organization administrator role for enabling and disabling Exchange ActiveSync.

Limitations of Exchange ActiveSync

Though Exchange ActiveSync is a great tool to access your Exchange Server, it still comes with some limitations that you should know before you start using it.

• You can’t create additional task folders, contacts, or calendar information. You can only view what is already available in Exchange server.
• Global address list does not synchronize.
• You can’t share any folders. This is an obvious one considering the security aspect of the organization.
• You can’t synchronize drafts, notes, or task status.
• Delivery and read receipts do not work in ActiveSync.

Despite these limitations, Exchange ActiveSync gives you a ton of flexibility as it allows you to access your mailbox at any time through your mobile device.

As you can see, Exchange ActiveSync is a protocol developed by Microsoft to facilitate communication between the organization’s Exchange server and an employee’s mobile device. And as we said before, it comes as a part of Microsoft Exchange 2016, so it does not require any additional setup.

From the Exchange administrators’ point of view, this feature gives them good control over what information is accessed, and also the process to enable and disable Exchange ActiveSync is easy. For these reasons, it is likely to be a great addition to any Exchange admin’s arsenal of tools.

Featured image: Shutterstock