iPhone meet Exchange 2010 – New book

On 2012-04-12, in Exchange 2010, by Mattias Jönsson
0

From blog : Tony Redmond’s Exchange Unwashed

If you’re an Exchange administrator who has to cope with the slings and arrows of outrageous Apple technology, aka the iPhones and iPads that have become essential business equipment over the last few years, you could do worse by placing an early order for iPhone with Microsoft Exchange Server 2010 – Business Integration and Deployment.

The chapters are as follows:

1. Introduction to Exchange 2010 and iOS devices.
2. Implementation and Architecture Planning (for the deployment of Exchange 2010 and iOS)
3. Connecting iOS devices to Exchange 2010 (includes the basic networking configuration that’s required)
4. Connecting iOS devices to Exchange Online/Office 365 (includes setting up an Office 365 domain and testing connectivity to the new domain)
5. Creating and enforcing ActiveSync policies
6. Configuring certificate based authentication for Exchange 2010
7. Provisioning iOS client devices using the iPhone configuration utility
8. Sharing mailboxes and calendars
9. iOS client device management

Tagged with:
 

Problem:

If you connect your iphone and sync with exchange you end up with fewer options for passcode lockout time.
Without exchange connection Apple makes it possible to choose up to 4 hours. With an exchange account setup it reduces to 15 min.

Solution: (http://www.iphonejd.com/iphone_jd/2009/09/iphone-passcode-lock.html)

You can set how long it takes for the iPhone’s passcode lock to be enabled. The choices are immediately (every time you wake the iPhone), after 1 minute, 5 minutes, 15 minutes, 1 hour or 4 hours. However, starting with iPhone Software 3.1, if you are syncing with a Microsoft Exchange server for e-mail, contacts or calendar, you may find that you have fewer options. For example, here are two screen shots of the Require Passcode setting. The one on the left is from my iPhone; the one on the right is from another lawyer’s iPhone who does not work at my law firm. Both of us are using Exchange and both of us are running iPhone 3.1, but you can see that I have fewer options:

I am more limited because my law firm’s Exchange server imposes a ”maximum inactivity time lock” on mobile devices. (I believe that ours is set to 20 minutes, and when you combine the up to 5 minutes before an iPhone auto-locks plus up to 15 minutes for a passcode lock, that is a maximum of 20 minutes of inactivity to lock the iPhone.) Before iPhone Software 3.1, the iPhone did not pay attention to an Exchange Server’s maximum inactivity time lock. This was a security flaw, one that was pointed out to Apple by iPhone users at PepsiCo, Intel Corporation, Edward Jones and Agilent Technologies. When Apple fixed this issue in 3.1, it explained what it had done on this page and gave credit to the individuals at those companies who pointed out the flaw. So if you, too, are looking to become famous on an Apple security page, let them know if you find another security flaw.

Speaking of iPhones and Exchange servers, the following Exchange ActiveSync password policies are supported in iPhone Software 3.1:

  • Require a password
  • Minimum password length
  • Maximum failed password attempts
  • Require both numbers and letters in the password
  • Inactivity time in minutes
  • Allow or prohibit simple password
  • Password expiration
  • Password history
  • Minimum number of complex characters in password

Even if a company doesn’t use Exchange, a company can set these settings by using device profiles.

Tagged with: