I had a customer request to disable ActiveSync for all Exchange 2007 users and only allow active sync when an administrator enables the feature for a specific user. Below are the steps I developed to determine the devices that are enabled and how to disable ActiveSync for accounts with no devices paired with the mailbox. To automate the process, all you need to do is create a scheduled task on one of the Exchange servers to run daily. These steps can be done with a Exchange 2010 or 2013 mailbox user as well.
Happy Exchanging!!!!
1. We want to run this command to get a list of the users that have mobile devices enabled to their mailbox
Get-CASMailbox -Filter {HasActiveSyncDevicePartnership -eq $true} | Select Name
2. In this example we will take a user that is not enabled with ActiveSync (Jennifer Crandall).
3. Since no phone is synced with Jennifer’s account (HasActiveSyncDevicePartnership = False) but, is enabled for ActiveSync (ActiveSyncEnabled = True) we will run this command and it should disable all ActiveSync policies that do not have a device sync to their mailbox.
Get-CASMailbox -Filter {HasActiveSyncDevicePartnership -eq $false} | set-CASMailbox -activesyncenabled $false
