Exchange settings
To specify the settings for the ActiveSync server that devices use, go to Policies & Configs > Configurations, then select Add New > Exchange. The ActiveSync server can be a Microsoft Exchange server, an IBM® Lotus® Notes Traveler server, Microsoft Office 365, or another server.
The following table describes the Exchange settings you can specify.
|
Section |
Field Name |
Description |
|---|---|---|
|
General |
Name |
Enter brief text that identifies this group of Exchange settings. |
|
|
Description |
Enter additional text that clarifies the purpose of this group of Exchange settings. |
|
|
Server Address |
Enter the address of the If you are using Standalone Sentry, do the following: •Enter the Standalone Sentry’s address. •If you are using Lotus Domino server 8.5.3.1 Upgrade Pack 1 for your ActiveSync server, set the server address to <Standalone Sentry’s fully qualified domain name>/traveler. •If you are using a Lotus Domino server earlier than 8.5.3.1 Upgrade Pack 1, set the address to <Standalone Sentry fully qualified domain name>/servlet/traveler. •If you are using load balancers, contact Ivanti Professional Services. When using Integrated Sentry, set the server address to Microsoft Exchange Server’s address. When using Sentry, you can do preliminary verification of your Exchange configuration choices for the ActiveSync User Name, ActiveSync User Email, and ActiveSync Password fields. To do so, first set the server address to the ActiveSync server. After you have verified that users can access their email using this Exchange configuration, change the server address to the appropriate Sentry address. For more information about configuring Sentry, see the Ivanti Standalone Sentry Guide for EPMM. |
|
|
Use SSL |
Select to use secure connections. |
|
|
Use alternate device handling |
Replaces the Use Standalone Sentry option. Use this option only under the direction of Ivanti Technical Support. |
|
|
Domain |
Specify the domain configured for the server. |
|
|
Google Apps Password |
This check box only appears if you have configured a Google account with Ivanti EPMM. When linking to Google Apps, select this option to use the Google Apps password to log in to the Google account you have configured to work with Ivanti EPMM. This password allows device users to access their Email, Contacts, and Calendar data on their managed devices. When selected, Ivanti EPMM grays out the ActiveSync User Name and ActiveSync User Password. This check box only appears if you have configured a Google account with Ivanti EPMM, as described in Synchronizing Google account data. |
|
|
ActiveSync User Name |
Specify the variable for the user name to be used with this Exchange configuration. You can specify any or all of the following variables $EMAIL$, $USERID$, $PASSWORD$. $MANAGED_APPLE_ID$ can be used for Shared iPad devices and User Enrolled devices only. You can also specify custom formats, such as $USERID$_US. Custom attribute variable substitutions are supported. Typically, you use $USERID$ if your ActiveSync server is a Microsoft Exchange Server, and you use $EMAIL$ if your ActiveSync server is an IBM Lotus Notes Traveler server. You cannot use $NULL$ for this field. |
|
|
ActiveSync User Email |
Specify the variable for the email address to be used with this Exchange configuration. You can specify any or all of the following variables $USERID$, $EMAIL$,$SAM_ACCOUNT_NAME$, $USER_CUSTOM1$, $USER_CUSTOM2$, $USER_CUSTOM3$, $USER_CUSTOM4$, $CUSTOM_DEVICE_Attributename$, CUSTOM_USER_Attributename$, or $NULL$. $MANAGED_APPLE_ID$ can be used for Shared iPad devices and User Enrolled devices only. You can also specify custom formats, such as $USERID$_US. Custom attribute variable substitutions are supported. Typically, you use $EMAIL$ in this field; you cannot use $NULL$.
|
|
|
ActiveSync User Password |
Specify the variable for the password to be used with this Exchange configuration. You can specify any or all of the following variables: $USERID$, $EMAIL$, $PASSWORD$, $USER_CUSTOM1$, $USER_CUSTOM2$, $USER_CUSTOM3$, $USER_CUSTOM4$, $CUSTOM_DEVICE_Attributename$, CUSTOM_USER_Attributename$, or $NULL$. You can also specify custom formats, such as $USERID$_US. Custom attribute variable substitutions are supported. Enter additional variables or text in the text box adjacent to the Password field. Entries in this text box are kept hidden and will not be visible to any Ivanti EPMM administrator. All variables and text up to the last valid variable will be visible. Anything after the last valid variable will not be visible. The valid variable may appear in either of the password fields. Valid variables are variables in the drop-down list. |
|
|
Identity Certificate |
Select the Certificate Enrollment entry you created for supporting Exchange ActiveSync, if you are implementing certificate-based authentication. When setting up email for devices with multi-user sign-in, the exchange profile must always use a user-based certificate. The user-based certificate will ensure secure access to email for all users. Using a device-based certificate can result in one user sending or receiving emails for another user. When configuring the user-based certificate, select the Proxy enabled and Store certificate keys on Ivanti EPMM options. This allows the user certificate and private key to be delivered each time they log in on the shared device. |
|
|
Password is also required |
Specify whether to prompt device users for a password when certificate authentication is implemented. The password prompt is turned off by default. Once you specify an Identify Certificate, this option is enabled. Select the option if you want to retain the password prompt. |
|
|
Items to Synchronize (Android, Windows) |
|
|
|
Items to Synchronize (iOS) |
This feature is not supported on Windows devices. |
|
|
Past Days of Email to Sync |
Specify the maximum amount of email to synchronize each time by selecting an option from the drop-down list. The 1 Day option maps to the All option. |
|
|
Move/Forward Messages to Other Email Accounts |
|
|
S/MIME |
Enable for Android and iOS 9.3.3 (or earlier) |
Select to enable S/MIME signing and encryption on devices running Android or iOS 9.3.3 or earlier. |
|
S/MIME Signing |
||
|
|
S/MIME Signing: Enable |
|
|
|
S/MIME Signing identity |
|
|
|
Signing Identity: User Overrideable |
|
|
|
S/MIME Signing: User Overrideable |
|
|
S/MIME |
||
|
|
Encryption by Default |
|
|
|
Encryption Identity |
|
|
|
Encryption Identity: User Overrideable |
|
|
|
Encryption by Default: User Overrideable |
|
|
|
Per-Message Encryption Switch |
|
|
ActiveSync |
|
|
|
|
Sync during |
|
|
|
Peak Time |
Select the preferred synchronization approach for peak times. |
|
|
Off-peak Time |
Select the preferred synchronization approach for off-peak times. |
|
|
Use above settings when roaming |
Specify whether to apply synchronization preferences while roaming.
|
|
|
Send/receive when send |
Specify whether queued messages should be sent and received whenever the user sends a message.
|
|
|
Peak Time |
|
|
|
Peak Days |
Specify which days should be considered peak days.
|
|
|
Start Time |
Specify the beginning of the peak period for all peak days.
|
|
|
End Time |
Specify the end of the peak period for all peak days.
|
|
iOS 5 and Later Settings |
|
These features are not supported for Windows devices.
|
|
Android |
|
These features are not supported for Windows devices.
|
|
|
Windows 10 Desktop |
This feature is only supported for Windows 10 Desktop devices.
|
|
Windows 10 Desktop |
Configure Outlook |
Select this option to configure an email profile with the use of Microsoft’s Outlook client, versions of 2010 or 2013. Outlook uses the Name, Server Address, Domain, ActiveSync User Name, ActiveSync User Email, and ActiveSync Password. All other settings are ignored. This is supported only on Outlook 2010 and 2013. Outlook 2016 and future versions require that Auto Discovery is configured on the Exchange server and does not need this configuration. This feature requires Bridge. See Setting up Bridge for details. |