Product Documentation

To configure an iOS Exchange ActiveSync policy

Mar 12, 2014

If you want to encrypt email attachments that pass through your Microsoft Exchange servers, Citrix recommends that you migrate your users to WorxMail and ShareFile rather than configuring email attachment encryption policies. For more information about WorxMail, see Using WorxMail.

  1. Using a web browser, navigate to http[s]://serveraddress[:port]/zdm, where serveraddress is the fully qualified domain name (FQDN) or IP address of the Device Manager server and port is the optional port number if you changed the default setting.
  2. Log on to the Device Manager web console using an account with administrative permissions.
  3. Click the Policies tab and then in the left pane under MDM Policies, click iOS > Configurations.
  4. In the results pane, click New Configuration > Profiles and Settings > Exchange ActiveSync.
  5. On the General tab, give the configuration a unique identifier as you want it to appear on users' devices. Then, enter a name that helps you to identify the configuration in the Device Manager web console and, optionally, a description.

    The identifier that you assign to the configuration must be unique. If two configurations with the same are identifier are delivered to a device, the second configuration overwrites the first.

  6. On the Exchange ActiveSync tab, enter the Exchange ActiveSync configuration details for your organization.
  7. Enter the name of the Exchange ActiveSync account and the host name or IP address of the Exchange server. If you want to secure connections between users' devices and the Exchange server, select the Use SSL check box.
  8. Enter the domain in which the Exchange server resides. Specify the user name and full email address for the Exchange user account.

    You can use the system macros ${user.username} and ${user.mail} in the User and Email address boxes to automatically look up users and their email accounts based on the format listed. For more information about macros, see Configuring Macros.

  9. Optionally, specify the password for the Exchange user account.

    Exchange account passwords should only be specified for encrypted profiles.

  10. Select the time period over which email will be synchronized to users' devices and, optionally, select an identity credential if you have configured an identity provider for Device Manager.
  11. On the Policy tab, configure the following settings, as required.
    • Select the Authorize email move between accounts check box to enable users to move emails between two or more accounts.
    • Select the Sending email only from Mail application check box to prevent users from sending emails from the account using an alternative mail client.
    • Select the Disable mail Recents syncing check box to prevent recently used email addresses from being synchronized with other devices through iCloud on devices running iOS 6 and later.
    • Select the Enable S/MIME check box to use S/MIME public key encryption with your email server.