Product Documentation

ActiveSync Gateway

Jan 03, 2017

ActiveSync is a mobile data synchronization protocol developed by Microsoft. ActiveSync synchronizes data with handheld devices and desktop (or laptop) computers.

You can configure ActiveSync Gateway rules in XenMobile. Based on these rules, devices can be allowed or denied access to ActiveSync data. For example, if you activate the rule Missing Required Apps, XenMobile checks the App Access Policy for required apps and denies access to ActiveSync data if the required apps are missing. For each rule, you can choose either Allow or Deny. The default setting is Allow.

For more information about the App Access device policy, see App access device policies.

XenMobile supports the following rules:

Anonymous Devices: Checks if a device is in anonymous mode. This check is available if XenMobile can't re-authenticate the user when a device attempts to reconnect.

Failed Samsung KNOX attestation: Checks if a device failed a query of the Samsung KNOX attestation server.

Forbidden Apps: Checks if a device has forbidden apps, as defined in an App Access policy.

Implicit Allow and Deny: This action is the default for the ActiveSync Gateway, which creates a Device List of all devices that do not meet any of the other filter rule criteria and allows or denies connections based on that list. If no rule matches, the default is Implicit Allow.

Inactive Devices: Checks if a device is inactive as defined by the Device Inactivity Days Threshold setting in Server Properties.

Missing Required Apps: Checks if a device is missing required apps, as defined in an App Access policy.

Non-suggested Apps: Checks if a device has non-suggested apps, as defined in an App Access policy.

Noncompliant Password: Checks if the user password is compliant. On iOS and Android devices, XenMobile can determine whether the password currently on the device is compliant with the passcode policy sent to the device. For instance, on iOS, the user has 60 minutes to set a password if XenMobile sends a passcode policy to the device. Before the user sets the password, the passcode might be non-compliant.

Out of Compliance Devices: Checks whether a device is out of compliance, based on the Out of Compliance device property. That property is usually changed by the automated actions or by a 3rd party leveraging XenMobile APIs.

Revoked Status: Checks whether the device certificate was revoked. A revoked device cannot re-enroll until it is authorized again.

Rooted Android and Jailbroken iOS Devices: Checks whether an Android or iOS device is jailbroken.

Unmanaged Devices: Check whether a device is still in a managed state, under XenMobile control. For example, a device running in MAM mode or an un-enrolled device is not managed.

Send Android domain users to ActiveSync Gateway: Click YES to ensure that XenMobile sends Android device information to the ActiveSync Gateway. When this option is enabled, it ensures that XenMobile sends Android device information to the ActiveSync Gateway in the event that XenMobile does not have the ActiveSync identifier for the Android device user.

配置 ActiveSync Gateway 设置

1. 在 XenMobile 控制台中,单击右上角的齿轮图标。 此时将显示设置页面。

2. 在服务器下面,单击 ActiveSync Gateway。 此时将显示 ActiveSync Gateway 页面。

localized image

3. 在激活以下规则下中,选择要激活的一个或多个规则。

4. 在仅限 Android 中的将 Android 域用户发送到 ActiveSync Gateway 中,单击以确保 XenMobile 将 Android 设备信息发送到 ActiveSync Gateway。

5. 单击保存