<< Click here to display Table of Contents >> Navigation: Setup Menu > Mobile Device Management > ActiveSync:

Policies

Contents

Use this screen to manage your ActiveSync device policy templates, which are used to create the ActiveSync policies that govern user devices. Predefined policy templates are provided, and you can create, edit and delete your own. These templates are used to create the default policies that can be assigned per domain from the ActiveSync » Domains screen, and the policies that can be assigned per device from the Account Editor's ActiveSync Devices screen.

Not all ActiveSync devices recognize or apply policies consistently. Some may ignore policies or certain policy elements altogether, and others may require a device reboot before changes take effect. Further, when attempting to assign a new policy to a device, it will not be applied to the device until the next time it connects on its own to the ActiveSync server; policies cannot be "pushed" to devices until they connect.

ActiveSync Policies

New policy

Click this button to open the ActiveSync Policy Editor, used for creating and editing your policy templates.

Delete Policy

To delete a policy template, select a custom policy from the list and then click Delete Policy. Click Yes to confirm your decision to delete the policy template. The predefined policy templates cannot be deleted.

Edit Policy

To edit a policy template, select a custom policy from the list and then click Edit Policy. After making your desired changes in the policy editor, click OK. The predefined policy templates cannot be edited.

Editing a policy templates will not change any policies that are already assigned to domains or devices. If you wish to change a domain or device's policy, you must do so using the options provided on: ActiveSync » Domains and ActiveSync » Devices.

Policy List

This area lists all predefined and custom made policy templates. When you select one of the templates, its Policy description will appear in the area below the list.

ActiveSync Policy Editor

ActiveSync Policy

Policy name

Specify a name for your custom policy here.

Policy description

Use this area to describe your custom policy. This description appears below the Current Policies list when you select the policy.

Password Options

Require password

Check this box if you wish to require a password on the device. It is disabled by default.

Require alpha-numeric password

Use this policy option if you wish to require the device password to contain both letters and numbers. It is disabled by default.

Password complexity level (0=none, 1-4)

Use this option if you also wish to require the device password to contain at least this many non-letter characters (i.e numbers, punctuation, or special characters), to increase the password's complexity. You can require from 1-4 complex characters. This option is disabled by default (set to "0").

Allow simple password

This option allows simple passwords on the device, such as: 12345, ABCD, and the like. It is enabled by default.

Require device encryption

Click this option if you wish to require encryption on the device. Not all devices will enforce encryption. This is disabled by default.

Days before password expires (0=never)

This is the number of days allowed before the device's password must be changed. This option is disabled by default (set to "0").

Remember this many old passwords (0=none)

Use this option if you do not wish to allow the device to reuse a specified number of old passwords. For example, if this option is set to "2" and you change your device password, you will not be able to change it to either of the last two passwords that were used. The option is disabled by default (set to "0").

Minimum password length (0=none, 4-16

Use this option if you wish to require the device password to contain at least this many characters, from 4-16. This option is disabled by default (set to "0").

Max failed password attempts (0=no limit)

When a user attempts to enter the device password, this is the number of failed password attempts allowed before the device will either lock itself for a certain amount of time or perform a wipe of all date, depending on the device. This option is disabled by default (set to "0").

Inactivity timeouts (minutes, 0=never)

This is the number of minutes that a device can go without any user input before it will lock itself. This password option is disabled by default (set to "0").

Sync Options

Allow attachments to be downloaded to device

Allows the device to download file attachments. This option is enabled by default.

Max attachment size (KB, 0=none)

This is the maximum size of attachment that will be automatically downloaded to the device. There is no size limit set for this option by default (set to "0").

Email synchronization period

The is amount of email, by date range from today, that can be synchronized by the device. By default this is set to "all days", meaning that all email can be synchronized no matter how old it is.

Calendar synchronization period

This is how far back from today that past calendar entries can be synchronized by the device. By default this is set to "all days", meaning that all past entries can be synchronized no matter how old they are.

Require manual sync on roam

Use this policy option if you wish to require the device to synchronize manually while roaming. Allowing automatic synchronization while roaming could increase data costs for the device, depending on its carrier and data plan. This option is disabled by default.

Other

Allow browser

Allows the use of a browser on the device. This option is not supported on some devices, and may not apply to 3rd party browsers. It is enabled by default.

Allow camera

Allows the use of a camera on the device. This option is enabled by default.