1. Home
  2. iOS
  3. How to Configure Exchange ActiveSync on iOS with Hexnode MDM?

How to Configure Exchange ActiveSync on iOS with Hexnode MDM?

Exchange ActiveSync provides secure access and storage for your email and attachments. It syncs emails, attachments, contacts, calendar, etc. between the device and the Exchange server thus providing access to this information even in the absence of a network connection. Hexnode allows the admin to configure ActiveSync settings via the MDM console. This functionality is available on all pricing plans except Express.

Configure Exchange ActiveSync via policy

To configure Exchange ActiveSync settings via policy,

  1. Login to your Hexnode MDM portal.
  2. Navigate to Policies > New Policy. Assign a suitable name and description (optional) for the policy. You can also choose to continue with an existing policy.
  3. Go to iOS > Accounts > Exchange ActiveSync. Click Configure.

configure active sync on iOS devices

ActiveSync Settings Description
Account Name Name used to identify an ActiveSync account.
Exchange ActiveSync Server Name Provide the name of ActiveSync server. Example outlook.office365.com.
Allow Move Allow users to move/forward messages between email accounts in their devices. This option is disabled by default.
Allow Recent Address Syncing This option saves the recently used email addresses to their iCloud account. Recent address syncing is disabled by default
Use Only in Mail Users are allowed to send and read emails only from the Mail app. Disabled by default.
Use SSL Enable SSL to establish an encrypted connection between the device and the server. By default, SSL is used.
Use S/MIME S/MIME can be used for encrypting your emails. S/MIME is an encryption method based on asymmetric cryptography. Disabled by default.
Signing Certificate
(Available only if use of S/MIME is enabled)
Select the signing certificate from the list of available certificates. To add a new certificate, go to Policies > select an existing policy or create a new one > iOS > Security > Certificates.
Encryption Certificate
(Available only if use of S/MIME is enabled)
Add a new encryption certificate from Policies > select an existing policy or create a new one > iOS > Security > Certificates, and it’ll be displayed here.
Users can toggle S/ MIME signing on/off in Settings

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Allows the users to toggle S/MIME signing on/off in Settings. Disabled by default.
Users can select the signing identity

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Allows the users to select the signing identity. Disabled by default.
Enable S/MIME encryption by default

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Checking this option allows S/MIME encryption by default. This default cannot be changed by the user, if enable encryption per message is disabled.
Users can override default encryption settings

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Allows the user to toggle the encryption by default settings.
Users can select the S/MIME encryption identity

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Allows the users to select S/MIME encryption identity. Disabled by default.
Enable encryption per message

(Available only if use of S/MIME is enabled)
(Supported on iOS 12.0+ devices)

Allows to display per-message encryption switch in the Mail Compose UI. Disabled by default.
Domain Specify the domain name of the Exchange server. Specifying %domain% will fetch the domain name from the Active Directory (AD). By default, Hexnode MDM will fetch the domain name from the AD.
User The ActiveSync username. Use %username% to fetch the username automatically from the AD. Hexnode MDM will fetch the username automatically by default.
Email Address Email address of the user. Use %email% to fetch the email address from the AD. %email% is used by default.
OAuth Check this option to allow OAuth connection for authentication. A password may not be specified on enabling this option.
Password The password associated with the ActiveSync username.
Past Days of Mail to Sync The number of days of email to be downloaded on the device. You can choose from the six available options – Unlimited, One day, Three days (default value), One week, Two weeks, One month. For example, if you choose Three days, then the emails you sent/received in the past three days will be downloaded to the device from the mail server.
Identity certificate Identity certificates which are uploaded at Policies > select an existing policy or create a new one > iOS > Security > Certificates are displayed here.

Associate policy to devices/groups

If the policy has not been saved,

  1. Navigate to Policy Targets > +Add Devices.
  2. Choose the target devices and click OK. Click Save.
  3. You can also associate the policy to device groups, users, user groups or domains from the left pane of the Policy Targets tab.

If the policy has been saved,

  1. Go to Policies tab and choose the desired policy.
  2. Click on Manage drop-down and select Associate Targets.
  3. Choose the target entities and click Associate.
  •  
  •  
  •  
  •  
  •  

Was this article helpful?

Related Articles

Leave a Comment