Tracing Who Approved a Device from ActiveSync Quarrantine

Similar Messages

• List ActiveSync Device from CAS 2010

  Hi All.
  I have 02 Server with Exchange 2007 (01 CAS y 01 MBX/HUB), yesterday I installed one CAS in Exchange 2010, when I run the cmdlet get-Activesyncdevice I get 0 device,
  but now I have 15 devices connected to the
  CAS 2007 (This server is facing to internet).
  How do I get list the devices from CAS Exchange 2010.
  Thks for any Idea..

  Does this help?
  http://briandesmond.com/blog/how-to-create-an-activesync-device-report/
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Exchange 2010 remove one device from ActiveSyncAllowedDeviceIDs

  Hi,
  I am wondering if there is a way to remove one device ID from the ActiveSyncAllowedDeviceIDs. I run "get-casmailbox -identity useraccount | format-list" to determine the number of devices in the ActiveSyncAllowedDeviceIDs field. The user may
  have multiple devices in this list. I simply want to remove one of these device. I know I can run "set-casmailbox -identity useraccount -ActiveSyncAllowedDeviceIDs $null" , the problem is that will clear all devices.
  Thanks
  Andy Stoyles

  You must have ActiveSync quarantine enabled. When you approve a device that was quarantined, it will be added to the ActiveSyncAllowedDeviceIDs
  list. If you were to run the above Remove-ActiveSyncDevice command, it will delete the device
  association from Exchange which is good, but it doesn't clear the device from the ActiveSyncAllowedDeviceIDs list.
  This is an issue, if the user attempts to setup the same device again with ActiveSync they are able to bypass the quarantine because the device still remains on the ActiveSyncAllowedDeviceIDs
  list.
  I hope this helps

• Is there a way to find out details about, who approved the RMA on system using front end or back end?

  Is there a way to find out details about, who approved the RMA on system using front end or back end?

  But is there a way (simple or not-so-simple) to find
  out EVERY SINGLE FILE that's referenced on a
  timeline? (I have lots of stuff imported into the
  project that I know isn't used on any timeline, but
  I'm afraid of moving or deleting things for fear of
  never finding it again.)
  I'd love to get some sort of "printout" (a list or
  something) of every single file.
  There is, go to browser and cntrl click on any one of the columns,
  and select - show/source. A new column named "source" will pop up and will show where everything "lives". Click on the header at the top and it will justify the column as well. You'll notice this won't show anything for your seq.'s. of course, but will show stills/audio/motion files...
  Once you have the new column, you can drag it next to the "name" column and get a grab of it and print it if you like, or whatever.
  If you want to do this for just 1 seq., then can create a new bin and double click it to open it. Cntrl-A (select all) in your main seq. and just drag all into the new bin. You will see only what's in that seq. with the "source" column right next to it.
  From what I've read, you seem to get the MM thing and it's obviously what you'll need to do to archive as the guys said. But what your missing is a file path system to where everything resides.
  Hope this helps and that I've read you properly,
  Peace
  P-Book 1.5, 17" 2gsRAM   Mac OS X (10.4.4)   FCStudio

• I bought used ipad the previous owner told me that he has already removed the device from his account...the problem is i still cannot activate the ipad..it still asking for Apple ID and password which the owner didn't want to give me.what should i do

  Hello everyone!i got a problem about this used ipad2 that i had bought  from a friend of my friend.the problem is i cannot activate it i asked my friend to contact the previous owner..according to my friend the previous owner had already removed the device from his account..but still it keeps on asking me to enter the email and password..what should i do now?maybe the previous owner didn't want to give me his Email add ppassword for his own personal reason..please help me this ipad has been in here since April 2014..thank you

  The person who sold you the device can remove the ID without giving it to you. Follow the steos in "What to do if you no longer have the device." In the artcle below. If you can't find the person or they won't do it you're stuck with a unusable device.
  What to do before selling or giving away your iPhone, iPad, or iPod touch - Apple Support

• To the people who have N96 device

  to the people who have N96 device, does anyones naviwheel is working? and do you have the square thingy next to the battery? and how do you call that anyway, and what is that for?
  plz reply..
  Solved!
  Go to Solution.

  im sorry about the square thingy. what i was thinking awhile ago was my old cellphone the nokia n78. and that square thingy one was kind of look like a "simcard" and located on the side of the battery bar on the upper right hand side of the screen.
  and from what i remember when i used to have that phone even if i wasnt using the WLAN, that square thingy was just stay there.
  sorry guys for my ignorance, i was just curious.
  plz reply....

• Can Non SRM users approve SRM task from UWL ?

  We have a requirement where certain task approvers who do not belong to SRM application hence they can not access SRM directly. But task item is available for there approval in Universal Work List. Can they approve the task from UWL. If not what we need to do so that non SRM users can approve task from portal Universal Work List
  Thanks and Regards
  Sudhir

  Answered in SRM - Shopping Cart Forum.

• Make WDS Service account approve pending devices in WINDOWS DEPLOYMENT SERVICES

  Hi Technet and all other people reading this.
  I am at the moment trying to get a Service account(WDSService) to approve pending devices in Windoes Deployment Services on a WDS server.
  I have created a domain called LALALA.dk on a server(DNS is included in the domain), and installed windows deployment services on another server. The Deployment service is setup to prestage devices, and therefore devices needs to be approved before it can
  be deployed.
  My problem is that at the moment, we are using Domain Admin accounts to do the approving and i wish to change that to a service account, made specially for this job which ofc. should have minimum right. Because i have a very hard time understanding
  why i NEED to grant domain admin rights or local admin rights to a person just so that he can approve pending devices. There has to be a way to use a service account to do the job.
  I have done some research and found out that local admin, domain admins and enterprise admins are the only onces that have the permission to approve pending devices, and that a problem for me, when i want a service account to do it for me(Not automatically)
  but a service account that can name and approve devices manually.
  Here is what i have allready tried.
  1. making WDSService run the Windows Deployment Services (service), but this didnt work because it lacks the permissions needed.
  2. I have given the read+write permissions on the remoteinstall folder, even tried with full control.
  3. Delegate control on the OU in active directory, to create computer object, with full write permissions. I also tried with full control. I added both WDSServer$ and the service account(WDSService) on the OU. Still nothing.
  4. I then downloaded subinacl tool, and granted WDSService account permission to start, stop the service, even tried with full control on the Windows Deployment Service(WDSServer as server_name). I get error 1297 something with priviledge missing from the
  service account to perform the actions. So still nothing. Which is really weird when i ran a command i cant remember now, where i could see that the service account had full permission granted to the service, and still was'nt able to start the service.
  5. I then tried to create a script using WDSUTIL, but was not able to grant the service account permissions to perform the action of approving pending devices. And i dont want to use a script everytime i need to approve a device.
  6. Since the local system account is running the Windows Deployment Service , my thought was to join the WDSService account to the built-in NT AUTHORITY/local system or NT AUTHORITY/local service, this seems impossible from what i experienced, unless you
  are super powershell geek i quess you can, so this option didnt get me anywhere as well.
  6. I then created a gpo granting wdsservice account the "log on as a service" policy on the Windows deployment service Server, still nothing works as attended. I still get error 1297.
  7.I tried copying the registry keys (WDSSERVER) from the HKEY_LOCAL_MACHINE hive on the WDS Server, and imported it into my Domain's registry, but could'nt find the service i wanted to grant permissions to in the group policy settings (computer configuration/policies/windows
  settings/security settings/System Services) I then created a registry entry with group policy (computer configuration/policies/windows settings/security settings/registry) to point to (local machine/system/controlset001/services/WDSServer) and granting
  WDSService account full control and deployed the policy to the Deployment server. Nothing happend and i still cant approve pending devices with my service account.
  from my understanding service account where created to maintain small certain tasks or actions with limited permissions, so if comprimised they could only do very little damage, and so that this account can be setup to perform the tasks without any administation
  of the account. So my question is, is it even possible to achieve what i want = granting a service account the permission to perform the action of approving pending devices on a Windows Deployment Server, and if so how ? 
  I am so confused over this and I am really reaching the limits of my understanding of this.
  Help is very much appreciated.
  Henrik Larsen

  Hi ZeR1X,
  The Require Administrator approval is for unknown computers.
  The similar thread:
  WDS - Request administrator approval not working
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/b9088be7-7afe-4e2b-b5fb-4554a92c4a2a/wds-request-administrator-approval-not-working
  More information:
  Windows Deployment Service fails to start with error information of 0x5
  http://support.microsoft.com/kb/2009647
  WDS 3.01 Troubleshooting Guide
  http://technet.microsoft.com/en-us/library/cc754828(v=ws.10).aspx
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Give Support Guys permission to perform remote wipe or remove device from the mailbox

  Hi Guys,
  Can anyone please advise what group should I put the admin user so that they remote wipe or remove the mobile device from the user mailbox.
  I thought once user is in Exchange Recipient Administrators group should perform this task but I may be wrong.
  Can anyone help please its a bit urgent.
  Thank you
  Ali
  Ali Hussaini

  more likely exchange team published the article on this
  http://blogs.technet.com/b/exchange/archive/2012/09/12/rbac-walkthrough-of-creating-a-role-that-can-wipe-activesync-devices.aspx
  Where Technology Meets Talent

• Can creating a seperate user protect my info on my device from Facebook?

  As someone who is still coming to terms with the rate of privacy degradation and technology I have concerns about using social media. My quandary is I believe morally & legally I do NOT have the right to give Facebook access to info from personal & business contacts that are on my device. Will setting up a seperate user resolve this issue.

  MMy apology. My intention is to keep my info from being accessed. I wish to limit Facebook to as little amount of info as possible. I refrain from any sharing. I have been informed by a pro photographer to keep my pics to a minimal size, Kb if possible. I am of the opinion the agreement Facebook requires allowing access to ones device is asking someone to do something illegal. I have Not been given permission by all person on my device to allow their particulars to be accessed or used by others. This is especially for business info. In Australia new laws protect images of children so I see this too as an issue. I closed my FB account because Of my concerns And after FB used my mobile to send msgs deleted my funds so I couldn't make a call. I promptly removed FB from all mobile devices. I am an Aussie living in the arctic and FB is very good for keeping in touch with family and friends. But has gone too far and is now only interested in making money. Good idea gone bad. I have applied for proton mail. I am hoping Apple has or will produce hardware& software that allows us to protect that which we choose to keep private. I still use external hard drives for storage & only use cloud based storage when necessary for work commitments,ie Dropbox.
  hence I wonder if having a user just for social media will protect all other data on that device from FB. i am considering a seperate iPad for the same purpose as both my partner & I have families abroad. New technology can be so useful however most of us don't understand the implications or know fundamental strategies or ways to protect ourselves given our ignorance, my field is health, not IT.
  HOpe me this explains fully.

• Approving workflow notifications from Apple Mac machines

  Hi All,
  We have end user who is using Mac system and he is not able to approve the invoice from WF notification email.
  When he clicks on the Approve link the auto-response is opening in his GMail account.
  He is getting the ‘Warning – Unsolicited Email’ response when he sends the response.
  Is there any specific setup for configuration which is required on the user side or on the server side to get rid of this issue.
  Thanks in Advance,
  MJ

  Gtalk plugin has a setting which enables gmail user to click on any mail links and open gmail. Probably this setting is interfering with Approval notification. Disable this setting in gtalk and see.

• Permission to remove mobile device from mailbox

  Exch 2007 sp3
  I need to allow a tech to remove mobile devices from mailboxes. He is currently a Recipient Admin, but cannot delete devices.  I do not want to allow him Org Admin rights. What can I do?  Thx

  You will probably need to create a custom RBAC role with only the appropriate permissions. You'll need something with more rights than a simple Recipient Admin but less extensive than an Organization Admin.
  This should point you in the right directions:
  http://blogs.technet.com/b/exchange/archive/2012/09/12/rbac-walkthrough-of-creating-a-role-that-can-wipe-activesync-devices.aspx
  Yes, it is for wiping the devices (not for removing them from a mailbox) but the general procedure should be the same. I imagine you'll have to experiment a little to obtain the right combination.
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

• How do you "eject" a camera or such device from the photos app after import?

  How do you "eject" a camera or such device from the photos app after import?

  Thanks for your answer. It certainly seemed that since there was no longer a control-click option in Photos for a mounted device that a hot dismount or eject would be OK. Should there be any caveats to the user who selected a Finder option not to show Hard disks, External discs or CDs DVDs and iPods--or is this still uniformly true across all devices (old iPads, Firewire, etc.)?
  This is only true for devices that are not accessible in the Finder. For iPhones, iPads, newer iPods. If a device shows up in Disk Utility as a mounted disk, you have to eject it properly.
  But the newer iOS devices are not mounted as a disk, that a user can write to or eject.
  For example, I just connected my iPhone 5s. It shows in Photos and iTunes in the sidebar, but Disk Utility does not show it as a mounted device, so there is no way to eject it.

• Remove the ipod device from the account

  remove the ipod device from the account

  Is it an old account of yours, or did you buy the device from another person ? If you bought the device from somebody else and it's linked to the previous owner's account then you will need to contact the previous owner, he/she is the only person who can remove it : http://support.apple.com/kb/TS4515
  If it's your account and you can't remember your id (you can't remember an account id that you've had starting with a gmail.com email address, starting with 'e', as its primary email address ?) and/or password then have you tried the http://iforgot.apple.com link ?
  Or if you can't get the password reset via that link then you can try contacting Support in your country : http://support.apple.com/kb/HT5699

• How can I stop my IOS 7 device from sharing my location with IOS 8 devices?

  How can I stop my IOS 7 device from sharing my location with IOS 8 devices? My friend who upgraded their device to IOS 8 said that I'm automatically sharing my location via iMessage details.  I don't want to upgrade to IOS 8 yet because I don't have space.  Is there a way to disable sharing my location with IOS 8 devices by default?  I don't want to turn all location services off because I frequently use Google Maps.

  Actually that's not true. I have a device (iPhone) running ios 7. My friend has an iphone running ios 8. When she clicked into her imessage thread with me, clicks on details in the top right corner it will show her my GPS location. It's doing this automatically because I do not have ios 8 on my phone therefore I don't have the ability to "stop sharing my location". Apple is automatically sharing the location.  If you are using an ios 8, apple automatically pulls in location data for anyone you are messaging not using ios 8. I haven't found a way around this unless you turn off all location services on your phone which is immensely disturbing.