Configure Exchange ActiveSync For iOS Devices
Microsoft Exchange is one of the most frequently used email and calendar software. Hence it becomes important to be able to configure and control the Exchange settings on the fly.
Scalefusion addresses this by providing you with an easy-to-use Exchange Settings section, where you can configure the Exchange policy for your organization and then push them to Scalefusion-managed iOS devices. In this guide, we will see how to create, configure and publish an Exchange ActiveSync settings from Scalefusion Dashboard.
Before You Begin
✅ Login to Scalefusion Dashboard.
✅ Have access to your organization's POP/IMAP Email settings.
✅ Have access to one Scalefusion-managed iOS device.
Creating An Exchange ActiveSync Configuration
- Navigate to Device Profile & Policies > All Configurations > Global Settings > Exchange Settings. This section will display all the existing configurations and the actions that can be performed on them.
- Click on Add New to start adding a configuration.
- The New Exchange Settings dialog box will be displayed. The dialog has three tabs,
- Basic: Configure the mandatory settings in this tab.
- Apple Settings: Set the OAuth URLs and also some additional privacy settings for email access via Mail app on Apple devices. OAuth helps in enabling modern auth for email access and is the only way to make exchange configs work for email providers which use/support modern auth. Following are the configurable settings:The iOS icon next to a setting indicates that it is supported on iOS & iPadOS, and not on macOS.
- Use OAuth for Authentication: Enable this setting to configure the modern/MFA authentication URLs if your email provider supports it. After toggling on, enter the following for authentication:
- Sign In URL: https://login.microsoftonline.com/tenant-id/oauth2/v2.0/authorize
- Token URL: https://login.microsoftonline.com/tenant-id/v2.0/tokenThe Sign In and token URLs above are sample URLs as these are commonly used for Microsoft
- Security Settings: Configure the following to enforce security settings for the account:
- Allow Mail Drop for this account: On enabling this setting, the Mail Drop feature (through which you can insert external links like iCloud for sending large size attachments), will be allowed for use on the mail account configured via MDM, else it will be blocked.
- Prevent Use in Third Party Apps: Enabling this setting prevents users from using corporate mail account to be used in third-party apps like for sharing content. This will prevent unwanted content to be shared within organization or distributed from official email.
- Prevent Moving Messages from this Account: Enabling this prevents messages being moved to other personal mailboxes or other mail accounts configured in Mail client. This prevents data leak.
- Allow Mail Drop for this account: On enabling this setting, the Mail Drop feature (through which you can insert external links like iCloud for sending large size attachments), will be allowed for use on the mail account configured via MDM, else it will be blocked.
- Use OAuth for Authentication: Enable this setting to configure the modern/MFA authentication URLs if your email provider supports it. After toggling on, enter the following for authentication:
- Advanced: Choose the content you want to sync.
- Basic: Configure the mandatory settings in this tab.
- Click on Save. Once the configuration is saved, it will display in the list as shown below.
Publishing an Exchange Configuration
The next step is to publish the exchange configuration on your iOS device. To publish the exchange configuration:
- Under the Exchange ActiveSync Settings page, click on the Publish icon of the respective Account Name.
- From the list of Device Profiles, select the profile to which you want to apply the configuration to and select Publish.
- Once the configuration is published to a device profile, it will be pushed to all the devices in that profile and the Mail client on the devices will be configured.
Authorizing On Device
Whenever exchange settings are pushed or modified, users would be prompted on the devices to authorize again. To do so,
- You will get a prompt to enter password for the exchange account you have configured. Click on Edit Settings
- You will be navigated to Settings > Accounts. Select the corporate account and click on Re-Enter password to enter the password and authenticate.
- Once authenticated, you will be able to view the mail settings as per Exchange configuration.
