ActiveSync - automatically enable users
Idea shared by kevind - 6/7/2015 at 4:53 PM
Under Consideration
One thing that's a hassle for us is enabling ActiveSync for each user.  We'd like to turn it on for everyone, but that's too expensive as only a fraction of users require it. 
My suggestion is to automatically enable ActiveSync for an account after the first successfully ActiveSync authentication.  Doesn't seem like it would be difficult: 1) wait for an ActiveSync request, 2) if authentic, enable for user and increment license counter.
I know there's an API call for this and we've already written the code, but it's extra work for the user (login to control panel, perform a few steps). It would be much easier to tell users to configure their smartphone and when they do so, it just works (like POP and IMAP).

14 Replies

Reply to Thread
Just want to bump this since there were no replies. I can see 2 advantages:
  • Save time for admins/users -- they wouldn't have to enable for each mailbox.
  • Increased sales for ST -- more people using ActiveSync means more license sales.
Hopefully this wouldn't take a lot of development -- when ActiveSync request comes in, enable and increment license.
I saw a few recent posts regarding EAS which reminded me of this request. The bottom line is that maintaining EAS licenses is a pain and this would remove some of the burden. Under consideration?
Employee Replied
Employee Post
Kevin, I have added this to our features request list for further discussion by management and the dev. team.
Thanks! This could add to your bottom line if you don't have to give it all to Microsoft.

FWIW, I've been re-thinking my position for email on mobile devices. I think ActiveSync is more useful than a new mobile interface. Hardly anyone uses webmail on a phone. Almost everyone prefers integration with the phone/tablet's built-in contacts, calendars, and email client.
I agree with Kevin D.
If implemented, this still needs to be controlled on a domain-by-domain basis, with a maximum number of ActiveSync licenses available to each domain.
If implemented, the security aspect of "admins" within domains must also be completely re-designed.  It is already lax, allowing sub-administrators to change the password, and even remove, the main domain administrator's privileges as domain administrator.
There is a potential for a domain owner to be able to easily abuse a contracted obligation if domain level admins are capable of adding as many ActiveSync accounts to their domain users as they desire.
Bruce Barnes
ChicagoNetTech Inc

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
This is an old thread, but still very relevant. I know SM16 is focused on the mobile UI, but...
  • Users aren't accustomed to launch a browser to check mail on their smartphone.
  • Users want to sync their contacts, calendars, and email with their mobile devices.
If we could make ActiveSync automatic so that it just works, it would be much appreciated.
I saw some posts about brute-force attacks on ActiveSync and whether these are logged and/or blocked. If you happen to be in looking at this code, maybe you could add a few extra lines to automatically enable ActiveSync for successful authentications? It would be sooo useful in supporting customers.
  • Users access their email with a smartphone.
  • Most use the built-in app, not the smartphone's web browser.
  • Using the app to add an iCloud, Outlook, Google, Yahoo!, etc. mailbox just works. No need to go to the server and enable some setting.
Hoping SM could work the same way. Just add a checkbox on the server (or for each domain):
[  ]  Enable ActiveSync on successful login
It would allow users to just set up their phone without having to call in for support, and then support needs to contact the server admin, etc. Would be a nice Christmas present. :-) Thanks.
From what Andrea wrote a couple days ago, it sounds like there's some current development being done with EAS (ActiveSync):

Hoping this idea to automatically enable EAS upon first use could be implemented. It would make it more convenient for end-users (fewer steps) and reduce work for system administrators.

Has 10 votes from 3 years ago, but I'm guessing many more people would find this useful.

11 votes. ;)
Bumping this old idea as it would be a useful feature. Now 12 votes.
I think it is a cool feature, we would never use it. Just blindly allowing users licenses to be created without the user knowing there is an associated cost, billing them, then them asking WTF is this for? then telling them what happened, then them asking why did it let me do it without telling me there was a cost?

When we have a customer who wants all users under their domain EAS. We let them know the costs etc. and set that up for them instead of just letting them just use EAS and then finding out ohhhhh, there was a cost.
OK, then here's an option -- just allow automatic activation for a domain.  So a customer wants EAS, you tell them there's a cost and 'allow' it for the domain. You won't have to go through 100 users to turn it on.  And, if only 20 out of 100 users actually use it, you're not paying for unused licenses.
Thankfully, we dont have to manually click a bunch of buttons to turn on EAS :) We have automation for that stuff :)

Reply to Thread