- #DOES EM CLIENT SUPPORT EXCHANGE ACTIVESYNC UPGRADE#
- #DOES EM CLIENT SUPPORT EXCHANGE ACTIVESYNC ANDROID#
So if that is the only solution, Id confirm it really works for me, Lotus Notes Server + Traveller server.
#DOES EM CLIENT SUPPORT EXCHANGE ACTIVESYNC UPGRADE#
But it is a big decision for me to upgrade to Windows 8 or buy Outlook 2013. The UserAgent / ClientInfo String for eM Client is: Client= eM Client/1.0 (ExchangeServicesClient/1.0),ĭoes O365 have any way of using that to prevent that agent (and maybe others?) from connecting. And I was told Windows 8 mail client and Outlook 2013 supports Exchange ActiveSync.Note we still have some active Outlook 2010 installations so those can’t break either, yet?.Does O365 have any means of preventing these applications from still connecting via Basic authentication that would still allow ActiveSync to work and without breaking any Outlook functionality?.
#DOES EM CLIENT SUPPORT EXCHANGE ACTIVESYNC ANDROID#
We’ve handled this through a separate policy in Okta that blocks the “Unknown” devices, but some Android devices report back as “unknown” so we have to have exceptions for them. Have seemingly acknowledged the existence of an issue on their side, but Okta support has nonetheless asked me to ask some questions of MS. Since it doesn’t use ActiveSync this doesn’t make sense, and is clearly some kind of Okta issue. (They specifically have iOS, Android, and “Unknown” device types listed under ActiveSync). Ultimately this was found to be allowed through Okta under the policy thatĪllows “Unknown” ActiveSync devices. It’s not using ActiveSync it’s just using Exchange Web Services with basic authentication. I downloaded this client and confirmed the same with my account. We never got the ActiveSync quarantine notification so it went under the radar entirely. However, the attacker apparently used an email client called eM Client to connect to his account and it worked,Īnd they were still able to send messages to all of his contacts and deleted the messages from his mailbox. Now onto the issue and questions at hand.Ībout a month ago an employee of ours was phished and gave up his credentials. Hopefully that all makes at least some sense. This allows us to prevent unauthorized devices for the people that do have ActiveSync enabled. We then have Okta setup so that mobile devices using ActiveSync are allowed to authenticate anywhere. So we have O365 setup to quarantine all Active Sync devices unless it has the Blackberry Work UserAgent string. In using Blackberry Work in the first place.
This doesn’t support the modern authentication flow, but we can’t have ActiveSync just open everywhere otherwise there’s no point We are currently using ActiveSync for our mobile phones with an app called Blackberry Work. With Okta we can specify that if someone is on our network (based on external IP) they are NOT prompted for MFA, but
First, our general configuration is that we have A single Office 365 account and we federate our sign in to Okta for SSO and MFA sign-ins.