🎉 Our Office 365 Reporting Tool is now available in Azure Marketplace 🚀
This website uses cookies to improve your experience. We'll assume you're ok with this. Know more.
Exchange Online

How to Get ActiveSync Enabled Mailboxes in Exchange Online

Managing email synchronization for mobile devices is essential for smooth business communication. Exchange Online ActiveSync (EAS) enables users to access emails, calendars, contacts, and tasks on mobile devices. EAS configuration and monitoring can be challenging for adminis, as unchecked settings may lead to security risks. This guide outlines the steps to identify all Microsoft 365 ActiveSync-enabled mailboxes and efficiently track them along with their connected mobile devices in your organization.

Solution 1
Solution 2
Solution 3
Important Tips
Errors and Resolution Steps
FAQs

Using Exchange Online Admin Center

Microsoft 365 Permission Required
View-Only Recipients Role Least Privilege
Global Admin Most Privilege
  • Sign in to the Exchange Online admin center.
  • Navigate to Recipients»Mailboxes and select the respective user mailbox.
  • Under General»Email apps & mobile devices»Manage email apps settings, check whether the toggle for ‘Mobile (Exchange ActiveSync)’ is enabled in the flyout pane.
Using Exchange Online Admin Center

Unfortunately, the Exchange Online admin center doesn't allow you to view all devices connected via Exchange ActiveSync at once.

Using Windows PowerShell

Microsoft 365 Permission Required
View-Only Recipients Role Least Privilege
Global Admin Most Privilege
  • The most efficient native method to get a list of all Exchange ActiveSync-enabled mailboxes is to use PowerShell.
  • Connect to Exchange Online PowerShell module.
  • Windows PowerShell Windows PowerShell 
     Connect-ExchangeOnline
  • Run the below cmdlets to list all the Exchange Online ActiveSync enabled mailboxes in your tenant.
  • Windows PowerShell Windows PowerShell 
     Get-EXOCASMailbox -Filter "ActiveSyncEnabled -eq $true" | ft cmdlet
Using Windows PowerShell
AdminDroid Exchange Online Reporter

Monitoring all Microsoft 365 ActiveSync enabled mailboxes made easy!

The AdminDroid Exchange Online mobile device reporting tool offers a streamlined solution for managing ActiveSync devices. It provides comprehensive reports on ActiveSync, including enabled mailboxes, added devices, inactive devices, and more, to facilitate efficient device management in your Microsoft 365 environment.

Monitor Mobile Devices by Policy

Use the Mobile Device by Policy to track connected mailboxes with applied mobile device policies and ensure that security policies are properly enforced on connected devices to prevent data leaks.

Detailed Mobile Device Report by Client Type

The Mobile Devices by Client Type report provides a list of registered devices and their client types (Outlook, EAS, etc.) that helps admins improve mobile device management in their organizations.

List of All Connected Mobile Devices in EXO

Easily track whether the connected mobile devices are managed and compliant with your organization's security policies using the All Mobile Devices report.

Check Connected Mobile Devices by OS

Leverage the mobile device by OS report to visualize key stats like device OS versions, connected mailboxes, and M365 device types, helping admins identify devices that needs OS upgrades.

Get the list of all Inactive ActiveSync Devices

Identify all the inactive ActiveSync devices with details like inactive sync days and last sync time, helping admins identify and block devices no longer needed.

Recently Added Exchange ActiveSync Devices

Keep track of the recently added ActiveSync devices with details, such as mailbox name, mobile device name, sync time, device model, etc., to ensure the newly added devices comply with security policies.

Overall, AdminDroid’s Exchange Online management tool empowers you to effectively manage ActiveSync devices within your Microsoft 365 environment. By providing detailed reports on ActiveSync-enabled mailboxes, it helps you ensure that all mailboxes are properly configured and synced, thereby enhancing your ability to maintain device security and compliance.

Explore a full range of reporting options
Download Live Demo

Important Tips

Implement a strict ActiveSync password policy that requires strong and complex passwords on mobile devices, ensuring that only compliant devices are synced to your Exchange Online mailboxes.

Enforce multifactor authentication (MFA) using Conditional Access for Exchange ActiveSync connections to enhance security and minimize the risks of unauthorized access.

Protect your sensitive data and maintain compliance by implementing robust mobile device management (MDM) policies using Microsoft Intune.

Common Errors and Resolution Steps

The following are possible errors and troubleshooting hints while monitoring ActiveSync enabled mailboxes.

Error Try Again later, or contact your IT admin. A mobile device can't connect to Exchange Online by using Exchange ActiveSync.

This error indicates that a mobile device is unable to connect to Exchange Online via Exchange ActiveSync.

Fix Check the ActiveSync quarantine settings in the Exchange Online admin center. If the device is listed as blocked, remove it from the quarantine to restore access. Additionally, ensure that the device complies with your organization's security policies.

Error ExADDDAF|Microsoft.Exchange.Management.Tasks.RecipientTaskException|This task does not support recipients of this type.

This error may occur in PowerShell when attempting to execute the ActiveSync enable or disable cmdlet for a user account that does not have a mailbox.

Fix Always verify that the user has a mailbox before including their UPN in the command.

Error G: Ex6F9304|Microsoft.Exchange.Configuration.Tasks.ManagementObjectNotFoundException|The operation couldn't be performed because object 'X' couldn't be found on 'BM1P287A01DC003.INDP287A001.PROD.OUTLOOK.COM'.

This error occurs when you run the Get-CASMailbox cmdlet with the wrong user’s UPN in the Exchange Online PowerShell.

Fix Check the spelling of the user’s UPN and re-run the cmdlet in Exchange Online Management Shell.

Error Get-EXOCASMailbox : You must call Connect-ExchangeOnline before calling any other cmdlet.

This error will occur while you are running the ‘Get-EXOCASMailbox' cmdlet without connecting to the Exchange online.

Fix To export list of ActiveSync enabled mailboxes in Microsoft 365. Make sure to connect to the Exchange Online module by using the following cmdlet. 
Connect-ExchangeOnline
Exchange Online
Frequently Asked Questions

Enhance Remote Email Security by Managing Exchange ActiveSync Access in Microsoft 365

How to enable or disable Exchange ActiveSync access to mailboxes in Microsoft 365?
How to get the list of all Exchange ActiveSync users in Microsoft 365?
How to assign mobile device mailbox policy in Microsoft 365?
How to manage Quarantined devices access rules in Exchange Online?

1. How to enable or disable Exchange ActiveSync access to mailboxes in Microsoft 365?

Exchange ActiveSync (EAS) is a protocol that enables mobile devices to synchronize email, calendar, contacts, and tasks with Exchange Online. Managing Exchange ActiveSync access is essential for maintaining data security policies and ensuring users have appropriate mobile access.

Follow these steps to enable or disable Exchange ActiveSync access to a mailbox for a mobile device.

  • Sign in to the Exchange Online admin center and navigate to Recipients»Mailboxes »select the respective user mailbox.
  • Under General»Email apps & mobile devices, you will find the Mobile (Exchange ActiveSync). option. You can enable or disable it by clicking the toggle.

Enable or disable Exchange ActiveSync for a mailbox in EXO using PowerShell

You can utilize the following PowerShell cmdlets to efficiently enable or disable EAS for a mailbox in Exchange Online.

# Connect to Exchange Online PowerShell module.
Connect-ExchangeOnline
# To enable Exchange ActiveSync access to mailbox in Exchange Online.
Set-CASMailbox -Identity user@domain.com -ActiveSyncEnabled $true
# To disable Exchange ActiveSync access to mailbox in Exchange Online.
Set-CASMailbox -Identity user@domain.com -ActiveSyncEnabled $false

2. How to get the list of all Exchange ActiveSync users in Microsoft 365?

By identifying the number of devices connected via Exchange ActiveSync, admins can monitor for any unusual remote devices connected to the Microsoft 365 mailbox.

Find the list of all devices connected using Exchange ActiveSync using PowerShell

Run the below cmdlet in Exchange Online PowerShell to get list of all devices connected using Exchange ActiveSync.

Get-MobileDevice -ResultSize Unlimited

To proactively track list of all devices connected using Exchange ActiveSync, AdminDroid offers a robust solution!

With AdminDroid's ActiveSync Device Count report, you can effortlessly track the number of ActiveSync devices connected using EAS.

admindroid-active-sync-devices-count

3. How to assign mobile device mailbox policy in Microsoft 365?

Mobile device polices allow you to control access to mailboxes from various mobile devices, ensuring that sensitive information is protected.

Managing mobile device mailbox policies in Exchange Online (EXO) allows administrators to control the behavior and security of mobile devices that access organizational mailboxes through Exchange ActiveSync. Here's how you can manage these policies in EXO:

Create a new mobile device mailbox policy using Exchange Admin Center

  • Navigate to the Mobile»Mobile device mailbox policies in Exchange Online admin center.
  • Click + New to create a new policy.
  • Set the required parameters, such as password strength, device encryption, sign-in failure count before wiping a device, and synchronization settings.
  • After reviewing the policy inputs, click Create to complete the policy creation.
eac-mobile-device-mailbox-policy

Create a new mobile device mailbox policy using PowerShell

You can utilize the following PowerShell cmdlets to create a new mobile device mailbox policy in Exchange Online.

#Connect to the Exchange Online module. 
Connect-ExchangeOnline 

# To create a new mobile device mailbox policy in Exchange Online. 
New-MobileDeviceMailboxPolicy -Name "PolicyName" -AllowSimplePassword $false -PasswordEnabled $true -AlphanumericPasswordRequired $true -PasswordExpirationDays 90 -MinPasswordLength 8

Using the New-MobileDeviceMailboxPolicy cmdlet, you can set a descriptive name for the policy and configure password requirements, such as allowing simple passwords, enabling password enforcement, requiring alphanumeric passwords, and defining password expiration & minimum length.

With AdminDroid, admins can monitor mobile device configuration changes and identify connected devices along with their applied mobile device policies.

  • Closely monitor all 'Mobile Device Configuration Changes' with detailed insights into iOS and Android devices, empowering admins to effectively manage and enforce Exchange mobile device policies.
admindroid-mobile-device-mailbox-policy-report

Pro tip: Utilize the Schedule option to receive the Mobile Device Configuration Changes report periodically to your mailbox.

4. How to manage Quarantined devices access rules in Exchange Online?

Quarantined devices in Exchange Online are mobile devices that have been temporarily blocked from accessing your organization's email data as they do not comply with your mobile device policies. This can happen for various reasons, such as:

  • Device enrollment failure: The device failed to enroll in Exchange Online using the required method.
  • Non-compliant device configuration: The device doesn't meet the specified requirements like having a minimum OS version or being encrypted.
  • Policy violations: The device has violated your organization's mobile device policies, such as accessing restricted data or failing to meet security requirements.

When a device is quarantined, the user will typically receive a notification indicating that their device is not allowed to access emails. They may need to take proper actions, such as updating their device settings or re-enrolling it, to regain access.

Managing Quarantined Devices in Exchange Online

You can manage quarantined devices in the Exchange Admin Center (EAC) under Mobile Device Management.

  • In the Exchange admin center, navigate to Quarantined Devices under Mobile»Mobile device access.
  • Under the ‘Quarantined Devices’ section, select the desired device.
  • Clicking on the device will allow you to view its details, including the reason for quarantine and any associated policies.
  • From the below available options, choose the desired action that you need to perform on quarantine quarantined devices.
    • Unquarantine - Remove the device from quarantine if the issue has been resolved.
    • Wipe Data- Remotely wipe the device if it's lost or stolen.
    • Modify Policies - Review and adjust your mobile device policies to prevent similar issues in the future.

Note: The specific actions available may vary depending on your organization's configuration and the reason for quarantine.

Kickstart Your Journey With
AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities

Download Now
Browse All Guides
User Help Manuals Compliance Docs
All Guides 99+
Exchange Online
How to Get ActiveSync Enabled Mailboxes in Exchange Online
Exchange Online Guides
x
Delivering Reports on Time
Delivering Reports on Time
Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid's Scheduling to your email anytime you need.
Delivering Reports on Time
Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add inteligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.
Set It, Schedule It, See Results- Your Reports, Your Way, On Your Time!
Time Saving
Automation
Customization
Intelligent Filtering
Give Just the Right Access to the Right People
Give Just the Right Access to the Right People
Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.
Give Just the Right Access to the Right People
Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.
Align, Define, Simplify: AdminDroid's Granular Delegation
Smart Organizational Control
Effortless M365 Management
Simplified Access
Advanced Alerts at a Glance
Advanced Alerts at a Glance
Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.
Advanced Alerts at a Glance
Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.
AdminDroid Keeps You Always Vigilant, Never Vulnerable!
Proactive Protection
Real-time Monitoring
Security Intelligence
Threat Detection
Merge the Required Data to One Place
Merge the Required Data to One Place
Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.
Merge the Required Data to One Place
This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.
Merge with Ease and Save as Views!
Custom Reporting
Unique View
Desired Columns
Easy Data Interpretation
Insightful Charts and Exclusive Dashboards
Insightful Charts and Exclusive Dashboards
Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.
Insightful Charts and Exclusive Dashboards
With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.
Explore Your Microsoft 365 Tenant in a Whole New Way!
Executive overviews
Interactive insights
Decision-making
Data Visualization
Efficient Report Exporting for Microsoft 365
Efficient Report Exporting for Microsoft 365
Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.
Efficient Report Exporting for Microsoft 365
Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.
Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!
Easy Export
Seamless Downloading
Data Control
Manage Microsoft 365

Get AdminDroid Office 365 Reporter Now!

Free Download Live Demo