This section only applies to iOS (iPhone, iPad and iPod Touch) devices.
Starting with version 5.15, mSuite ships with a default Device Settings policy for iOS devices which is applied to all users but, by default, is not activated. The Device Settings policy can be used to configure (and lock) various settings on the device. You can modify this policy or create a new policy and deploy that to groups of users.
In versions 5.17 and 5.18, more settings were added to the Device Settings policy.
Note: The policy is only applied if the EAS account on the device is created via an iOS Configuration Profile i.e. by the iOS Provisioning process. If a user manually creates their EAS account on the device, the Device Settings policy is not applied. From 5.18 onwards, you can, if you wish, deny access to iOS devices that have not been provisioned with a Device Settings policy (Profile).
If you change a policy that has already been deployed to an iOS device, the policy on that device will not be updated until/unless the device is provisioned again. This is an iOS restriction - for more information, click here.
The common Exchange ActiveSync account settings:
Plus, from mSuite 5.17 onwards:
It can also be used to enhance the security of iOS devices by disabling any/all of the following:
Plus, from version 5.17 onwards (for iOS4 devices only):
Plus, from version 5.18 onwards (for iOS4 devices only):
Best practise is to always work at a group level and not at an individual level. The system will let you do both but the administration task will be much easier if everything is done with groups. Users inherit virtually all of their settings from the group hierarchy, when you change the setting at an individual or sub group level, it will break this inheritance for the modified setting. This means if you later change this setting at a higher group level, the modified user or group will not inherit the change, which can be confusing.
You can edit an existing policy by expanding the navigation tree, under the node Policies, select Device Settings. The action pane will display all of the Device Settings policies that are defined. By default there is a single policy Default Device Settings Policy. Right mouse click the name of the policy that you want to modify in the action pane and then select Configuration Wizard...
If you change a policy that has already been deployed to existing iOS devices, the policy on those devices will not be updated until/unless the devices are provisioned again.
To create a new policy, expand Policies and select Device Settings in the navigation tree then right mouse click an existing policy in action pane. Select All Tasks > Copy settings to new policy... then enter the Name of the new policy and click OK. The new policy is created as a clone of the existing policy - to change the settings in the new policy, follow the instructions for Editing an existing policy above.
In either case, the Policy Management Wizard will run to allow you to define the policy.
To deploy a new Device Settings policy or change the currently deployed policy, expand the Administration node in the navigation tree, expand Users and Groups until you can see the user or group that you want to apply the policy to.