with SCCM 2012, Microsoft introduced an option for management of the devices via Exchange Active Sync.
When you add a new on-premises exchange server, this configuration is quite simple, however, if you try to do this using your Exchange Online or Office 365 subscription, this is not quite easy, at least it was not for me.
In this post, we’ll walk through all necessary steps to connect your SCCM 2012 R2 to your Office 365. I’d assume the steps for a 2012 SP1 environment will be the sames, however, as i have no SP1 lab anymore, i cannot confirm.
1- Download and install the Microsoft Online Services Sign-In Assistant version 7.0 or greater. From http://www.microsoft.com/en-us/download/details.aspx?id=41950 you can download the 7.2 version. Remember to install it on the site server:)
2- Download and install the Windows Azure powershell (http://technet.microsoft.com/en-us/library/jj151815.aspx). Remember to install it on the Site Server 🙂
3- now it is time to connect to your office 365 via powershell, to do it, i used the commands from http://help.outlook.com/en-gb/140/cc952755.aspx
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Note: if you want manage your devices via SCCM and Windows Intune, change Allow External mobile device Management to Allow under Settings (i’ve done it already as the default is controlled by exchange)
5- now that the connection is done, you can run the powershell Remove-PSSession $Session to remove the session created
6- Once it is done, right click the subscription and select syncronize now. a new log called EasDisc.log will be created and if there is any trouble, you’ll be able to see there.
8- but what happen if you have a device that was already being managed by SCCM/Windows Intune and you enable the Exchange sync?!?! it is simple, you’ll see a new agent name under the device’s properties
Now that you know how to set it up, a question you may have. why should i bother with Exchange connector instead of using only sccm/windows intune?!
what i mean by that is:
– If the mobile device is enrolled by Configuration Manager or by Windows Intune, the client receives command when it next downloads its client policy. by default it is configured to happen every 8 hours.
– If the mobile device is managed by the Exchange Server connector, the mobile device receives the command when it next synchronizes with Exchange. Well…by default, every time the user receives a new e-mail 🙂
As you can see, having the exchange connector as well as the sccm/intune allows you to have extra management. the main command i’m talking on this is the wipe/retire command. i don’t want wait, i want it to be as real time as possible 🙂