Allowing mobile devices on Exchange Online with a bulk script

Hi guys,

In my last exchange migration to O365 my customer had the requirement to block all BYOD because for security reasons email department verify and manage all mobile devices. How? as always, asigning IMEI device ID to the user mailbox in O365.

Steps to acomplish that:

First of all you need to go to Exchange Online and there go to mobile section. Push on Edit.

BlockMobileEXO01

 

On the window select Block access and push on save

BlockMobileEXO02

After that action, you can use the below command to asign devices to usermailboxes:

Set-CASMailbox user@domain.com -ActiveSyncAllowedDeviceIDs “ID”

To check some user use:

Get-CasMailbox username | fl ActiveSyncAllowedDeviceIDs

If you have a large correlation of users – devices you can use my script. It’s very useful!!

  1.  You need a csv file with a list of users called migration.csv. Save it on C:\migration folder.

migration

2. You need a file called Device_Info.csv where you have all device IMEI info exported from on-prem. Save it on C:\migration folder.

 DEVICE_INFO

3. A csv file called LoteYYYYMMDD.csv where you have all users in O365.

20160125

4. The magic script:

param(
[string]$Script:sourcefilename = “migration.csv”,
[System.Management.Automation.CredentialAttribute()]$cred = $null
)

Write-Host “This script must be run from a Powershell AD AZURE”
Write-Host “We load the list of users migrated from file $($Script:sourcefilename)”
$migrados = Import-Csv $Script:sourcefilename
if([String]::IsNullOrEmpty($cred)){$cred = Get-credential}

Write-Host “We load the list of devices.”
$Users = Import-Csv “C:\MIGRATION\Device_Info.csv” | Sort-Object PrimarySMTPAddress
$UserID = $null

Foreach ($user in $Users)
{
#Let’s see if the device line in the file contains a migrated user
$containsMailMigrado = $migrados | %{$_ -match $user.PrimarySMTPAddress}
If($containsMailMigrado -contains $true)
{
Write-Host ” Finded MailMigrado – $($user.PrimarySMTPAddress)”
$UserID = $user.PrimarySMTPAddress
$DeviceID = $user.DeviceID
Write-Host ” Adding device DeviceID = $($DeviceID)”
Set-CASMailbox -Identity $UserID -activesyncalloweddeviceid @{Add=$DeviceID}
}
}

Save that script as ScriptDevicesO365.PS1

Having all requisites showed above you can execute the line .\ScriptDevicesO365.PS1 LoteYYYMMDD.csv $UserCredential that will permit all your corporate devices be used with the assigned user on Office 365 – Exchange Online.

References:

https://technet.microsoft.com/en-us/library/jj218706(v=exchg.160).aspx

https://technet.microsoft.com/en-us/library/bb125264(v=exchg.160).aspx

Regards!

 

 

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s