You can use the mobile device mailbox policy to manage many different settings. These include:
- Allow simple passwords: Allow devices to use simple passwords such as 1234 or 1111;
- Require alphanumeric password: password to contain both letters and numbers;
- Password must contain the number of character sets: The password contains uppercase and lowercase letters, numbers, and special symbols, for example, set to 3, which contains three;
- Require encryption on the device: If encryption is required, OWA will block devices that do not support encryption;
- Minimum password Length: The minimum value of the user's password length;
- Number of logon failures before wiping the device: the user has failed to log on for a specified number of times, the data will be erased, and all data will be erased when using Exchange ActiveSync. When using OWA, only application data is erased;
- If the user device has been inactive for the following time (in minutes), it needs to log back in: The maximum time limit for the idle state, which requires a password to unlock;
- Enforce password lifetime: Password expiration period, after the super-high change the period, need to change the password;
- Password Recycle count: Reuse the previous password, for example, the number is 10, that is, the new password can not be the same as the previous 10 passwords;
New mobile Device Mailbox policy
1. Open the Exchange Admin Center, select "Mobile Mobile device Mailbox Policy" and select "New" (plus icon)
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/77/46/wKioL1ZmZA6xsiYYAAC_55Fpj-k728.png "/>
2, enter the policy name, select the desired password policy, where "*" is required;
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/47/wKiom1ZmY6Dgqpy-AAETA7iTO60396.png "/> |
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/47/wKiom1ZmY6CytmHRAADYMk28fuI771.png "/> |
In addition to the graphical interface, we can also use the command line to create a new mobile device mailbox policy;
1. You can use the "new-mobiledevicemailboxpolicy" command to create a new mobile device mailbox policy, where:
-name is followed by the name of the mobile device mailbox policy;
-alphanumericpasswordrequired Specifies whether the password for the mobile device must be alphanumeric. The valid input value for this parameter is $true or $false. The default value is $false. --
-minpasswordcomplexcharacters Specifies the minimum number of complex characters required for a mobile device password. Complex characters are not individual letters. You can enter any number between 1 and 4. The default value is 1;
-passwordhistory Specifies the number of unique new passwords that need to be created on the mobile device before the old password can be reused. You can enter any number between 0 and 50. The default value is 0;
Detailed parameter reference: https://technet.microsoft.com/zh-cn/library/jj218612 (v=exchg.150). aspx# China (English)
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/46/wKioL1ZmZBCSsRT-AABEkTu9uGY541.png "/>
2, you can use the "get-mobiledevicemailboxpolicy" command to view the mobile device mailbox policy;
Detailed parameter reference: https://technet.microsoft.com/zh-cn/library/jj218651 (v=exchg.150). aspx
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/46/wKioL1ZmZBHjuoNdAAAtum1ojSw427.png "/>
When we use the "get-mobiledevicemailboxpolicy" command to view a mobile device mailbox policy, we find that in addition to some of the above secret strategies, there are some other strategies;
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/77/47/wKiom1ZmY6LD8UNtAAEEb0gUBZA661.png "/>
So how do you change these strategies?
1. We see the "Allow browser (allowbrowser)" policy at this time to be "True"
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/46/wKioL1ZmZBLiWzyWAACBptP0-LQ753.png "/>
2, can be modified by "Set-mobiledevicemailboxpolicy", when we do not know the specific parameters, can be "get-help set-mobiledevicemailboxpolicy" to obtain the help of the command;
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/47/wKiom1ZmY6XzA7ZHAAK89nARkj0306.png "/>
3. Use the "set-mobiledevicemailboxpolicy" command to modify the value of the "Allow browser (allowbrowser)" policy to "False", Where:
-identity is followed by the mobile device mailbox policy name;
And then the value of the property you want to modify;
Verbose command parameter reference: https://technet.microsoft.com/zh-cn/library/jj218719 (v=exchg.150). aspx
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/77/46/wKioL1ZmZBWDPG2PAAAudRjzYlw266.png "/>
4, at this time we are through the "get-mobiledevicemailboxpolicy" command view, the discovery has been modified;
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/47/wKiom1ZmY6WAGyyTAAAHBXVAEVI758.png "/>
More mobile Device Policy reference: https://technet.microsoft.com/zh-cn/library/bb123783 (v=exchg.150). aspx
Delete a mobile device mailbox policy
1. Open the Exchange Admin Center, select Mobile mobile device mailbox policy, select the policy you want to delete, and select Delete (Recycle Bin icon)
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/46/wKioL1ZmZBbhzqleAADPhHJjNN0153.png "/>
2. Select "Yes" in the pop-up warning box;
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/77/47/wKiom1ZmY6fxCkrnAAAaYbVp1FA179.png "/>
You can also use the "remote-mobiledevicemailboxpolicy" command to delete a mobile device policy that you want to delete, where:
-identity is behind the mobile device policy name;
Will pop up ok row, select "Y";
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/47/wKiom1ZmY6fgDwAfAABjF3N3wb8577.png "/>
Exchange 2016 mobile device mailbox policy