Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Planning and Requirements for Exchange ActiveSync Management of Mobile Devices with Windows Intune

Updated: December 17, 2012

Applies To: Windows Intune

This topic provides an overview of the steps that you should take before you connect Windows Intune to your Exchange Server.

noteNote
If you are also using Windows Intune direct management to manage mobile devices, we recommend that you deploy the Exchange Connector only in the same environment where have configured Windows Intune direct management.

To prepare to connect Windows Intune to your Exchange Server

  • Configure Active Directory synchronization.

    To connect Windows Intune to your Exchange environment, you must configure Active Directory synchronization so that your local users and security groups are synchronized to the Windows Azure Active Directory and can appear in the Windows Intune administrator console. To configure Active Directory synchronization, you need to set up the Microsoft Directory Synchronization tool. When you set up the Microsoft Directory Synchronization tool, it populates the Windows Intune account portal with synchronized users and security groups and it enables Windows Intune to retrieve user information for mobile device users.

    ImportantImportant
    To ensure that your AD DS infrastructure is properly prepared for Windows Intune, we strongly recommend that you review Active Directory Synchronization Roadmap.

  • Enable Domain Verification.

    When you set up your Windows Intune account, make sure to enable domain verification in the Windows Azure Active Directory service. When this is done, you can synchronize mailbox information for connected users, and users who are managed by Windows Intune can synchronize their email messages.

  • Activate synced users for Windows Intune.

    After you synchronize your local users and security groups to the Windows Azure Active Directory, you must activate the synchronized users and assign them membership in the Windows Intune user group to provision them in Windows Intune. The process of provisioning defines device owners as managed users in Windows Intune. After provisioning is complete, users are displayed and can be managed in the Windows Intune administrator console. You do not need to activate the synced security groups. For more information, see the “Adding Users and Security Groups to Windows Intune” section in the Windows Intune Getting Started Guide.

  • Set the Mobile Device Management Authority to Windows Intune.

    The mobile device management authority determines where you will perform mobile device management tasks. You can set the mobile device management authority to Windows Intune by using the Windows Intune administrator console or you can set the authority to System Center Configuration Manager by using the System Center Configuration Manager console.

    We recommend that you deploy the Exchange Connector only in the same environment where you set the mobile device management authority.

    CautionCaution
    Consider carefully whether you want to manage mobile devices by using Windows Intune only or System Center Configuration Manager with Windows Intune Integration. After you set the mobile device management authority to either of these options, it cannot be changed.

    For information about how to set the mobile device management authority to System Center Configuration Manager, see the System Center Configuration Manager 2012 SP1 documentation. For information about how to set the mobile device management authority to Windows Intune, see Set the Mobile Device Management Authority to Windows Intune.

  • Understand Exchange Connector Host System Requirements for Windows Intune and Service to Service Connector Requirements in Windows Intune.

    Make sure that the computer that hosts the Windows Intune Exchange Connector meets the necessary requirements.

  • Complete the task of Setting Permissions on Windows PowerShell Cmdlets.

    Before downloading and installing the Exchange Connector, make sure that the user who configures the Windows Intune Exchange Connector has the necessary Windows PowerShell cmdlet permissions.

See Also

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.