Messaging Policies in MDM
2/9/2009
The following lists the messaging features and capabilities that you can enable or disable by using System Center Mobile Device Manager Group Policy settings. You can configure the settings to customize MDM through the MDM extensions to the Group Policy Management Console (GPMC) and Group Policy Object Editor.
Policy settings related to security, encryption and device management appear in the navigation pane under Computer Configuration/Administrative Templates/Windows Mobile Settings. User-related settings, including messaging policies, are located under User Configuration/Administrative Templates/Windows Mobile Settings.
For more information on using Group Policy to manage devices in MDM, see Configuring Managed Devices with Group Policy.
For a list of MDM security settings available through Group Policy, see Security Policies in MDM.
Messaging Policies
The following sections show the messaging policies for MDM that are available under User Configuration\Administrative Templates\Windows Mobile Settings in the GPMC.
ActiveSync
Policy | Description |
---|---|
Set message format (HTML or Plain Text) |
This policy setting allows you to control the format in which email messages are synchronized. This policy is typically used to reduce network bandwidth by forcing messages to be downloaded in Plain Text format.
|
Maximum e-mail age filter allowed |
This policy setting allows you to limit the amount of e-mail history that is synchronized with the device. On the device, the user can choose to download all messages within a specified time period, such as one day or two weeks. This policy sets the maximum time period that the user can select. In addition to this policy, for security purposes you may want to have e-mail messages older than a specific number of days automatically removed from the device.
|
Set maximum size limit for plain text e-mail |
This policy setting allows you to control the size of each message synchronized to the device. On the device, the user can select the maximum size limit for messages downloaded during synchronization. This policy sets the maximum value that the user can select.
|
Set maximum size limit for HTML e-mail |
This policy setting allows you to control the size of each message synchronized to the device. On the device, the user can select the maximum size limit for messages downloaded during synchronization. This policy sets the maximum value that the user can select.
|
Set age limit for calendar items |
This policy setting allows you to limit the amount of calendar history that is synchronized with the device. On the device, the user can choose to download all calendar items within a specified time period, such as two weeks or one month. This policy sets the maximum time period that the user can select.
|
Set maximum attachment size allowed |
This policy setting allows you to control the size of attachments that may be downloaded automatically with e-mail messages. You may wish to set this policy to reduce network bandwidth.
|
Block synchronization when roaming |
This policy setting allows you to block the Exchange ActiveSync Direct Push feature while roaming. Enabling this setting reduces mobile device users' roaming costs.
|
Turn off Desktop PIM Sync |
This policy setting allows you to prevent the user from synchronizing e-mail, contact, calendar, and task items with a desktop computer using ActiveSync.
|
Server name |
This policy setting allows you to help the user automatically establish an Exchange partnership by specifying the Exchange front-end (FE) server name. You may choose to set this policy if you are not using Exchange 2007 with the Autodiscover feature.
|
Peak and Off-peak Settings
Policy | Description |
---|---|
Peak days |
This policy setting allows you to select which days of the week are considered peak days for scheduling Exchange ActiveSync synchronization. Peak is defined as the days and hours when wireless voice and data charges are highest. This policy setting takes precedence over the Allow user to configure peak days policy setting. To allow the user to change the peak days on the device, set this policy setting to Not Configured and set the Allow user to configure peak days policy setting to Enabled.
|
Allow user to configure peak days |
This policy setting allows you to define whether the user can configure which days of the week are considered peak days for scheduling Exchange ActiveSync synchronization on the device. Peak is defined as the days and hours when wireless voice and data charges are the highest. The Peak days policy setting takes precedence over this policy setting.
|
Peak start time |
This policy setting allows you to specify when the peak service period begins for scheduling Exchange ActiveSync synchronization. Peak is defined as the days and hours when wireless voice and data charges are highest.
|
Peak end time |
This policy setting allows you to specify when the peak service period ends for scheduling Exchange ActiveSync synchronization. Peak is defined as the days and hours when wireless voice and data charges are highest.
|
Synchronization frequency during peak times |
This policy setting allows you to define the maximum time interval that the user can set for scheduling Exchange ActiveSync synchronization during the peak service period. Peak is defined as the days and hours when wireless voice and data charges are highest. This policy allows you to control data costs.
|
Synchronization frequency during off-peak times |
This policy setting allows you to define the maximum time interval that the user can set for scheduling Exchange ActiveSync synchronization during the off-peak service period. Peak is defined as the days and hours when wireless voice and data charges are highest. This policy allows you to control data costs.
|
Messaging SMIME policies
Policy | Description |
---|---|
Require message signing |
This policy setting allows you to specify whether the Inbox application requires that all messages must be signed. This policy is applicable only if you are using Microsoft Exchange 2003 SP2 or Microsoft Exchange 2007 SP1. The user must have a certificate on the mobile device which can be used to digitally sign outgoing e-mail messages.
|
Require message encryption |
This policy setting allows you to specify whether the Inbox application requires all messages to be encrypted. This policy is applicable only if you are using Microsoft Exchange 2003 SP2 or Microsoft Exchange 2007 SP1. In order to use S/MIME, it must be enabled for use by Exchange Outlook Web Access (OWA) or Exchange ActiveSync on the Exchange server. Recipients must have a published public key (typically stored in Active Directory) accessible to the Exchange server in order to receive encrypted e-mail messages. A user who attempts to send an e-mail message to a recipient who does not have a published public key will receive an undeliverable message error.
|
Set signing algorithm |
This policy setting allows you to specify which algorithm is to be used to sign a message.
|
Encryption algorithm |
This policy setting allows you to specify which algorithm is to be used to encrypt a message.
|
Negotiate encryption algorithm |
This policy setting allows you to specify whether the Inbox application can negotiate the encryption algorithm in case a recipient's certificate does not support the specified encryption algorithm.
|
Allow soft certificates |
This policy setting allows you to determine whether software certificates can be used to sign outgoing messages. You can use this security policy with a tool that you create to allow people to import certificates.
|