The iPhone & IpodTouch and ActiveSync!

I was just asked what ActiveSync flags that the iPhone supports…  What am I a mobile phone expert?  No, not really, but I certainly know where to find the information…

The iPhone Enterprise Deployment Guide is freely available from Apple ( http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf ) [See pages 8-10], and covers what is and isn’t supported by the iPhone:

iPhone and iPod touch support the following versions of Microsoft Exchange:

  • Exchange ActiveSync for Exchange Server (EAS) 2003 Service Pack 2
  • Exchange ActiveSync for Exchange Server (EAS) 2007


For support of Exchange 2007 policies and features, Service Pack 1 is required.

Supported Exchange ActiveSync Policie s

The following Exchange policies are supported:

  • Enforcepasswordondevice
  • Minimum password length
  • Maximumfailedpasswordattempts
  • Requirebothnumbersandletters
  • Inactivity time in minutes


The following Exchange 2007 policies are also supported:

  • Alloworprohibitsimplepassword
  • Passwordexpiration
  • Password history
  • Policy refresh interval
  • Minimumnumberofcomplexcharactersinpassword
  • Requiremanualsyncingwhileroaming
  • Allowcamera
  • Requiredeviceencryption


For a description of each policy, refer to your Exchange ActiveSync documentation.

The Exchange policy to require device encryption (RequireDeviceEncryption) is supported on iPhone 3GS, and on iPod touch (Fall 2009 models with 32 GB or more). iPhone, iPhone 3G, and other iPod touch models do not support device encryption and will not connect to an Exchange Server that requires it.

If you enable the policy “Require Both Numbers and Letters” on Exchange 2003, or the policy “Require Alphanumeric Password” on Exchange 2007, the user must enter an iPhone passcode that contains at least one complex character.  The value specified by the inactivity time policy (MaxInactivityTimeDeviceLock or AEFrequencyValue) is used to set the maximum value that users can select in both Settings > General > Auto-Lock and Settings > General > Passcode Lock > Require Passcode.

Remote Wipe

You can remotely wipe the contents of an iPhone or iPod touch. Doing so removes all data and configuration information from the device, then the device is securely erased and restored to original, factory settings.

Important: On iPhone and iPhone 3G, wiping overwrites the data on the device and can take approximately one hour for each 8 GB of device capacity. Connect the device to a power supply before wiping. If the device turns off due to low power, the wiping process resumes when the device is connected to power. On iPhone 3GS, wiping removes the encryption key to the data (which is encrypted using 256-bit AES encryption) and occurs instantaneously.

With Exchange Server 2007, you can initiate a remote wipe using the Exchange Management Console, Outlook Web Access, or the Exchange ActiveSync Mobile Administration Web Tool.

With Exchange Server 2003, you can initiate a remote wipe using the Exchange ActiveSync Mobile Administration Web Tool.
Users can also wipe a device in their possession by choosing “Erase All Content and Settings” from the Reset menu in General settings. Devices can also be configured to automatically initiate a wipe after several failed passcode attempts.

If you recover a device that was wiped because it was be lost, use iTunes to restore it using the device’s latest backup.

Microsoft Direct Push

The Exchange server delivers email, contacts, and calendar events to iPhone automatically if a cellular or Wi-Fi data connection is available. iPod touch doesn’t have a cellular connection, so it receives push notifications only when it’s active and connected to a Wi-Fi network.

Microsoft Exchange Autodiscovery

The Autodiscover service of Exchange Server 2007 is supported. When you’re manually configuring an iPhone or iPod touch, Autodiscover uses your email address and password to automatically determine the correct Exchange server information. For information about enabling the Autodiscover service,

see http://technet.microsoft.com/en-us/library/cc539114.aspx.

Microsoft Exchange Global Address List

iPhone and iPod touch retrieve contact information from your company’s Exchange server corporate directory. You can access the directory when searching in Contacts, and it’s automatically accessed for completing email addresses as you enter them.

Additional Supported Exchange ActiveSync Features

In addition to the features and capabilities already described, iPhone supports:

  • Creatingcalendarinvitations.

WithMicrosoftExchange2007,youcanalsoviewthe status of replies to your invitations.

  • SettingFree,Busy,Tentative,orOutofOfficestatusforyourcalendarevents.
  • Searching mail messages on the server. Requires Microsoft Exchange 2007.
  • ExchangeActiveSyncclientcertificate-basedauthentication.


Unsupported Exchange ActiveSync Features

Not all Exchange features are supported, including, for example:

  • Folder management
  • Opening links in email to documents stored on SharePoint servers
  • Tasksynchronization
  • Setting an “out of office” autoreply message
  • Flagging messages for follow-up