Exchange 2010 – Automatically disable ActiveSync for mailboxes

For some reason Microsoft, in their infinite wisdom, decided to enable ActiveSync for all mailboxes by default. Not only did they make this the default, they did not provide any simple method for changing this feature. Luckily, there are little documented features called cmdlet extension agents that we can leverage to get around this limitation. The one we are going to use in this example is the “Scripting Agent.”

In order to use this, you will first need to enable the scripting agent by opening the Exchange Management Shell and executing this command:

Enable-CmdletExtensionAgent "Scripting Agent"

Next, you will need to create an xml file to be called every time a cmdlet is run on the server. There are a few APIs that can be used, but in our example we will be using the “OnComplete” API. You can take this text and use this to create the xml file:



    

         
              if($succeeded) {
                Set-CASMailbox $provisioningHandler.UserSpecifiedParameters["Alias"] -ActiveSyncEnabled $false
               }
         
     

In this example, whenever a new-mailbox or enable-mailbox command is run, the OnComplete API is called to run the command to disable the ActiveSync mailbox. You can easily modify this to run any other commands you would like whenever a mailbox is created or enabled. In our case, we also wanted to enable the single item recovery feature. Here is what that would look like:



    

         
              if($succeeded) {
                  Set-Mailbox $provisioningHandler.UserSpecifiedParameters["Alias"] -SingleItemRecoveryEnabled $true
                Set-CASMailbox $provisioningHandler.UserSpecifiedParameters["Alias"] -ActiveSyncEnabled $false
               }
         
     

Once you have the xml file created, you need to save it as ScriptingAgentConfig.xml. This file needs to be saved on all of your Exchange 2010 servers before it will work:

\V14\Bin\CmdletExtensionAgents\

In that path, you will also see a ScriptingAgentConfig.xml.sample. In this file, there are a few more sample ideas that might be beneficial for your environment.