Preventing Access to OMA and Active Sync Using Security Groups in AD
来源:互联网 发布:淘宝旗下app有哪些 编辑:程序博客网 时间:2024/06/04 23:34
本文是一些摘要,在设置Push mail的时候用到
“You see, the enable or disable values for these components are part of a users Active Directory properties contained in a value entitled msExchOmaAdminWirelessEnable which has a data type of integer, and can be viewed and modified by using ADSI edit, which also means that you can generate scripts to manipulate the values.”
In essence you can use a combination of Integer values from 0 to 7 to enabled or disable the following Mobile features for an individual users account:
- Outlook Mobile Access (OMA)
- User Initiated Synchronisation
- Up-To-Date Notifications
The following table is a run down on the combinations that can be used to gain the desired results
So, from know this, I thought “What if you have a security group that contains all the people that you wish to disable these values for, and then have a script which reads the group periodically and changes the values in ad”.
The following is what I came up with:
strADPath = “cn=Deny_AS,cn=Users, “
Set objRootDSE = GetObject(“LDAP://RootDSE“)
strDomainContext = objRootDSE.Get(“DefaultNamingContext”)
Set objGroup = GetObject (“LDAP://”& strADPath & strDomainContext)
objGroup.getInfo
Members = objGroup.GetEx(“member”)
For Each strMember in Members
set ObjUser = getObject(“LDAP://” & stMember)
obJUser.msExchOmaAdminWirelessEnable = “7″
ObjUser.setinfo
Next
The above script reads the group membership of DENY_AS which is located in the Users container in Active Directory (you would need to create this group if you wish to use the script) and then changes the mobile settings on the account to match the Integer value which is set on the line obJUser.msExchOmaAdminWirelessEnable = “7″ (In my example it will disable all Mobile settings).
This script can be scheduled to run on either you Exchange server, member server or Domain Controller perhaps at an interval of 10 or 20 minutes.
- Preventing Access to OMA and Active Sync Using Security Groups in AD
- Using CoCreateObjectDotNet to Access and Use .NET Assemblies in InstallScript
- enable emulator in vs 2005 connect to active sync
- Android Security user and groups
- Security and Quality of Service in Ad Hoc Wireless Networks
- Security in Wireless Ad Hoc and Sensor Networks
- Using jdbc to access sqlite in Android
- [Computer and Network Security] Gaining Access using Network Attacks
- using an enumerable built-in Ruby to access and manipulate nested data
- How to perform AD(MS Active Directory) Authentication using JNDI from Java?
- Get tasks assigned to user or to current user groups in SharePoint using CAML query
- Understanding and Using HRMS Security in Oracle HRMS
- Understanding and Using HRMS Security in Oracle HRMS
- Users and Groups in Linux
- Using a Java class to control directory searches for people and groups
- Programmatic access to Exchange 2010 using EWS, SOAP, and Python
- How to get groups, users from Active Directory with C#
- How to mark volume groups as active or inactive
- Linux启动 (4)-cpu_idle()进程后运行分析
- 珠海全国软件认证设计考试
- Linux 上JBOSS 启动后只能本机访问,其它机器不能访问问题解决。
- Ajax 参考
- 如何使用links方式安装Eclipse插件
- Preventing Access to OMA and Active Sync Using Security Groups in AD
- Mysql 学习笔记
- UCM 实践的经验教训【转老帖】
- 【转】如何打造十页完美商业计划书
- MFC动态添加控件及响应函数
- Sports Jerseys Supports Passionate
- try
- OpenJWeb快速开发平台-内容管理系统(CMS)
- WCF从理论到实践(14):WCF解决方案模板