Hello,
I have looked everywhere but I can't find a good way to block a stolen phone way that It won't make the user account to lockout. We have blocked the phone from Exchange Server (2010) and I have set a HTTP filter to the Active Sync - policy on TMG 2010. But the problem is that when the user connects with wrong credentials the Signature filter won't do anything, because the TMG 2010 firewall rule will block the connection after it has tested the user credentials. This will of course block the device from getting the mail BUT it will not block device from making the user account to lockout. Is there any way to make a rule in TMG that would just block the device before it sends the user credentials?
INFO:
Exchange Server 2010
TMG 2010
Phone: Old Nokia phone
Things done to this point:
PowerShell run on Exchange:
Set-CASMailbox -Identity: username@domain.com -ActiveSyncBlockedDeviceIDs: "IMEI123123123123123"
TMG-HTTP -filter done in the Exchange-ActiveSync -rule
Image may be NSFW.
Clik here to view.
Right Click - Configure HTTP
Image may be NSFW.
Clik here to view.
