rlang Thu, 13 Dec 2012 13:49:02 +0100
Modified page: http://wiki.horde.org/ActiveSync
New Revision: 166
Change log: Mostly typos.
@@ -69,9 +69,9 @@
++ Email Support
Email synchronization has been added in Horde 5. Since in some
installs this could increase server load or may be otherwise
undesirable, it is possible to deactivate email support via Horde's
configuration, on the !ActiveSync tab.
-!ActiveSync email support requires an IMAP server POP3 is not
supported. It will use the same server that IMP is configured to
connect to. It is recommended that this server support the QRESYNC
server extension for performance reasons, though it will work without
this. It can also help performance if an IMAP proxy is used.
+!ActiveSync email support requires an IMAP server. POP3 is not
supported. It will use the same server that IMP is configured to
connect to. It is recommended that this server support the QRESYNC
server extension for performance reasons, though it will work without
this. It can also help performance if an IMAP proxy is used.
The only flags supported by !ActiveSync are the //seen// and
//flagged for follow up// flags. Flag changes will be synchronized,
but flag changes alone will **not** trigger a SYNC for performance
reasons. The only thing that will trigger a SYNC is the arrival of a
new message (technically, an increase in the NEXTUID value). Once this
SYNC is triggered though, all message changes are taken into account -
including any flag changes.
Since !ActiveSync does not support the //deleted// flag, messages in
a mailbox with this flag are ignored when syncing. Deleting a message
on the device will do one of two things; If the user has enabled a
Trash mailbox then the message will be moved to that mailbox.
Otherwise, the message is immediately expunged. This is in accordance
with the !ActiveSync protocol specs.
@@ -91,16 +91,16 @@
++ Administration
Administrators can view all of the !ActiveSync devices paired with
the server. This is the //!ActiveSync Devices// link located under the
Administration menu. From here an administrator can request a remote
wipe, or force a re-provisioning of any device.
-@TODO: Explain various setup configuration options and security
policies (hearbeat etc...)
+@TODO: Explain various setup configuration options and security
policies (heartbeat etc...)
++ Provisioning/!RemoteWipe
Provisioning allows devices to be more tightly registered with a
particular server. It enables the server to be able to send policy
settings to the device. These policy settings include things like
requiring a PIN to unlock the device, the complexity of the PIN
required, the number of failed login attempts allowed etc...
Additionally, it enables devices to be remotely wiped so that if a
device is lost or stolen, the user or administrator can request the
device to be wiped.
As of Horde 5, provisioning is enabled via the permissions
interface. You must first add the //!ActiveSync// permission as a
child of the //Horde// permission. The //Provisioning// permission is
a child of //!ActiveSync// and all policies are children of
//Provisioning//.
-In order to enforce any security policies on a device, it most be
provisioned. However, not all devices support this and some will
downright refuse to work if it's enabled. There are three choices for
provisioning support. //None//, //Force//, and //Allow//. Choosing
//None// will disable provisioning and any enforcement of security
polices or remote wipe. //Force// will only allow devices that are
successfully provisioned to connect to the server. This means devices
that don't properly support provisioning, such as some older Android
versions, will simply not work. The third choice, //Allow// will
enforce provisioning on the devices that support it, but will also
allow devices that don't support it to connect to the server. Once
provisioning support is added, security policies can also be added via
the permissions interface.
+In order to enforce any security policies on a device, it must be
provisioned. However, not all devices support this and some will
downright refuse to work if it's enabled. There are three choices for
provisioning support. //None//, //Force//, and //Allow//. Choosing
//None// will disable provisioning and any enforcement of security
polices or remote wipe. //Force// will only allow devices that are
successfully provisioned to connect to the server. This means devices
that don't properly support provisioning, such as some older Android
versions, will simply not work. The third choice, //Allow// will
enforce provisioning on the devices that support it, but will also
allow devices that don't support it to connect to the server. Once
provisioning support is added, security policies can also be added via
the permissions interface.
Users can initiate a remote wipe, as well as view/manage their
partnered devices in the !ActiveSync user preference.
Clicking //Wipe// in the Horde interfaces for device management
flags the server to send the wipe command to the device the next time
it synchronizes. The next time the device attempts to request a
command other then PING or OPTIONS, it will be wiped. The !ActiveSync
preference page shows the status of all the user's devices. If the
status is listed as //Pending//, and you wish to cancel the wipe
request, you may do this by clicking the //Cancel Wipe// button. You
should see the status be reset to //Provisioned//. After it is wiped,
the status will be shown as //Wiped//, if you wish to allow the device
to connect to your server again, you need to explicitly remove the
device as a sync partner by clicking the //Remove// button. If you do
not remove this entry, the device will continue to be wiped each time
it reconnects to the server.
--
commits mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQ
To unsubscribe, mail: [email protected]
