When it comes to smart phones and other handheld mobility tools connecting to Exchange 2007, the Client Access service covers Windows Mobile enabled devices.

Simply having the Client Access service up and running automatically turns on the ability to pipe out Exchange 2007 email, contacts, tasks and calendar items to portable mobile devices.  Not only can one get their email on their mobile phone with Exchange 2007, there are some added benefits for Exchange 2007 Administrators.

Just like Exchange 2003, 2007 has the Direct Push technology.  Direct Push enables the mobile device user to receive mail as it is sent to them.  They do not have to wait for a specific time to synchronize, or perform this manually, in order to retrieve email.

windows mobile exchange 2007

Many Windows Mobile devices are setup, by default, to get email in increments of 10 to 15 minutes, but this can easily be changed to “As mail arrives…” (or phrases of that nature).

Setting up a mobile device to connect to Exchange 2007 can be relatively simple.  All that is required is the username and password of the Exchange user, the Windows Enabled handheld device, the public IP or DNS name of the Client Access Service, and a digital certificate.

As an important item of note, you can either create your own certificate in-house, provided you are running the Certificate Services within your domain; or buy a certificate from a registrar.

For smaller businesses that do not maintain and create their own digital certificates, it is much easier to purchase one from a group like Thawte or GoDaddy, and associate it with your Exchange Public IP address.

Although there is the additional cost of buying a certificate, Windows Mobile devices are preprogrammed to recognize registrars like Thawte and GoDaddy and can reduce the deployment time, by bypassing the self-signed certificate portion.  Make certain to test the setup of a mobile device with your certificate, before deploying the ActiveSync service to the rest of your corporate element.

True enough, there are other amenities given to the handheld user, such as the ability to receive HTML formatted email and Task synchronization.  With the synchronization of the Outlook Calendar, users can keep up with their Exchange enabled appointments and meetings.  However, the real benefit to running Exchange 2007 are the management features for control over Windows Mobile devices.

From within the Exchange 2007 Console, an administrator can configure a wide variety of options for users with ActiveSync enabled on their Exchange User Account.  You can set the maximum size of attachments one may download to their mobile device.

You can allow, or not allow, simple passwords; as well as minimum password length.  Password history can also be put in place, so that a user cannot reuse the same password each time they have to change it.

At this point, these features may sound interesting or perhaps not as helpful as you would want.  “What if my user loses their Windows smart phone?”, you might ask.  Now there is a question that many systems administrators and business people alike would like an answer to.

With Exchange 2007 controlling your Windows Mobile enabled device, you have a couple of really good security options in this respect.  One can manually setup a device wipe, so that the next time the phone “calls home” so synchronize its email, Exchange will send out a signal to wipe the device, and reset to the default settings.  The user’s email, contact information, and other data they created, is now gone.

To perform a device wipe, go into the Exchange Management Console (this is presuming that you are paired up with the Exchange Organization Administrator role).  Go into the Recipient Configuration, and choose Mailbox.  Locate and choose the user with the device in question.  Now look on the right hand side of the Console, which contains several links for actions.

Click on the one that shows Manage Mobile Device.  Choose the device to be wiped of data.  Now locate and click on Clear, in the Actions area.  The next time that particular device polls for updated email, or other Exchange information, that user’s data will be wiped off the lost mobile device.

Should this not appeal to you as the best option, you may also setup an Exchange ActiveSync policy that will wipe the device if someone tried to guess their password more than a specified amount of times.

If a user loses their phone, and realizes it immediately, the aforementioned device wipe is a good utility to use.  However, should someone not be aware that their smart phone is missing, then having an ActiveSync policy, with the password settings, in place is imperative to help stave off data theft or loss.

Exchange 2007 does add some enticing features with respect to Windows Mobile technology.  Though it appears to do this more so on the administrative side, than that of the end user.  In either case, it is beneficial to keep with the Windows platform handheld devices when running Exchange 2007 as the messaging solution.