Sign up for Office 365
Learn more about Office 365
I'm just trying to set up 365 email and calendar sync on my Android phone. At the end of the process, when I try to set up office 365 exchange server email, I get the following screen with choices to activate or cancel:
Update Security Settings > Activate device manager?
Then below, I see the list of permissions it is asking for with no choice to disable individual ones. Check this out! The list of permissions is alarming, especially the first ones:
Erase all data
Change Screen unlock password
set password rules
allow password recovery
allow password expiration
allow tracking of password history
minimum # of complex characters in password
Monitor screen unlock attempts
touch panel auto-lock (controls screen lock settings)
maximum age of emails
max body size of email
allow html email
max body size of html email
max age of calendar events
require manual sync when roaming
allow pop and IMAP email
allow storage card (to enable or disable card)
allow camera (to enable or disable)
allow wifi (same)
allow text messaging (same)
allow internet use (same)
allow internet sharing (same)
allow bluetooth (same)
require device encryption
require SD card encryption
require messages to be S/MIME signed
require messages to be S/MIME encrypted
require signed S/MIME algorithm
require S/MIME algorithm encryption
allow S/MIME encryption algorithm negotiation
allow S/MIME software certificates
allow desktop sync
simple password control
I just want to sync email I don't want to use 365 to control my phone, nor would I ever want the vulnerability associated with allowing access to control of my phone via a cloud program that asks for all this. How do I set up sync without giving total permission to microsoft 365 to control my phone, or destroy my data? I really read and consider app permissions and NEVER have I seen something like this.
Thanks for the feedback.
Thanks for posting here.
Exchange ActiveSync device policies control how uses use and synchronize their mobile devices in your organization. With Exchange ActiveSync Mailbox policies, it will manage ActiveSync and enhance the security of the device and the Exchange ActiveSync server by setting a common set of security settings to a collection of users. Administrators can modify its mobile device security and sync setting.
For more information about ActiveSync device policy, please refer to the articles below:
Understanding Security for Exchange ActiveSync
Understanding Exchange ActiveSync Mailbox Policies
1 out of 1 people found this post helpful.
I'll ask our admin about device settings.
We appreciate your update.
If you have another questions when using Office 365, please feel free to post in the forum. We will be more than happy to be of assistance.
After reading your documents, I understand any Office365 admin can set the policies that will actually be enforced on a smartphone. However, I am concerned to give ANY administrator the rights to e.g. wipe my phone (which is my own) or determine if I am allowed to use the camera of my phone. So my question is - can I setup my phone to sync with Exchange WITHOUT granting permissions that are excessive from my point of view.
Or alternatively, can the administrator of my domain set this up so that these permissions are not required for email sync?
Thanks for your help!
Thanks for your reply.
If you need further assistance, please describe this issue in detail and post a new thread in this forum. So that our support engineer will help you to solve this issue.