By migrating to PowerShell, you can secure your devices and sync the devices with Exchange or Office 365 for emails. PowerShell environment discovers managed and unmanaged devices and with the help of email access control policies gives access to only approved users and devices.

To migrate to PowerShell:

  1. Configure PowerShell integration at your required organization group under Global in the AirWatch Console. For information about configuring PowerShell, see Enable PowerShell Integration in AirWatch.
  2. Configure the integration with user groups (either custom or pre-defined).
  3. Test the PowerShell functionality with a subset of users (for example, test users) to ensure the following features work:
    • Syncing with the email server to discover devices.
    • Access control in real time.
  4. Disable all compliance policies temporarily.
  5. Provision a new email profile to all devices that have enrolled into AirWatch with the email server hostname.
    •  To remove the email profile from the device using Device Compliance policies, complete this step.
  6. To discover all devices (managed and unmanaged) that are syncing for email, sync with the email server.
  7. To enroll into AirWatch, periodically remind users with unmanaged devices.
  8. To block email access from all non-compliant devices on a specific date including the unmanaged devices, activate and enforce compliance rules.
  9. To block all devices by default, set up the email server.
  10. Sync with the email server to retrieve a list of allowed and blocked devices (as a result of the previous policy change) and Run Compliance against these devices. When run compliance is done, the Email Dashboard displays:
    • Unmanaged devices as blocked.
    • Managed devices are allowed for email.

Workaround for Boxer Flexible Deployment

The Flexible Deployment feature of Boxer enables you to create different assignments for smart groups in your Organization Group.

For more information about configuring VMware Boxer as a public application, see Configure and Deploy VMware Boxer and VMware Boxer Email Settings.

If PowerShell is being used for Email Management, then when migrating between Exchange environments or to Office 365, email access might be blocked for Boxer. To avoid blocking email access, create a Device Access Rule in Exchange to allow AirWatch managed Boxer configurations.

You can follow these steps to configure a device access rule for Office 365 to allow email access to devices installed with Boxer:

  1. Log in to the Exchange Control Panel.
  2. Select Mobile.
  3. To add a rule, select the '+' icon under Device Access Rules.

  4. From the Device family, select browse, and then select BoxerManagediPhone, BoxerManaged iPad, or BoxerManagedAndroid. Select OK. Repeat this step for other BoxerManaged devices.

  5. From Only this model, select All models.
  6. Select Allow access for the rule.

To prevent the compliance restriction during MEM migration, follow the preceding instructions on other Exchange versions.