The server-side session commands to control the Exchange mailbox properties are described in this topic.

1. Connect to the server-side session and establish a new session.

   $cred = Get-Credential

   $session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “https://Exchange.Server.URL.com/powershell/” -Credential $cred -Authentication Basic -AllowRedirection

2. Press enter after authentication to run the session command.
3. Connect to the server and run the Import-PSSession $session command to import the server-side session.

   During device enrollment in the Workspace ONE UEM, devices can be configured for the Exchange through the profile distribution. After configuring, the Workspace ONE UEM console issues commands to enable the Exchange ActiveSync for a user’s mailbox on Exchange.

   The Workspace ONE UEM console also issues a command to whitelist the device IDs being enrolled. Use the Get-CASMailbox command to see a list of devices whitelisted for a mailbox and to select the allowed devices.

   Command:

   Get-CASMailbox -Identity “user.name@mail.com” | select {$_.ActiveSyncAllowedDeviceIDs}

   Result:

   $_.ActiveSyncAllowedDeviceIDs
   -----------------------------
   {SEC1CE34C8FCEC35, SEC1BBD5F48A8B3C, CD123C289433F009, boxercfdefaec75acd071b...}

   To query a user’s mailbox to view the blacklisted or blocked device IDs use the following example.

   Command:

   Get-CASMailbox -Identity "user.name@mail.com" | select {$_.ActiveSyncBlockedDeviceIDs}

   Result:

   $_.ActiveSyncBlockedDeviceIDs
   -----------------------------
   {Appl87049106A4S, DT095F898778SDF2E1B3453445DG56}

   To close the server-side session, always close the console-server session when troubleshooting is complete. To remove the server-side session, use the following command.

   remove-pssession $session