02-03-2009 10:11 AM
is it possible to allow ActiveSync only for PDAs/smartphones with a valid client certificate?
Documentation says that restrictions are only possible for the source-ip-address and the browser-type, but nothing is mentioned about client-certificates.
The certificate-check-tab (Roles -> Role-Name -> General -> Restrictions -> Certificate) suggests the same.
Is there a workaround or planned feature or did I miss something?
We'd like to secure the PDAs with an additional certificate check. That way a certificate can be revoked if a PDA/smartphone gets lost, but the user has not to change his Exchange-Password immediately ( please don't start a discussion if this is secure enough, it's the most we can get. :-( )