Outlook for iOS adds Contacts support

imageA short notice on an update received today for Outlook for iOS 2.09. This update adds the much requested feature of integrating Outlook for iOS with the (native) Contacts in iOS:

“Your Office 365 and Exchange Contacts can now be saved to the iOS Contacts app. This will allow you to easily see the name of a contact when you receive a call or text message from them. Head to your Advanced Settings to turn on this feature.”

This does away with the requirement of resorting to setups like having the iOS Mail app sync with your Office 365 or Exchange On-Premises account, just to sync those contacts with your device. To disable syncing contacts through the Mail app, go to Settings > Mail, Contacts, Calendars and click the account you wish to disable syncing contacts for. Then, disable syncing its Contacts by toggling its switch:


You will get a warning contacts synced through this contact will be removed from Contacts, but since we are going to use Outlook for this, you can proceed.

Next, open up the updated new Outlook app, and go to Settings. Click the account from which you want to sync contacts to your device, and select Advanced Settings. In there, you will find a new switch, Save Contacts to Device. Behind it is the number of contacts available on this account:


Toggle the switch to start syncing contacts directly from your Office 365 or Exchange On-Premises account to Contacts, giving the Outlook app permissions to access your Contacts when requested. After this, you’re ready to go.

Note that all synced contacts will contain a line in the Notes field, stating:

Exported from Microsoft Outlook (Do not delete) [outlook:..:..]

This is to indicate this is a synced contact, and you must not edit or remove it using the device, rather remove it from the originating source as it might get recreated or overwritten during synchronization.

Finally, the sync is one-way, so although you can edit properties on your phone through the Contacts app, they won’t be synced back to the originating source. Also, when editing properties through Contacts, those edits are not propagated to the People view in the Outlook app, as those are the contacts from your Office 365 / Exchange On-Premises accounts. This can be confusing, but having to set up an e-mail account just once with a one-way sync seems more efficient and less confusing to me than having to configure the Mail app only to get your contacts on your phone.

Ignite 2016: September 26-30, Atlanta


Out of nowhere, news came yesterday from the Chicago Tribune that Microsoft cancelled the Microsoft Ignite event at Chicago for 2016. Originally, the Ignite event, replacing former events like MEC, LyncCon, MMC and SPC, was said to be held for 4 consecutive years in Chicago, starting in 2015. Even at Ignite 2015, it was confirmed Ignite 2016 was going to take place in Chicago from May 9th to May 13th, 2016.

Without any reason given for this change of plans, although rumors are that either bad feedback on this year’s event or product release schedules could be the reason for changing plans, today Microsoft announced that Ignite 2016 will take place in the Georgia World Congress Center in Atlanta, from September 26th to 30rd, 2016.

This date is perhaps a bit too close for comfort to that other well-known event, the independent IT/DEV Connections which is scheduled for September 19th to 22nd, 2016 in Las Vegas. It remains to be seen if Penton – organizer of the IT/DEV Connections – moves their event or not.

Apart from potential schedule issues, though there are worse things than potentially staying half the month September in the US, it could pressure budgets for organization who want to have people attend both events, without the option to spread those investments.This is of course also true for those that are self-employed.

Other Microsoft events lined-up for 2016 are:

  • Build: Spring 2016 in San Francisco
  • Convergence: April 4-7, 2016 in New Orleans
  • WPC: July 10-14, 2016 in Toronto

You can pre-register for Ignite 2016 here. More information on Ignite is available here.

iOS 9 Outlook App & Lync 2013 App Issues

iphone6After Apple released iOS 9 to the public yesterday. From an Exchange or Office 365 perspective, iOS 9 supports the enhanced calendar features of Office 365 and Exchange 2016 when that is released. Unfortunately, incidents have been reported with the Outlook app and the Lync 2013 App.

Regarding the Outlook App, iOS9 users might not be able to start the Outlook App or the Outlook app will just crash. The far from ideal workaround offered by the Outlook team, is to reinstall the Outlook app.


Of course, this also requires users to reconfigure accounts and Outlook App settings, so organizations can expect some calls to the service desk by users who upgraded. Organizations can report on the currently registered iOS8 devices that syned in the last 30 days, using:

Get-MobileDevice | Where-Object {$_.DeviceOS -like 'iOS 8*' -and $_.whenChanged -gt (Get-Date).AddDays(-30)} | Select UserDisplayName, FriendlyName, DeviceModel, DeviceOS, whenChanged

This will product a list of users, the name of their device, the device model and OS and when it last synced with Exchange. This information can be useful when you want to proactively approach users with iOS8 devices.

For Lync 2013 users, there are sign-in issues when they have configured different region and language settings on their iOS device. Those users will be presented the following:


The issue has officially been confirmed through publication of KB3096704, which states:

“This problem is fixed in the Microsoft Skype for Business for iOS app that will replace Lync for iPhone and Lync for iPad when it’s released. No fix for this issue is scheduled for the current releases of Lync for iPhone and Lync for iPad”.

Since the Skype for Business app is not available yet, this is not good news. Mitigation is possible by matching the region with the language setting (or the other way around), after which you need to reinstall the Lync 2013 app from the store.

With all this in mind, should organizations wish to first test the new iOS against their Exchange environment for potential other issues, you can block iOS 9 from accessing your Exchange 2013 environment, or Office 365 tenant if you must, using the Access/Block/Quarantine feature. First you need to retrieve the reported DeviceOS string for iOS 9 for a device:

Get-MobileDevice | Where-Object {$_.DeviceOS -like “iOS 9*”} | Select DeviceModel, DeviceOSLanguage, DeviceOS

The reported DeviceOS strings then is used to create an ActiveSync device rule. For example, my iPhone 6 reports DeviceOS as “iOS 9.0 13A344”. To block these devices with iOS 9.0 and put them in quarantine, run the following:

New-ActiveSyncDeviceAccessRule -QueryString "iOS 9.0 13A344" -Characteristic DeviceOS -AccessLevel Quarantine

If you would like to know more about the Access/Block/Quarantine option, check out this article.

iOS 8.3 Exchange-related fixes

iPhone 6 iOSToday, Apple released an update for iOS which supposedly fixes, amongst other things, some Exchange-related issues. The release notes of iOS 8.3 mentions the following Exchange-related fixes:

  • Exchange out-of-office message can now be edited separately for external replies.
  • Improves recovery of Exchange accounts from temporary connection problems.
  • Fixes an issue that caused Exchange meetings with long notes to be truncated.

As for any update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to allowing access to your production environment. Apart from potentially blocking the new iOS, monitor the support forums from Apple and Microsoft for related issues. To block a specific version of iOS, consult this page.

More information on known issues with Exchange ActiveSync and 3rd party devices can be found in KB2563324.

iOS 8.2 fixes Exchange-related issues

iPhone iOSToday, Apple released an update for iOS which supposedly fixes, amongst other things, some Exchange-related issues. The release notes of iOS 8.2 mention the following Exchange-related fixes:

  • Fixes stability of Mail
  • Addresses an issue that caused certain events in a custom reoccurring meeting to drop from Exchange calendar
  • Fixes an certificate error that prevented configuring an Exchange account behind a third-party gateway
  • Fixes an issue that could cause an organizer’s Exchange meeting notes to be overwritten
  • Resolves an issue that prevented some Calendar events from automatically showing as “busy” after accepting an invite.

However, some existing complaints are not resolved by this update, such as the WiFi performance issue.

It is a natural law that for every bug that is fixed, new ones are introduced. So, some organizations may therefor want to test and accept this iOS update before giving it the green light for their Exchange environment. To block a specific version of iOS, consult this page.

More information on current issues with Exchange ActiveSync and 3rd party devices can be found in support article KB2563324.

IOS 7.0: To Block or Not to Block? (updated)

iPhone iOSWith the meeting and log flooding issues caused by certain IOS 6.x versions still fresh in memory, one may prefer to adopt a more conservative strategy when it comes to new IOS releases interacting with your Exchange infrastructure – or any mobile OS for that matter.

After Apple released IOS 7.0 this week, some shops consider blocking or quarantining this version until it’s been approved after proper testing and monitor online communities for potential issues during a small waiting period.

In an earlier article, I mentioned how to accomplish (temporarily) blocking IOS 6.x on Exchange 2010 or TMG; here’s how to achieve this for IOS 7.0 on current platforms:

To distinguished IOS 7.0 from earlier versions, you need to check the DeviceOS field as returned by Get-ActiveSyncDevice (Exchange 2010) or Get-MobileDevice (Exchange 2013). For example, here’s how to return current partnered EAS devices:

#Exchange 2010:
Get-ActiveSyncDevice | Where {$_.DeviceOS -like"IOS 7.0*"}

#Exchange 2013:
Get-MobileDevice | Where {$_.DeviceOS -like "IOS 7.0*"}

To block or quarantine IOS 7.0 devices you can utilize Exchange’s Allow/Block/Quarantine (ABQ) mechanism using the New-ActiveSyncDeviceAccessRule cmdlet in conjunction with the DeviceOS, DeviceModel or UserAgent string. When using DeviceOS, it requires specifying the full device OS string, which can vary per device or IOS.

For example, when the DeviceOS is iOS 7.0 11A465 (meaning build 11A465) or 7.0.1 11A470a, the cmdlet for setting up the quarantine rule would be (for blocking replace Quarantine with Block):

New-ActiveSyncDeviceAccessRule -QueryString “iOS 7.0 11A465″ -Characteristic DeviceOS -AccessLevel Quarantine
New-ActiveSyncDeviceAccessRule -QueryString “iOS 7.0.1 (11A470a)″ -Characteristic DeviceOS -AccessLevel Quarantine 

For the exact strings consult Get-ActiveSyncDevice/Get-MobileDevice output.

For examples of alternative blocking methods using TMG or F5, check this article. More information on ABQ here. Note that users utilizing the OWA for iPhone or iPad apps won’t be blocked after implementing this measure.

Be advised there are already reports of issues with iOS 7.0 such as substantial reduction of battery life and slow devices. What’s far worse is that you can also bypass the lock screen, similar to the lock screen glitch in IOS 6.1.3. L’histoire se répète.

Update (21Sep): According to reports, iOS 7 allows you to make calls despite the lock. How’s that for a potential corporate smart phone.

Update (26sep): Apple has released security update iOS 7.0.2 (build 11A501, all devices) which fixes the lock screen glitch. Another good reason to block earlier iOS 7.0 / 7.0.1 versions, only allowing iOS 7.0.2 devices to retrieve company data.

OWA for iPhone and OWA for iPad are here!

imageToday, the Exchange team announced the immediate availability of the (free) OWA for iPhone and OWA for iPad apps. Exchange fellows Tony Redmond and Dave Stork already hinted earlier this month that something was about to happen in this area.

Users of the Windows 8 Mail app may find the look of the OWA apps to be very familiar:

A quick summary on the app features:

  • Stored credentials for automatic logins;
  • Push notifications;
  • Meeting reminders (even with app closed);
  • Voice activated actions (English only);
  • Contact sync for caller ID function;
  • Remote wipe capability (user data, when the app runs).

That last one is a great, much requested feature when Bring Your Own Device is practiced (apart from that it makes sense due to the sandboxing principle). When required the business can selectively wipe business data without touching your personal information, similar to a feature to be introduced with Windows 8.1 called Remote Business Data Removal.

Besides that you need an iPhone 4S or iPad 2 or higher running iOS 6 or later, the apps are currently only supported for Office 365 subscribers running the tenant on Wave15 (or later). There are reports of the apps working with on-premises Exchange 2013 but that’s unofficial. To find out which version your tenant is running, use Get-OrganizationConfig in a remote PowerShell session, e.g.

$session = New-PSSession –ConnectionUri https://ps.outlook.com/powershell –AllowRedirection –Authentication Basic –Credential (Get-Credential) –ConfigurationName Microsoft.Exchange
Import-PSSession $session
Get-OrganizationConfig | ft AdminDisplayVersion


My tenant is running on 15.0.698.10 (15 = Wave 15), so theoretically I’m good to be running OWA for iPhone or OWA for iPad. I say theoretically, as I don’t have any iPhone or iPad available for testing.

An app version for on-premises Exchange 2013 is expected to be released at a later date. More information on configuration and usage of the OWA apps on the Office 365 blog here.

The UC Architects Windows Phone App

Most of you listen to or at least are aware of our The UC Architects podcast. If not, The UC Architects is the world’s most popular community podcast on Exchange and Lync made by people with a passion for Microsoft Unified Communications.

CaptureNow, as of today and thanks to fellow Johan Veldhuis, you can keep track of new podcasts when travelling, check our Tweets or even download and listen to podcasts using the UC Architects Windows Phone App. The app is available for Windows Phone 7 and 8. More information on the app itself can be found on our The UC Architects website.

You can download the app here.

YAII (or Yet Another IOS Issue) (Update)

iPhone iOSL’Histoire se répète. After the meeting issues with iOS 6.0, which were fixed in 6.0.1, you could have assumed Apple learned a lesson. Unfortunately, there are again reports of misbehaving iOS devices; this they’re on iOS 6.1.

As reported by Exchange fellows Tony Redmond and Paul Robichaux today, there are reports iOS 6.1, released end of January, may generate excessive transaction log growth. A report on the F5 forum states the issue may lie in the improper handling of Meeting Responses by iOS 6.1 devices, causing some sort of loop.

Since Exchange is a business critical platform and excessive log growth can have severe consequences when not properly monitored (storage space running out, impact on replication or backup), it is recommended to take the following steps until the situation becomes more clear (and Apple releases a fix):

  • Inform iOS users and discourage them to upgrade at the moment (you can’t uninstall it). To create an inventory of iOS 6.1 users, use Steve Goodman’s Export-iOSDeviceStatistics script (available here) or use Get-ActiveSyncDevice, e.g.
    Get-ActiveSyncDevice | where {$_.DeviceOs -match “iOS 6.1”}
  • Consider implementing an access rule to block IOS 6.1 users (see below);
  • When experiencing the issue, report it to Apple.

When you want to block iOS 6.1 users, specifically the MeetingResponses, you need to filter on User Agent “^Apple.*1002.*” and check the URI for “Cmd=MeetingResponse” (so iOS 6.1 users can keep having e-mail but not send meeting responses). Your options and implementation depend on the components user in your organization:

  • You can block iOS 6.1 devices using Exchange 2010’s Allow/Block/Quarantine mechanism, e.g.
    New-ActiveSyncDeviceAccessRule -QueryString “iOS 6.1 10B142” -Characteristic DeviceOS -AccessLevel Block
  • Alternatively, you can install and utilize the IIS Rewrite Module;
  • When running TMG/ISA, you can utilize the http filter to block iOS 6.1, i.e. select the ActiveSync publishing rule, Configure HTTP, tab Headers. Unfortunately, wildcards are not supported, so you need to enter each iOS6.1 User-Agent variation by using Add / Request headers and entering the exact string like (list not complete):
    • Apple-iPhone4C1/1002.142
    • Apple-iPad2C1/1002.141
    • Apple-iPad3C3/1002.141
  • F5 has guidance on creating a blocking iRule to block MeetingResponse requests for iOS devices on their forum here.

Generally speaking, like implementing Service Packs or Rollups straight after their release in a production environment is a bad idea, the same rule should apply to clients of all types. I know this might sound challenging with the whole Bring Your Own movement and the adoption of iPhones/iPads, I think blocking or quarantining newly released iOS versions and only allowing them after a few weeks (“incubation period”) can be a wise strategy. Also, this strategy can be part of your communications or house rules for end users when they connect their own or company devices to your corporate environment.

Update (11Feb): It is reported the issue won’t occur after deleting the partnership and setting it up again doing a full sync. To delete a partnership from Exchange’s perspective, use Remove-ActiveSyncDevice, e.g.

Get-ActiveSyncDeviceStatistics –Mailbox Olrik | Where {$_.DeviceOS –match “iOS 6.1”} | Remove-ActiveSyncDevice.

Note that the iOS 6.1.1 update released by Apple today is for iPhone 4S only and fixes 3G issues.

Update (12Feb): Microsoft published KB2814847. They added the option of mitigating the issue by introducing a throttling policy, which Exchange admins need to assign to iOS 6.1 users. Note that this only applies to Exchange 2010 and up and will only slow down the process of transaction log generation, but users can keep using their device. It’s then recommended to instruct iOS 6.1 users to restart their devices if their device complains it can’t connect. Looking at the article, Office 365 already has throttling in-place for all users.

Update (13Feb): Apple has published a support article as well (TS4532). Their suggestion; Turn calendars off, wait 10 seconds then turn calendars back on again. Yes, really. They mention it’s related to responding to recurring meeting exceptions and state a fix is in the works.

Update (15Feb): As it turns out, he meeting response issue isn’t the worst issue in iOS 6.1; apparently you can easily bypass the lock screen on iPhones due to a glitch in the emergency calling feature, allowing anyone to use your phone for calling or accessing your contacts.

Update (16Feb): Rumors are Apple will release iOS 6.1.2 early next week but before February, 20th.This update should fix this meeting bug as well as the lock screen issue.

Update (19Feb): Today, after more than 10 days after initial reports of the issue, Apple released iOS 6.1.2, which supposedly fixes the meeting bug which caused excessive transaction log generation and battery drain. Given Apple’s track record, I’d test this properly first in your environment before waving the green flag to all your iPhone and iPad users. Note that according to reports, the lock screen glitch hasn’t been fixed in 6.1.2.

Discontinued support of ActiveSync in GMail

TechTarget QuoteFew days ago, Stuart J. Johnston of TechTarget approached me and several other Exchange fellows to ask how we thought the discontinued support of ActiveSync in GMail, part of Google’s “Winter Cleaning” operation, would impact users. You can read Stuart’s article here.

For reference and because Stuart only used a single quote from my (I think) extensive response, I’ve included my take on the situation below. Interestingly, today it turns out Google lost an ActiveSync patent case against Microsoft in a British court. Exchange fellow Tony Redmond did a nice writeup on that case and his personal involvement in that case here.

PS: I’ve already asked Stuart to fix my last name in the quote.

Regarding the discontinued support of ActiveSync in GMail, I think impact on both the Exchange as well as the GMail population varies.

First of all, the measure is aimed at new, free GMail accounts. I don’t know exact numbers, but I can imagine the number of people still not having a free GMail account is relatively minimal. Also, EAS will remain available to paid accounts.

Second, EAS is a means – no end – to synchronize information like mail, contacts or agenda. Consumers will adapt and switch to alternative protocols (or plugins) to synchronize this information between their Google account and their device. I think the effect of the information exchange becoming less efficient and the lack of information push is negligible.

Thirdly, Android and iPhone – covering 85% over the smartphone market – provide apps specifically aimed at GMail or other Google services. For those not using Google’s apps, the end user experience may be affected and all the additional tools required to fully synchronize with desktops won’t help.

Worst off are Windows Phone users or Windows 8 users using the built-in Mail app (Surface RT). While the Windows Phone user base may be relatively small, the Windows 8 user base is growing and they are both forced to use IMAP, which only does mail and there are – AFAIK – no *DAV apps in the Store to synchronize calendar or contact information.

While I do understand Google’s case, which is probably more a cost reduction and (resource) focus shift measure rather than another act in the Google vs Microsoft war, I also believe there might be a fair chance of Google shooting itself in the foot by dropping EAS. Microsoft’s free outlook.com service keeps supporting EAS (not surprisingly) and Microsoft has already taken up on plugging outlook.com as the alternative for Google

Finally, I’m in favor of competition which drives innovation. The whole GMail versus Hotmail/Office365 is no exception. However, it gets annoying when vendors drop functionality end users are accustomed to, making them have to put energy into looking at solutions or alternatives, which may become tiresome at some point.