PowerShell – Purge Legacy ActiveSync Devices From Exchange 2010


The below script allows you to purge all legacy (inactive for more than 60 days) Active Sync devices from your Exchnage 2010 environment.

################################################################################
#                                                                             #
# ****************** CREATED BY MAURICE DALY ON 06/01/2014 ****************** #
#                                                                             #
# Purge Legacy ActiveSync Devices                                             #
#                                                                             #
# Version 1.0                                                                 #
#                                                                             #
# THIS SCRIPT IS USED AT YOUR OWN RISK. I ACCEPT NO RESPONSIBILITY FOR ANY    #
# ISSUES ARRISING FROM IT                                                     #
#                                                                             #
# Extracts of this script where obtained from Mike Crowley's post on          #
# http://social.technet.microsoft.com/Forums/exchange/en-US/95ca6537-0c74-4c36-b19b-ec647e733722/remove-staleold-active-sync-devices-from-all-mailboxes?forum=exchange2010 #
#                                                                             #
###############################################################################

$LogLocation = "C:\Removed-ActiveSync-Devices.txt"
$Credential = Get-Credential
$DC = $env:LOGONSERVER.Substring(2)

#Initiate Remote PS Session to local DC
$ADPowerShell = New-PSSession -ComputerName $DC -Authentication Negotiate -Credential $Credential

# Import-Module ActiveDirectory
Invoke-Command -Session $ADPowerShell -scriptblock {import-module ActiveDirectory}
Import-PSSession -Session $ADPowerShell -Module ActiveDirectory -AllowClobber -ErrorAction Stop

# Retrieve AD Details
$ADDetails = Get-ADDomain
$Domain = $ADDetails.DNSRoot

$ExchangeServer = Get-ADObject -Filter "(ServicePrincipalNAme -like 'IMAP*')" -SearchBase (Get-ADDomain).DistinguishedName.tostring()  -Properties ServiceDNSName, ServiceClassName | where name -NotLike *SDK* | ForEach-Object {Write-Output $($_.Name + "." + $Domain)} | Get-Random
$ExchangePowerShell = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$ExchangeServer/Powershell
Import-PSSession $ExchangePowerShell -AllowClobber
cls
Write-Host "Exchange ActiveSync Legacy Device Purge"
Write-Host ""
Write-Host "This script removes all activesync devices which have not successfully syncronised for over 60 days"
$AppChoice = ""
 while ($AppChoice -notmatch "[1|2|3]"){
     Write-Host ""
     Write-Host -ForegroundColor Yellow "[1] Specify Username" 
     Write-Host -ForegroundColor Yellow "[2] All users (use with caution)"
     Write-Host -ForegroundColor Yellow "[3] Cancel"
     Write-Host ""
     $AppChoice = read-host "Please make your selection"
     }
     if ($AppChoice -eq "1"){
            $ActiveSyncUser = Read-Host "Please enter the identity of the mailbox you wish to connect to"
            cls
            Write-Host "Listing ActiveSync devices with no successful sync for 60+ days for user $ActiveSyncUser"
            Get-ActiveSyncDevice -Mailbox $ActiveSyncUser | Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays("-60")} | ft DeviceUserAgent, DeviceModel, DeviceOS, LastSuccessSync
            sleep 10
            $choice = ""
            while ($choice -notmatch "[y|n]"){
            $choice = read-host "Do you want to continue? (Y/N)"
            }
            if ($choice -eq "y"){
            $DevicesToRemove = Get-ActiveSyncDevice -Mailbox $ActiveSyncUser | Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays("-60")}
            $DevicesToRemove | foreach-object {Remove-ActiveSyncDevice ([string]$_.Guid) -confirm:$false}
            Write-Host ""
            Write-Host "Displaying remaining active devices"
            Get-ActiveSyncDevice -Mailbox $ActiveSyncUser | sort name | Get-ActiveSyncDeviceStatistics | ft DeviceUserAgent, DeviceModel, DeviceOS, LastSuccessSync
            }
            if ($choice -eq "n") {
             write-host ""
             write-host -ForegroundColor Yellow "ActiveSync purge cancelled" }
             }
     
          if ($AppChoice -eq "2"){
            write-host ""
            Write-Host "Listing ActiveSync devices with no successful sync for 60+ days for all users"
            Get-ActiveSyncDevice -ResultSize unlimited | Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays("-60")} | ft DeviceModel, GUID, Identity, LastSuccessSync
            sleep 10
            $choice = ""
            while ($choice -notmatch "[y|n]"){
                $choice = read-host "Do you want to continue? (Y/N)"
             }
            if ($choice -eq "y"){
            Write-Host -ForegroundColor Yellow "Purging Legacy ActiveSync Devices"
            $DevicesToRemove = Get-ActiveSyncDevice -ResultSize unlimited| Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays("-60")}
            $DevicesToRemove | foreach-object {Remove-ActiveSyncDevice ([string]$_.Guid) -confirm:$false}
            $DevicesToRemove | out-file "$LogLocation"
            Write-Host -ForegroundColor Yellow "Log file saved to $LogLocation"
            }
            if ($choice -eq "n")  {
             write-host ""
             write-host -ForegroundColor Yellow "ActiveSync purge cancelled" }
             }
         if ($AppChoice -eq "3"){
         Write-Host -ForegroundColor Yellow "ActiveSync purge cancelled."
     }
     else {Write-Host "Script Completed"}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s