Microsoft Exchange Server 2010 and later offers different management functionality than previous versions. It offers direct control via PowerShell, and does not require the Exchange Management tools to be installed on the MMS Site Server, like Exchange Server 2007 did.

On the Exchange server, make sure Basic Authentication is enabled on the PowerShell virtual directory.

To configure the MMS Site server to work as the EAS server, there are two files that should be edited:

C:\Program Files (x86)\Symantec\Mobile Management\EAS\AthenaEASService.exe.config
C:\Program Files (x86)\Symantec\Mobile Management\EAS\PolicyWS\web.config

The settings are in both of these files, need to be the same across the two files.  Edit the files and change the following settings:

<add key="IsExchange2010" value="True" />

• This value can be either True or False.  The setting needs to be True if Exchange Server 2010, BPOS, or Office 365 is being used.

<add key="Exchange2010ServerName" value="exchangeserver.domain.com" />

• This value should be the FQDN of the Exchange/BPOS/Office 365 server, with which the MMS will interface for Exchange communication.  The server needs to be resolvable via the name specified.

<add key="Exchange2010Url" value="https://exchangeserver.domain.com/powershell?serializationLevel=Full" />

• This should be a valid URL to reach the PowerShell component of the Exchange server.  The "serializationLevel=Full" might not be required in some installations, but is recommended. Test the URL from a browser to be sure it can be reached, and if prompted for authentication, put in valid credentials. A blank page is returned with valid credentials, as no commands are submitted.

<add key="SkipCertChecks" value="False" />

• This value can be either True or False.  If False, the IIS certificate on the Exchange server needs to be trusted by the MMS server.  If True, an IIS certificate warning will be ignored.

<add key="OverrideUsername" value="user@domain.com" />
<add key="OverridePassword" value="password" />

• These values should be valid credentials provided to the Exchange server, to access Exchange content. As these values need to be displayed in plain text, make sure the MMS server is secure and permissions are set for the EAS folder to prevent these from being viewed.
• Note: These settings are optional. As a more secure method of configuring Exchange credentials, configure the "SymantecEASService" and Application pool identity for "SymantecEASAppPool" with the valid Exchange credentials, and leave the override username and password settings blank.

After setting these values, restart the SymantecEASService service on the MMS Server.