If Outlook Anywhere or active sync is set up so that Computer DeviceID is used as a second factor, the connection is cached by the DualShield IIS agent on the exchange server. Therefore even if the token is deleted the connection may still remain open, until the next time the end-user launches their mail client.
There is however a task that can be run called IIS Trigger which will cause DualShield to transmit to the IIS agent to delete the connection session, and therefore disconnecting the end users email client from Exchange.
This needs to be incorporated into an audit alert that is generated when the DeviceID token is deleted. This can be achieved by following these simple steps.
Step 1: Configure Audit log
Check the Delete token event log is enabled.
Go to Configuration → Audit
Search for Delete Token and make sure Delete Token is enabled.
Step 2: Check the IIS Trigger task is enabled
Go to Administration → Tasks
Look at the list for a task called IIS Trigger. Click on the corresponding ellipses and select Edit from the menu
Make sure enabled is checked.
You can also check the task parameters and make sure the Mapi and Active Sync nodes are set to true
If not, you can select the nodes, edit them and make them true
Step 3: Create an Audit Alert
In this step, you will create an audit alert that will run the IIS Trigger task as soon as an audit log containing the event code Delete Token and the the token being the DeviceID token, is generated.
Go to Administration → Alerts
Click on the Create button on the top right and choose Audit Alert from the menu..
A New Alert dialogue box will pop up. Please populate the Highlighted areas as follows:
| Option | Value |
|---|---|
| Enabled | True |
| Name | A user-friendly name for your Alert |
| Description | Describe what the alert does (Optional) |
| Conditions | See below |
For the Conditions click on the Edit button to the right of the Conditions box and set the following values in the Condition Builder as below:
Apply those conditions and then scroll down to the Task section at the bottom of the New Alert dialogue box
Enable Execute Task and click on the Magnifying Glass to the right of the tasks field.
Select IIS Trigger from the list of tasks.
Close the task list window and click Save at the bottom.