Tuesday, November 20, 2012

Traveler traffic you don't want.



Is there any easy way to stop an active sync account from hitting your server?

Following on from yesterday's post. Here is another situation we spotted.

A user has left an Organisation, the Traveler application "Wipe" request was never sync'd successfully due to the sudden departure of the owner of this device and this person still has the Active Synch account on their iPhone pointing to the Traveler server for a company they no longer work for. There is no longer a person document in the Domino Directory, no mail file exists on the server and Domlog is telling us that this device has continued to attempt synching with the Traveler server 24/7, for months!



Anyone else had to deal with this scenario?

Cheers


4 comments:

serdar said...

I wonder if there is no person document, how s/he can authenticate?

The user seems authenticated according to the log.

Unfortunately there is no way I could think of to get rid of it.

Because of these cases, I really like IBM Mobile Connect. Since unauthenticated users cannot pass the LMC server, it doesn't create an unnecessary load in the server.

Stephen Bailey said...

I guess the only way to do this would be to temporarily re-activate the Notes user's access to your servers, allow Traveler access, then re-send the wipe?

Once done, you can then repeat your process to deny access.

Adam Osborne said...

Hi Serdar,

Spot on, why is it authenticate ? We think this is a bug.

Adam Osborne said...

Hi Stephen,

It is tricky, isn't it? This whole BYO device strategy has a lot of information security holes, and I guess the data loss prevention people have a lot of ground to cover.