This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 70%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
During the past month, I have encountered users' devices being quarantined by our Exchange 2016 despite it being approved previously for Exchange access. Upon investigation, I observed that the physical device is still the same (tallying the serial number of the physical device against my records), but the device ID in Exchange is different (attached picture as shown).
All affected users are using Microsoft Outlook on various Android smartphones. As of now, it is time consuming as I have to verify each user's phone physically to make sure that is the same device that I had previously approved.
s
That expected. The Device ID changes with Outlook Mobile:
@Andy David - MVP I was aware of that article and had combed through it a few times. I would have settled for that if it had been happening since Day 1 of our operations, but this only started in March 2023, and we had been using since March 2022 for Exchange 2016.
And this is only affecting users running on Android with Microsoft Outlook app, it does not affect users who uses Android email apps (Samsung/Huawei/Oppo inbuilt email app or Gmail), nor Apple iOS users.
EDIT: Came across the following link
Despite it being applicable to Microsoft 365, the scenario is exactly the same as what I am encountering for my Exchange 2016 on-prem.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 46%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
We've been using Exchange 2016 with Outlook for iOS without this issue until this month, no issues and suddenly in the past week we've had 7 devices change Device ID.
In the M365 guidance they suggest that, at least in Exchange Online, it should update the new Device ID automatically when this changes - https://learn.microsoft.com/en-us/outlook/troubleshoot/exchange-connectivity/outlook-for-ios-and-android-with-abq-rules-are-quarantined
Hi, you may want to open a case with Tech Support if this is an issue. From what I have seen in the past, the Device ID always changed with each new partnership, so this may be new behavior.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 96%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Hello, we have the same problem since sunday.
Existing devices are quarantined with a new ID.
Is this a Microsoft issue?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 63%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
We have the same problem. Since Monday morning we have had 8 devices change over. A few every night.
Curious to see what Microsoft says. Thanks for submitting this problem.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 42%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Same issue. It started happening en masse this weekend to many companies, thousands of devices. See below threads all reporting the issue starting this week. Something change on MSFT's side certainly.
https://www.reddit.com/r/sysadmin/comments/123isaj/exchange_activesync_all_device_requarantined/
https://www.reddit.com/r/sysadmin/comments/123eoaq/on_prem_exchange_2016_mobile_devices_using/
https://www.reddit.com/r/sysadmin/comments/123a39b/exchange_2019_onprem_new_devices_being/
Just to be clear, someone will need to open a ticket with Microsoft support directly.
I've put in a case. Its going about as expected. Nothing of value for 24 hours other than boilerplate questions about what we changed and who is affected.
Just to check with all users that are affected, is this affecting your Android users, or are iOS users affected as well?
Based on my own internal observations, so far it is only affecting Android users using Microsoft Outlook app. Users on iOS and users using Android alternate email apps (Samsung email, Gmail, etc) are not affected at the moment.
I have confirmed via a support case that this is expected and nobody should rely on device id for access rules. It can and will change and they cannot say how, why, or when. Could be tomorrow, could be years from now. No way to know.
Instead just allow the Outlook device string (at the cost of security!), move to exchange online, or use Hybrid Modern Authentication.
Unbelievable.