Running DirectPush on WM6.1 & Exchange 2007 I get a security policy pushed to my device that not only enforces an unlock pin but also makes all programs that were not cooked into the rom unable to run. It even disables certain programs like Remote Desktop and runs encryption on my device.
I've tried things like Zenyee.com Stay Unlock but once the policy is applied you cannot even run a program to edit the registry. It just locks you out.
Any suggestions?
please ask this in the Questions & Answers section. this is not the right place.
Related
Ok this may sound really dumb but I was messing with my MDA last night and set up Exchange Activesync to sync with my work email.
Apparently the email admins (not known to me) enabled the device password policy. After I deleted my exchange activesync settings, the password setting is still there!
Yes, I already tried going into the "lock/password" setting option in the control panel but since the security feature was enabled through the Exchange policy, those options to remove them are grayed out!
Does anyone know of a way to remove this? I'm assuming there MUST be some registry settings I can edit??
I tried playing around with the registry but I'm not that familar with WM 5 registry so I didn't want to mess it up further.
Any help would be GREATLY appreciated!
Device Reset? That's what I did with my MotoQ. I think it is a registry setting though.
I was not able to find info anywhere on MS site how to reverse the darn thing. Even when I removed the policy from the Exchange system testing security settings, it would still prompt for the password.
Let us know.
I have the exact same problem. My device now locks after 1 minute, extremely annoying.
Does anybody have an answer to this problem?
Thanks in advance.
Well... what about talking to the exchange admin and find out the password?
I think you should ask to your exchange admin to remove security policies for your account and resync it !
Have you ever considered WHY there is a password policy enforced?
Maybe to secure the device when left unattended?
And there MUST be a policy enforced to enable a pushed remote wipe, in case you lose the darn thing.
In that case a password policy is the most simple way to do this.
I'm an Exchange Admin myself, and I also enforce a password policy.
So I guess they wont help you with removing.
And even when you remove it via the registry, and you sync it again directly with the server, the policy is enforced again.
So you end up with a device you cannot sync again with your work email.
But a lock policy of 1 minute is harassing somebody, it must be a mistake.
In that case you should contact the exchange admins.
It turned out to be a misclick by myself during the setup. Because I changed the password of my exchange account, I was asked if I wanted a password on my mobile device (according to the exchange admin). Unfortunately I clicked 'yes' en 'next' to fast, leaving me with a device that locked after a minute. Problem was 'solved' by a hard reset.
I suffer from this a whole day even after asking my Exchange admin to turn of that security policy on the server.
Finally I reach a clean solution:
go HKLM\controlpanel\password
turn Dword:HintCounter from 0 to 1
going back to setting-password, now the grayed options return to black.
huangyz said:
I suffer from this a whole day even after asking my Exchange admin to turn of that security policy on the server.
Finally I reach a clean solution:
go HKLM\controlpanel\password
turn Dword:HintCounter from 0 to 1
going back to setting-password, now the grayed options return to black.
Click to expand...
Click to collapse
sadly enough, this doen't work for me...
i also got the pushed policy from the microsoft exchange server so i NEED TO HAVE the $%^&$ password, onterwise when i'm configuring the pushmail it won't accept.
if it was just entering the password it would be okay but it seems that when i use the ''password lock fuction'' and push it on stand-by and back on again the today screen quickly show's to turn black again and sort of reload the page (this hapens in about one second).
and when i don't use the ''password lock fuction'' this doen't happen, so it's clearly the ''lock fuction'' that's causing it.
now how can I disable the password?? i know that normaly you can do this by disabeling this in the menu, but it's turned gray cause of the pushed policy i gues...
and i got the wake-up problem too, but that's also solved when the password is removed... :S
for the rest i can only say, REALY GOOD WORK, and that count's for al,most everything here, i'm really satisfied with my wm6 busniess edition, it rock's!!accept for the thing mentioned above...who can help me out??is there another register tweak to disable the lock?? thanks in advandce and excuse me for my bad english
grtzz
Remen (from the netherlands)
Because of an exchange policy i have to lock by HD2 with an pincode. I have installed SlidIT an Swype an my pincode has been changed
First I installed this SlideIT( 3.1.2.1 )Demo.cab and without soft-reset by device i installed this Fixed-Swype-HTCBlackBird-3.9.10.10.5032.CAB. Than I soft-reset my device and I try to unlock it with my pincode but the code was changed.
How can I use and unlock my device without doing an hard-reset?
I can disable the exchange policy with this register setting, but how to edit the register without unlocking the device? I have tried CeRegEditor but than I have to use ActiveSync an that doesn't work with an lock device.
This version of Swype is the cause of your trouble. It requires a TMOUS ID string in the ROM. Search the forum, and you'll find other threads on the subject.
But no idee how to fix it?
If you manage to access your mobile via activesync (I guess not, as it should ask for your PIN), you could uninstall that Swype from the PC... otherwise I fear there's nothing else than the hard reset.
This can help: http://msmvps.com/blogs/nunoluz/archive/2008/06/10/device-password-recovery-with-exchange-2007.aspx but i have the nice Sense look-and-feel lock screen, so no option for an password reset
One way to remove the having to use a device lock code due to your exchange policy is to use Zenyee Stay Unlock. I've attached the cab. It is straight forward and all it does is runs in the background to remove the exchange policy for needing to have a device unlock code. Works a treat for me.
Okay, my HD2 yesterday forgot my unlock passcode, I have not installed any version of sype, and running 1.66 WWE stock Rom. My Exchange Server security policies forces a passcode.
What i have found (tested) is that an option in BsB Tweaks is causing the problem.
The option that is causing this (or at least for me) is 'Owner Information - show or hide owner in settings'
When enabled, with the show notes, your Owner information and notes are displayed when you wake the phone (before slide to unlock) I wanted this option because it gives you a slightly better chance of recovering your phone if it gets lost.
It works well initially, then for some reason it fails to show, restart the phone and BANG, your passcode wont work!! I have experimented this and it happens every time.
Thought I'd let you all know my findings, and hopefully this bug can be ironed out.
regards
Paul
I've tested it some more today, and I'm pretty sure that it is the Owner info. Going to leave it off now, but would definitely want this feature fixed As i said before it does give me a slightly better chance in getting it back if it gets lost!
Have you tried using the Recovery Password from the Outlook Web Access for your exchange server?
It's not the Exchange password that gets forgotten, it the unlock code for the phone!!! You just cant unlock the phone, hard re-set is the only option!!
Its a know problem for some people that install sype! Same thing your passcode just will not work
Paul Boy said:
My Exchange Server security policies forces a passcode.
Click to expand...
Click to collapse
Microsoft said:
You can use the EMC, the Shell, or Microsoft Office Outlook Web App to recover a device password.
You can require a device password through Microsoft Exchange ActiveSync policies. A user can configure a device password even if your Exchange ActiveSync policies don't require one. If users forget their password, you can obtain a recovery password using the EMC or the Shell. The recovery password unlocks the device and lets the user create a new password. Users can also recover their device passwords by using Outlook Web App.
Click to expand...
Click to collapse
Is what I think you are looking for.
hi , is there any hack/software to remove/disable the ms exchange security password/pin phone unlock.............i have seen threads with software for wm 6.1 and earlier versions and apk for android, but is there any such thing for wm6.5/hd2
Find and change the registry key: HKLM/Security/Policies/Policies/00001023 to value 1
Hope it helps.
did that and was able to unselect the password check box, but soon after, the security protocol pop up came up asking to save a password., and back to square one
If it's the policy laid down by you admin it will repeatedly apply itself until you get bored of trying to change it...
My company which uses lotus traveler to enable access to corporate mail and calendar on WM devices. I installed this on my HTC HD running WM6.5 (Dutty Leo ROM). The installation has forcing us to use strong alphanumeric passwords and also greyed out the "prompt if unused for" radio button where you would typically turn off the phone password locking. This has rendering the phone virtually unusable as it takes 3 mins to enter a strong alpha password each time you use the phone...brilliant!
Is there a hack/registry edit that I can use to un-grey this button so I can turn it off and start using my phone normally again.
Any suggestions would be appreciated...
It's probably not related to the Lotus Traveller itself, but with the company enforced policies included in the CAB file - I presume You got the CAB from the company, not the Lotus/IBM website. At least that was the case in our company, that they forced to use the simple PIN lock with Exchange sync - I was already bothered by the simple PIN, so I dropped the whole idea. But I suggest You take a look in the CAB file, if You can still get it and see what changes does it make in the registry. Or You can also ask from Your company IT guys about the WM policies they have to enforce, they should know.
Anyway, hope You have some directions to go now.
Thanks for the suggestions....
1) I tried removing the lotus traveler application - this had the effect of removing the security enforcement. I reinstalled it and it was enforced again.
2) The traveler application launches automatically when the phone boots up. So I removed it from the startup sequence. Unfortunately this did not solve the problem. So I think there must be a registry setting somewhere that is set and monitored by the application.
3) I also looked in the setup.xml file that was in the traveler.cab installation file. I could not find any registry mods that were related to security.
4) The traveler release notes say the following: Customizable device password strength enforcement rules!
Traveler provides a built-in set of default device preferences and security settings that an administrator can modify for use when a device initially registers with Lotus Notes Traveler. The default device settings for users come from the Traveler administration database default device settings document. Users can change their device preference settings from their devices, but only an Traveler administrator can change device security settings.
Suggestions?
In the last few days I have browsed the registry quite thoroughly and there doesn't appear to be key that controls whether radio buttons are active or not (greyed out). I was hoping to make the "prompt if unused for" radio button active again so I could manually switch it off.
I'm out of ideas....any suggestions pls
i have lotus traveler installed on my tp 2 i have flashed my phone many times and reinstalled lotus and have had no problems. can you post a screen shot.
Security Policy
Hi
I am a Notes admin and can confirm this is a polcy that has been set to secure company data on mobile devices. Most companies have a policy that requires company information/access be secured especially on things like mobile devices.
Think about it, your company email system would be available to anyone stealing or finding your phone. While this may not worry you, it could be a cause for concern for your company executives or auditors - and could be a compliance issue in many industries.
The policy is set on the email server itself and pushed down and enforced on the device so it cannot be bypassed.
To remove it or get a less secure PIN you will need to speak to your company Lotus Notes admin.
This is an issue I have seen before and can cause conflicts between employees who use their own phones and resent the way they use them being changed and those concerned with securing and protecting their company.
Hope that helps but the long and short is speak to your email admins. The security policy is not default so someone must have set it up that way for a reason.
MIUI used to have an option to disable the password option even when it is enabled/enforced by Notes Traveler. However the new versions of miui do not have this.
Check this link
http://miuiandroid.com/community/th...en-security-has-been-removed-fro-1-7-29.8941/
why not have the security measures focus on the app?
paulbenwell said:
Hi
I am a Notes admin and can confirm this is a polcy that has been set to secure company data on mobile devices. Most companies have a policy that requires company information/access be secured especially on things like mobile devices.
Think about it, your company email system would be available to anyone stealing or finding your phone. While this may not worry you, it could be a cause for concern for your company executives or auditors - and could be a compliance issue in many industries.
The policy is set on the email server itself and pushed down and enforced on the device so it cannot be bypassed.
To remove it or get a less secure PIN you will need to speak to your company Lotus Notes admin.
This is an issue I have seen before and can cause conflicts between employees who use their own phones and resent the way they use them being changed and those concerned with securing and protecting their company.
Hope that helps but the long and short is speak to your email admins. The security policy is not default so someone must have set it up that way for a reason.
Click to expand...
Click to collapse
so why not have the security measures focus on securing the app and the app data? personally, I don't mind the 24/7 emails...but making me lock my phone so the company can blow up my phone at 7pm on a sunday...LAME.
Are there any news? I would like to remove the LockScreen security and want to use ibm verse.