I have a ATT fuze (WM 6.5 energy ROM) which I sync with my company's exchange server. The exchange admin has not yet enabled any security policies. But He is planning to do that sometime soon. As a part of experimenting, he has pushed a policy to disable camera . I have been searching XDA to see how the camera can be re-enabled without a Hard reset. I have come across several post which to disable policy setting under registry key HKLM\Security\Policies\Policies\00001023. But on my phone the DWORD is already set to 1 (disabled). I want some suggestions on where else should I look. I am willing to experment as much as possible before I hard reset my device. The exact error I get when i switch the camera on is "Camera has been disabled for security reasons." This error will pop if I try to turn the camera on from Manilla or straight from the \windows\Camera.exe
The other suggestions I am looking for is to completely disable exchange from setting any policy from my device or Incase thats not possible then to be able to revert back as soon as the policy is pushed to the device.
Thanks in advance for all the help.
The reg key to enable Camera is
HKEY_LOCAL_MACHINE\System\Pictures\Camera\OEM\DisablingConditions
change the "CSPValue" to 0.
There are lot of things that exchange policy will disable, including the ability to load unsigned applications, even though your phone is application unlocked. I haven't look through the full extent of changes.
Related
Well, I found out about the security policy that gets implemented when I got my VX6800 up and running with Verizon's Wireless Sync. Now it's asking for the pin all the time. I did some looking and found the registry entries I need to update to disable the policy here:
http://forum.xda-developers.com/showthread.php?t=317107
But as soon as I sync it resets the AEFrequencyValue & AEFrequencyType entries back.
I tried the Zenyee StayUnlock program, but it still resets. Do I need to have my reg entries set to disable the PIN before I install the StayUnlock?
Any ideas? Am I missing a reg entry?
No takers?
Superfluous bump
Another bump....
I posted this in another forum, but thought I'd give it a try here.
I'm using Verizon's Wireless Sync for my work email and contacts. The bad part is, by using that it's enabled the Lock feature after a timeout/standby/power cycle. I know the registry keys that disable the PIN requirement, but whenever I sync, it resets them.
I tried the Zenyee StayUnlock program, but it's not working for me. Nothing I can find has been able to keep those entries from being reset
Any ideas?
Bump for some help
Oh, and the registry settings reset when I soft reset also...
I have the same problem except when I change the reg keys it disables the lock until the next day. I don't think there is a way around it. I have done some searching but not a lot and it doesn't seem like there is any other way.
juwalk said:
I have the same problem except when I change the reg keys it disables the lock until the next day. I don't think there is a way around it. I have done some searching but not a lot and it doesn't seem like there is any other way.
Click to expand...
Click to collapse
I can get it to stay..... as long as I don't sync or reset (soft or power cycle).
I had found some people were able to use the StayUnlock program to help keep those entries from reverting back, but I couldn't get it to function.
It is QUITE annoying...
Hi used this StayUnlock program and it worked really well for me never have to enter a password to unlock.
Also, you don't have to use Wireless Sync if your server is Exchange, then you can configure ActiveSync to sync over the air, and this StayUnlock works really well. it just gives me a reminder when my server push the security policy, but it reverse it.
Unzip this, create a shortcut to it and dump it into the \Windows\Startup folder.
Hope this helps.
vboyz103 said:
Hi used this StayUnlock program and it worked really well for me never have to enter a password to unlock.
Also, you don't have to use Wireless Sync if your server is Exchange, then you can configure ActiveSync to sync over the air, and this StayUnlock works really well. it just gives me a reminder when my server push the security policy, but it reverse it.
Unzip this, create a shortcut to it and dump it into the \Windows\Startup folder.
Hope this helps.
Click to expand...
Click to collapse
Use ActiveSync OTA? Never heard of this...
I tried the StayUnlock. It didn't work for me. The reg settings would reset as soon as I ran Wireless Sync or reset the phone.
I installed the program, made a link to it from the Startup folder, but still no go. Do you change the settings BEFORE installing, or AFTER.
Ok, I got it to sync to the webmail server for my Outlook. But it's not a push service.
That's what I like about Wireless Sync. It's a push.
Hi all,
About a month ago I enabled pushmail (company Exchange server) on my Touch HD and ever since I'm getting the message: "recent changes to your device require a restart".
It pops up every once in a while and ask me to restart my device.
When I restart nothing changes and the popup keeps on coming. If I select to restart later (which I do now) the popup dissappears and my HD functions normally.
I searched the web and the only thing I could find was a discussion on an Exchange Server setting, which I already verified with our Exchange Admin.
Anybody outthere with the same problem or perhaps even better, anybody with a solution?
Thanks,
Lars
Probably not but is your Exchange server pushing some sort of policy to your HD?
deedee said:
Probably not but is your Exchange server pushing some sort of policy to your HD?
Click to expand...
Click to collapse
Deedee,
Thanks for the rely, but as far as I understood from our Admin no policies are pushed.
Infact I'm currently the only one complaining about this. But that could be because I'm the only one not using the standard issue company PDA.
Lars
We have the same problem here too. It seems that anytime a policy is in place, exchange attempts to push it every 4 hours (for us). Then if the system is not rebooted, then it keeps prompting about every 10 mins to reboot.
If your exchange admin will, he can turn off the refresh setting (not recommended) and it will not keep trying to update the device. If he adds new policies, then turn it back on.
This only seems to affect WM6.1 devices, (regardless of the carrier), and exchange 2007 SP1.
ggiedd said:
We have the same problem here too. It seems that anytime a policy is in place, exchange attempts to push it every 4 hours (for us). Then if the system is not rebooted, then it keeps prompting about every 10 mins to reboot.
If your exchange admin will, he can turn off the refresh setting (not recommended) and it will not keep trying to update the device. If he adds new policies, then turn it back on.
This only seems to affect WM6.1 devices, (regardless of the carrier), and exchange 2007 SP1.
Click to expand...
Click to collapse
Hi, i have exactly same broblem too, maybe somebody help?
Same problem here with the HTC HD2 (windows mobile 6.5).
Synchronization is set to manual. Each time I do a synchonize, all mail is received correctly, but immediately followed by the message that because of "recent changes" the device requires a restart. Really annoying.
Don't know a solution yet...will also check Exchange server settings.
HTC HD2 constant reset
Yes same thing is happening here but the information provided here has given me something to approach our IT department on a possible solution.
Will get back with any valuable information I receive.
Did you get a response from the IT department? I am very curious as well, since I am currently updating a small software agent on the device, and this has triggered the ssame behaviour.
Hi all,
I am having the following problem with my HD2:
I use it to sync with my Exchange 2007 server (push mail, syncing when receiving new mail). The device enables an auto-screen lock then. Therefore it locks after max 5 minutes and I have to slide to unlock each time.
This is very unhandy especially when using TomTom. When navigating with TomTom (or CoPilot) it goes into screen lock every 5 minutes too and you cannot see the map anymore. The strange thing is that Sygic MobileMaps doesn't seem to have problems with it. When using Sygic screen lock doesn't appear.
I tried disabling it with the use of the tip (/.cab) in the tips/tweaks sticky but that didn't help. Seems to be a different sort of lock although it is the same way of locking/unlocking
Does anybody have the same problem when syncing with Exchange 2007? I didn't have this problem with Exchange 2003.
I would like to disable the lock totally. Any other workaround would be great too of course...
Thanks in advance!
Found it!
Hi,
Found it!
In the registry:
HKLM\Security\Policies\00001023: 0 = Enabled; 1 = Disabled
Yeah, that sucks...
Hello Nooky!
Well, that work-around does help you just until MS-Exchange enforces the security policy again. Have the same problem though, so far no luck.
There is some really smart Dude who created a Exchange Policy Patch to avoid that phenomenon, but also that does not survive the next enforced security policy before syncing the MS-Exchange account. But if you want give it a shot:
http://khason.net/blog/how-to-disable-exchange-security-policy-for-windows-mobile-devices/
Greetings, Studebaker
Mmm, thx for the tip...
Can I change something on my Exchange Server to disable it?
I have the same problem, had it on my Touch Cruise as well. Sadly I'm not in control of our corporate Exchange server, so I'm desperately looking for a solution.
Strangely iGo and Route66 did not have this problem, so I'm pretty sure the problem can be solved in software or register.
But dows anybody know how to change this in Exchange then? I do have access to the mailserver (Exchange 2007).
I think there is a possibility for the programmer to simulate a keystroke in a application to prevent the screenlock from activating. Maybe that is done in Route66 but not in TomTom?
stay unlock tool
Try finding 'stay unlock' with google. This tool for windows mobile disables the security policy.
I had it running in Samsung Omnia I900 and worked perfect.
Now I have the HTC HD2 and it does not work because of windows mobile 6.5
It is not yet supported.
Nooky said:
But dows anybody know how to change this in Exchange then? I do have access to the mailserver (Exchange 2007).
Click to expand...
Click to collapse
In the EMC (Exchange Management Console), go to "Organization Configuration" and then "Client Access" and check the "Exchange ActiveSync Mailbox Policies" for the incriminating setting.
All,
I've a problem with the exchange server settings. It looks like my admins had pushed the new exchange policy this afternoon. All of a sudden my phone is asking for a password. I had installed the "Stay Unlock.cab" which worked perfectly so far. Now, I'm getting the password prompt when i unlock the device.
But the actual problem is, when I enter the password it takes me to the password screen and asking me to enter a new password. When I enter a new password it fails saying "An Error occurred saving password settings."
Now, I cannot access my phone. I have so many applications installed and I haven't backed up some of my settings & data. So I am hesitant to do a hard-reset and wipe out 3 weeks worth of my work/customization.
Help please!!
Thanks
Nash (TmoUS HD2 - Stock ROM)
I end up hard resetting.
after, 10 times of invalid password entry in the lock screen, it automatically wiped all my data.
anyway I installed hspl2 and installed energy rom, which is much better and beautiful than the stock rom. I am re installing all my applications now...
Thanks
Hello All,
Now I have a weird problem. I could install all the apps and run it properly, but the moment when I sync my outlook with the corporate exchange account, everything stops working. It looks like the Exchange setup is blocking unsigned apps & I could not install any cab files anymore or start an already installed program like CHT Editor. If I remove the email account, everything works fine again. Has anyone come across this problem?
I'm not sure what was changed in the Exchange server. Can someone please help?
Thanks in advance.
Right now, I have Kumar's ROM & I tried Energy ROM too and it looks like I cannot get around this issue. If I remove the Exchange account everything goes back to normal. I also have "Exchange Stay Unlock.cab" installed which doesn't seem to work anymore. Is there anyone else having the same issue?
Is it possible that the exchange admins put a policy to your telephone that its not possible to install software. ,Maybe that is the problem. Then when you delete email, also delete this policy and then its possible to install progs
It looks like it, before & after deleting the exchange sync it asks me to restart. after deleting the problem goes away. Is there anyway to change exchange's behaviour/policy?
The main problem is not just the installation, even the installed apps don't open anymore. Like the "Arkswtich" task manager which I use all the time or any unsigned apps I think. Opera works fine.
could you tell me, what/how I should ask my admins?
Hello All,
It looks like the policies are being updated and I cannot run or install the any unsigned app. I tried to install the cabs to "Remove app lock, unsigned app, etc..", but I can't seem to install these cabs too. Now, I can't even open the registry and update the policies key manually as I can't open a regsitry editor app.
I tried the registry editor from PC (CeRegEdit) and it won't let me update from that too. I totally stuck with this problem now.
Is there way to sign an app (cab file) or make it trusted?
Thanks
I'll continue to update this thread as no one else seem to have this problem.
I used "msigner.cab" to sign couple of cab files and tried to install and it still failed saying "untrusted...". So, I spoke to my admins, those guys plainly said they don't support windows mobile. Now, I don't have an option.
I wonder, why microsoft would enforce a policy on a wm6.5 devices?
Next step.. I reflashed again, installed all the cabs I needed and setup my device. this time, I'm hoping that I don't have to reboot (I know it's tough ) after syncing up with exchange. I'll sync only the emails (in Exchange) and others through the pc (contacts, tasks, calendar).
Finally, I installed all the reg editors before connecting to exchange. Then I synced only the emails with the exchange server and before rebooting the phone, I used the reg editor to change the key (HKLM\Security\Policies\Policy) values as mentioned in other forums (sdkcerts) to 0. Now it looks like its permanent and not changing even after the reboot!
Thanks
gnash.s said:
Finally, I installed all the reg editors before connecting to exchange. Then I synced only the emails with the exchange server and before rebooting the phone, I used the reg editor to change the key (HKLM\Security\Policies\Policy) values as mentioned in other forums (sdkcerts) to 0. Now it looks like its permanent and not changing even after the reboot!
Thanks
Click to expand...
Click to collapse
What Values do we change??? Policies and Policy are two different folders
aash05 said:
What Values do we change??? Policies and Policy are two different folders
Click to expand...
Click to collapse
Yes I too need to know, I am suffering with the same problem
Thanks in advance
Update I think http://blogs.microsoft.co.il/blogs/...curity-policy-for-windows-mobile-devices.aspx can help in resolving, never tried it though
sorry, it is in the "HKLM\Security\Policies\Policies" folder.
I changed the following keys..
00001005 to 1
00001006 to 1
Let me know if it doesn't work, I can export and email you the policies key from the registry.