Related
I've been running a project on mobile computing at work which obviously means that I get loads of cool toys to play with.
So today I connected my XDA II to a server (via D-Link router) running MS Exchange and MS Sharepoint.
Limited success with Sharepoint, it renders ok but you lose a fair bit of functionality which must be down to advanced IE features not present in the mobile version.
Exchange Web Access worked like a dream though (albeit, a dream where the browser window is too small and the wrong form factor!)
However I was doing 3 things at once and ticked "remember password" when initially logging on to the server and the damned thing just bypassed authentication from then on meaning I couldn't try different accounts.
So to the "does anyone know" bit, Firstly anyone have any ideas about clearing the "remember passwords" nightmare, tried stopping explorer, clearing cache and cookies and even a soft reset with no joy.
The main idea of the project is to give our key mobile workers (mainly our Directors) access to this technology, now I would never suggest that Directors are thick (and some of ours are anything but) however the process for selecting and connecting to networks seems bloody fiddly at best, anyone know of any decent software that makes this a bit more intuitive?
Gonna try and make time to try my BTOpenzone account out with the XDA II tomorrow, any thoughts?
For the auto authenticate part, why not just change your account password on your exchange server, youll get a refused connection and asked for password and username again.
I've tried owa on the xda2 and found it very unwield, so I use imap into pocket outlook instead check it just like you would pop3, infact you could use pop3 aswell / instead.
Forgot to mention, have you had a play with remote admin using the xda yet? I'm looking for a better way than the admin website (same problem as owa)
Good idea on the password, owa is being as we have an existing (large) corporate Exchange set up and want a relatively seamless mobile experience. When using notebooks etc away from the office we'll be using OWA so using it on the Xda's too makes it easier for our high powered thinkers!
Might just have to get some iPaq 4150's for the landscape mode while waiting for Xda III!
Not touched remote admin and probably not likely to, the final system will likely be installed in a fully supported datacentre.
Sounds like a fun setup, love to get my hands on a rig like that (probably bring the whole system down!!! LOL).
I think that owa uses editable html pages, so you could maybe create a more pocket pc friendly layout, I would think that you could redirect clients by browser type so that pc users got the standard layout, and xda's got the modified one.
I've found that if you keep the possible number of connection options down the auto select works pretty well.
Guys,
My wife put in a password to lock her phone (sensitive data) and now she doesn't know what it is, is there a way that I can dump the contents or access the data on the device? She took client notes on it and they were not set to be sync'd with her desktop, she needs them desperately. I'm the one that set up the syncing for NOTES and not WORD docs so I'm in deep S&*t with her!
The docs are in 'my documents' on the phone and not on the SD card.
Anyone able to do it?
Is there a limit on the number of try's?
When using a remote viewing/control software could I simple write a program that continues to run through the 9999 combos or the x trillion combos if she used the alpha-num setting? Are you able to enter the password on the desktop machine?
I like my private parts, please help!
I know a hardreset will dump everything on the phone and then she would be able to use the phone but I'll still be missing a couple of valuable parts of my body, if you know what I mean!!!!!!!!!!!!!!
Try to get your wife to remember at least the first number, so that you only have 999 tries before you actually find the correct code.
I didn't think it was to much to ask her to reminber the other 3 also but as wives will do, its still my fault for not backing it up!
Don't know anything that might help right now, but if I find something, I'll let you know. Also, for information, you might want to try SignWise - it uses a signature as a 'password' - and it's quite good
if my memory is correct (which isn't always the case) there is a program that shows your xda screen on the pc and you can manipulate it there. This in cooperation with a macro/keyrecorder you might get thru it. It probably would still need a lot of editing of the macro.
Thanks guys,
dcs, but then I won't be able to check on her
Does anyone know how to hack this?
Im stuck too. I thought maybe downloading the rom to the SD card might work, but you would have to do hard reset which would lost the data.
You might be able to try setting the active synch to backup up word documents (do it from the pc) then put the XDA in the cradle. Then try to forcefully synch from the PC. It might bypass the password.
I may have a solution, give me a couple of days to try it out and I'll let you know. In the meantime dont hard
reset orplay with it.
Cradeling the device requires the password before the connection is completed so I can't explore the device.
it's not an xda then i suppose ?
because all the xda's i've had synch without the password unless you are forming a new pathership
Its an MDAIII, but I think it still works the same with the WM2003 XDA. Maybe the solution in an old active sync, but I don't think I can go back in a version because the device is updated when I went to 3.7
Can anyone confirm if you can access data when a password is set using an old active sync?
well i can confirm that when i once types in the password for a connection and make it save it then i'm never required to type in the password again when i sync
If I had the Password the first time she entered it we could have done that but she forgot it before it was ever sync'd with the computer. So I need the password for the first time.
Anyone ever use this?
pget.exe gets files from your PocketPC.
http://wiki.xda-developers.com/wiki/XdaUtils
pget.exe Doesn't work until the password is entered to establish the link, it just sits there waiting for a connection. As soon as the Password is entered, it dumped the files to the PC (testing on my phone)
You may patch Active Sync so that it would not stop asking you a password after 3 wrong attempts:
old wcescomm.exe - patched WCESCOMM.EXE
00006C26: 74 90
00006C27: 05 90
Then you can "guess" the password by a bruteforce.
This patch is for ActiveSync 3.7.1 build 4034
You should kill WCESCOMM.EXE process before patching.
I've read a few threads after searchign on Android and Exchange but can't really find what I'm after.
I need to enforce a security policy if users want to sync their exchange account. There's a few people in the office who want Android devices (we provide them with a device) but until there's somethign which enforces something along the lines fo a PIN after 20 mins ala WinMo then we can't do it.
Anyone have any ideas if it's coming or if there's an app to do it? I've tried Touchdown but just seems the same as the Hero Exchange app to me.
I've not tried Touchdown, but they say they support PIN enforcement.
http://www.nitrodesk.com/dk_touchdownFeatures.aspx
Regards,
Dave
Yes, Touchdown and Roadsync both support the PIN function (they ignore it somehow, as android doesn't have a PIN function!)
although i do believe that it is technically possible to exclude individual accounts from the policy on the server (although not exactly the best idea in terms of security).
Alternatively, just do what we did at work and say 'No, you cannot have an Android Phone for your Work Phone'.
Since the ROM update on the HTC hero, I have been able to access my work email (a massive highly secured company who generally know what they are doing) and I know for a fact that they enforce this kind of security arangement on mobiles that want to connect - however android has somehow got around this and there is no remote enforcement and I can use my phone for these emails via PUSH. (I use the gesture lock as a password) You could get them to sign an agreement that they will apply this kind of thing to their phone manually. I don't know if there is an app for remote wipe.
Your company isn't allowing you in some backdoor or anything... depending on their version of exchange they are simply allowing you to use activesync through exchange.
What we all really need is an andriod client to take advantage of exchange 2007's exchange web services protocol, activesync is old technology and limited.
O.P. - You can limit users on a single user basis, if you're running windows active directory. Need a little more info on what you are trying to accomplish. If you're allowing them to use their mail client setup they are saving a password that is not clear text and is hashed... you can install a remote wipe on the phone and if they lose it, simply wipe it and forget it.
My company which uses lotus traveler to enable access to corporate mail and calendar on WM devices. I installed this on my HTC HD running WM6.5 (Dutty Leo ROM). The installation has forcing us to use strong alphanumeric passwords and also greyed out the "prompt if unused for" radio button where you would typically turn off the phone password locking. This has rendering the phone virtually unusable as it takes 3 mins to enter a strong alpha password each time you use the phone...brilliant!
Is there a hack/registry edit that I can use to un-grey this button so I can turn it off and start using my phone normally again.
Any suggestions would be appreciated...
It's probably not related to the Lotus Traveller itself, but with the company enforced policies included in the CAB file - I presume You got the CAB from the company, not the Lotus/IBM website. At least that was the case in our company, that they forced to use the simple PIN lock with Exchange sync - I was already bothered by the simple PIN, so I dropped the whole idea. But I suggest You take a look in the CAB file, if You can still get it and see what changes does it make in the registry. Or You can also ask from Your company IT guys about the WM policies they have to enforce, they should know.
Anyway, hope You have some directions to go now.
Thanks for the suggestions....
1) I tried removing the lotus traveler application - this had the effect of removing the security enforcement. I reinstalled it and it was enforced again.
2) The traveler application launches automatically when the phone boots up. So I removed it from the startup sequence. Unfortunately this did not solve the problem. So I think there must be a registry setting somewhere that is set and monitored by the application.
3) I also looked in the setup.xml file that was in the traveler.cab installation file. I could not find any registry mods that were related to security.
4) The traveler release notes say the following: Customizable device password strength enforcement rules!
Traveler provides a built-in set of default device preferences and security settings that an administrator can modify for use when a device initially registers with Lotus Notes Traveler. The default device settings for users come from the Traveler administration database default device settings document. Users can change their device preference settings from their devices, but only an Traveler administrator can change device security settings.
Suggestions?
In the last few days I have browsed the registry quite thoroughly and there doesn't appear to be key that controls whether radio buttons are active or not (greyed out). I was hoping to make the "prompt if unused for" radio button active again so I could manually switch it off.
I'm out of ideas....any suggestions pls
i have lotus traveler installed on my tp 2 i have flashed my phone many times and reinstalled lotus and have had no problems. can you post a screen shot.
Security Policy
Hi
I am a Notes admin and can confirm this is a polcy that has been set to secure company data on mobile devices. Most companies have a policy that requires company information/access be secured especially on things like mobile devices.
Think about it, your company email system would be available to anyone stealing or finding your phone. While this may not worry you, it could be a cause for concern for your company executives or auditors - and could be a compliance issue in many industries.
The policy is set on the email server itself and pushed down and enforced on the device so it cannot be bypassed.
To remove it or get a less secure PIN you will need to speak to your company Lotus Notes admin.
This is an issue I have seen before and can cause conflicts between employees who use their own phones and resent the way they use them being changed and those concerned with securing and protecting their company.
Hope that helps but the long and short is speak to your email admins. The security policy is not default so someone must have set it up that way for a reason.
MIUI used to have an option to disable the password option even when it is enabled/enforced by Notes Traveler. However the new versions of miui do not have this.
Check this link
http://miuiandroid.com/community/th...en-security-has-been-removed-fro-1-7-29.8941/
why not have the security measures focus on the app?
paulbenwell said:
Hi
I am a Notes admin and can confirm this is a polcy that has been set to secure company data on mobile devices. Most companies have a policy that requires company information/access be secured especially on things like mobile devices.
Think about it, your company email system would be available to anyone stealing or finding your phone. While this may not worry you, it could be a cause for concern for your company executives or auditors - and could be a compliance issue in many industries.
The policy is set on the email server itself and pushed down and enforced on the device so it cannot be bypassed.
To remove it or get a less secure PIN you will need to speak to your company Lotus Notes admin.
This is an issue I have seen before and can cause conflicts between employees who use their own phones and resent the way they use them being changed and those concerned with securing and protecting their company.
Hope that helps but the long and short is speak to your email admins. The security policy is not default so someone must have set it up that way for a reason.
Click to expand...
Click to collapse
so why not have the security measures focus on securing the app and the app data? personally, I don't mind the 24/7 emails...but making me lock my phone so the company can blow up my phone at 7pm on a sunday...LAME.
Are there any news? I would like to remove the LockScreen security and want to use ibm verse.
I've had my Acer for about two weeks, and have had some trouble with connecting to my Exchange server at work. Actually, with every setup (Stock 3.1, HoneyVillain, Toobinay), I can set up my account and start using e-mail. Then, after a couple of days, I get a notification "Security update required" in the notification area, and a similar message across the top of the screen in the e-mail client. After this, the account sync stops. Touching the messages does nothing (does not launch a setup screen or anything like that). Deleting and re-configuring the account has worked temporarily, but stop shortly thereafter.
Is there a known work around for this problem?
I read in one (semi-related) thread that Acer required encryption, but if that was the case, then why would the account sync for a while and then stop working?
Is this build-related? I thought I some someone mention some fixes in the latest builds (...41), but this didn't work for the time that I was on Stock 3.1 (I don't recall the build number, but was there an update in the last two weeks?)
Would a HC3.2 ROM fix this issue?
Conversely, is there a separate client that anyone could work in managing the security for that e-mail (i.e. K9 or Touchdown) that also works well in tablet form factor?
Just as an update. Tried a 3.2 ROM (Minimal) without a change in the behavior. Then tried providing a password for encryption under security settings and activating ability to store encrypted credentials. This seems to have worked, but other measures have appeared to work. Keep my fingers crossed.
It's funny, IIRC, other devices of mine have automatically set that part up when connecting to my account.
I can't connect to Exchange account either. Mine at work is Exchnage 2010.
first you have to set a pin, then you have to encrypt your tablet, this is obviously something included since 1.39 in 3.01.
this may take up to an hour approximately.
then you should be able to connect.
by default, exchange 2007 and 2010 require device pins. You have to set one unless the exchange admin configures the server to allow insecure mobile devices in the exchange server configuration. I haven't come across a requirement for encrypting a mobile device yet, but it is likely a similar setting.
I usually turn off the pin requirement as it is rather annoying and does not always go over well with management types that want quick access to their phones. Fortunately that trend is changing with newer security threats and high profile phone losses/thefts.
I'm surprised you were able to connect at all. The native email client and touchdown both respect the pin requirements and won't allow you to finish configuring the account until the requirement is met.
With what I have done, I find that I can connect and use the exchange functions, but I continue to get the same message every now and then. Strangely enough, tapping on the message is now effective in re-enabling sync with my company's exchange server.
I have not yet done the whole device encryption as a possible solution. Does anyone know the kind of performance effects (if any) there are with encryption of the device?
Sent from my A500 Xoom using XDA Premium App
Now requesting security update again and is not syncing e-mail.
I encrypted device this morning without any benefit to the sync process.
On a related note, do I have to factory data wipe to remove encryption before making any other changes to my ROM (update current ROM or change to another)?
Figured out my primary issue. The administrators set a requirement for a alpha passcode that Android doesn't pick up, so my numeric passcode was creating a problem. Unfortunately, the system couldn't tell me it was a problem.
Still wondering what to do with my encryption now.
Sent from my Nexus S 4G using XDA Premium App
first of all, encryption does not slow down the ICONIA, because it decrypts data only during power up process, after the data is decrypted.
I am connecting to an exchange server 2007, and everything works fine once the encryption process is done. Otherwise no way to connect to the exchange server with or without ssl.
Thats why i found it strange that you can connect without encryption, because it is part of ANDROID 3.01 1.39 and upwards 3.14 and 3.2. This is not specifique to ACER in my mind.
So what ROM are you using?
zoubidou said:
first of all, encryption does not slow down the ICONIA, because it decrypts data only during power up process, after the data is decrypted.
I am connecting to an exchange server 2007, and everything works fine once the encryption process is done. Otherwise no way to connect to the exchange server with or without ssl.
Thats why i found it strange that you can connect without encryption, because it is part of ANDROID 3.01 1.39 and upwards 3.14 and 3.2. This is not specifique to ACER in my mind.
So what ROM are you using?
Click to expand...
Click to collapse
I'm using Minimal 3.2(.1), but was able to obtain the (limited) connectivity even with Stock, Taboonay, HV prior to encrypting.
I'm considering going back to stock and see what happens with different settings.
My clue to the passcode part was that I also have an iPad, which works fine to connect to the Exchange server (with an alpha passcode). I just tried switching it to a numeric passcode and could no longer connect. iOS was worst than Android as far as reasons, though, it just sat there trying to connect without any kind of error message.
There must have been something they changed recently in the security protocols for my company's Exchange, because the problem even happened on my phone, and I've been using a numeric passcode on that for some time. Trouble was, our IT helpdesk had no idea if anything was changed, so they were no help in identifying the issue.
which exchange server version are you running? 2003 2007 or 2010
i can give you a hint on 2007 which possibly also works with 2010
You open Exchange management, go into organisation configuration, client access,
create a new profile, go into "password" remove password required, and in "genera"l
activate "authorize dumb peripherals".
Make this new profile the default profile, then try again.
Right now, everything *seems* to be working (crosses fingers). I've even gone back to rooted stock with custom kernel, kept tablet encryption and all other security settings (alpha passcode, secure credentials, etc.).
I think I'll take the advice in your sig -- and not fix it
Thanks.
A further update.
Continues to work, but I still get the update required message on and off. At least I've determined an easy way to reset it in the accounts section. I think the tablet and/or server are somehow forgetting each other.
Sent from my A500 using XDA Premium App
first of all encryption does not hinder anything, as long as you use a stock compliant kernel like richardtip works very well including oc.
update or changing ROM does not require any changes as kong as they are compliant with stock and you don't have to factory reset.
mevensen said:
A further update.
Continues to work, but I still get the update required message on and off. At least I've determined an easy way to reset it in the accounts section. I think the tablet and/or server are somehow forgetting each other.
Sent from my A500 using XDA Premium App
Click to expand...
Click to collapse
Spoke too soon, now the security update message won't go away. I don't think I'll go back to 3.2 until the Acer update in a couple of weeks. Meanwhile, trying Moxier Mail application.
Sent from my A500 using XDA Premium App
I would only use stock 3.1 or stock compliant custom rom's with or without richardtrip's kernel. because obviously when it does a first time installation it calculates an offset (possible where there keys are stored) and this offset is never on the same place. It seems that this is proper to ACER, XOOM is doing things a different way, and hence does not work on an acer machine. The ACER 3.2 should be available end of this month (after 25), so why nit wait 10 days.