I was trying to add my office Exchange account to the default mail app of Windows 8. (It's nothing compared to Outlook but just wanted to try this out)
Auto discover did his work and all the settings are filed in correctly.
Then i got this messange;
"Make my PC more secure
You must make your PC more secure to connect to this server. Windows will ensure that your PC complies with any server requirements, including password requirements, requiring sign-in after a specified period of inactivity, and limited the number of incorrect attempts to sign into your PC. Windows might also limit sign-in methods such as picture password."
Click to expand...
Click to collapse
It gave me the option to cancel or apply the security policy.
But what is it applying? I wanted to know what this is doing to my machine.
After searching allot of fora i found out what it does;
Your computer may not meet the Microsoft Exchange server’s security requirements. The most common reasons why your PC might not meet the Microsoft Exchange server’s security requirements for this account:
An administrator account on your PC doesn’t have a password. All administrator accounts must have a password.
To meet the security requirements, you can:
Set a password for all administrator accounts on your PC.
Remove administrator privileges for any administrator accounts on your PC that don’t have a password.
Remove any administrator accounts from your PC that don't have a password.
BitLocker couldn’t automatically be enabled on your PC. Enable it in Control Panel and then try connecting to your mail account again.
Your Microsoft Exchange server requires security policies that the Mail app can’t support. The Mail app supports the following Microsoft Exchange ActiveSync security policies:
Password required
Allow simple password
Minimum password length
Complex passwords
Password history
Enforce password history
Device encryption
Remote wipe
Click to expand...
Click to collapse
I just wanted to share this with you all for if someone was wondering the same.
Peace.
Related
When you are setting up a new server source in AS, it has some options for doing things automatically (I assume based on our email domain name). This has never worked for me (I am the sys admin for our Windows network). Do I have to be running Exch2007 to get this functionality, or is it some sort of DNS issue that is making this fail? The front-end server that we use is not mail.domain.com We use webmail.domain.com.
Any thoughts are appreciated. We are going to be allowing our users to bring their own service and devices to our cell phone mix, and I want to make connecting with WM devices as easy as possible. I'm trying to reduce the number of blackberry devices we use.
Thanks!
Brandon
Microsoft Exchange 2007 Autodiscovery
Autodiscovery allows a user to enter their email address and password into Outlook 2007 or Windows Mobile 6 Pocket Outlook to have their profile or activesync relationship automatically configured to access an Exchange 2007 server.
In short, you add a DNS record for the host "autodiscover" in the domain you want to use Autodiscovery in. If you want it to work internally just add it to your company's DNS server. If you want it to work externally you have to add it to your external DNS server.
One important note is that you must have a multi-domain SSL certificate from a known public provider. This is because you need 4-hosts on the certificate (2-domains with 2-hosts each) I purchased a multi-domain certificate from GoDaddy.com for $58 for 1-year.
Search keywords: +Exchange +2007 +Autodiscover
Since I've had this phone I've failed to sync with the Sync Centre. It just results in errors every time.
However, because I will be syncing everything that will be on my exchange server, how can I set up this exchange server on the X1? I don't mean the email address only, I need it to connect to my exchange calender, contacts, mail - everything.
I sync to my exchange server via mail2web with no problems - keep in mind if you are syncing to a pc as well you need to select only one location for calendar & contacts.
Isn't it possible to put in the exchange server details directly into teh phone without using 3rd party software?
Is it true that vodafone have removed the exchange feature from their handset?
I'm getting this error.. 0x85010014
Jammy2 said:
Isn't it possible to put in the exchange server details directly into teh phone without using 3rd party software?
Is it true that vodafone have removed the exchange feature from their handset?
Click to expand...
Click to collapse
you don't need 3rd party to set up exchange activesync, it's out of the box.
Jammy2 said:
I'm getting this error.. 0x85010014
Click to expand...
Click to collapse
this is relating to the SSL. Either you have setup an activesync w/o SSL connection, or your PDA clock might be wrong that makes the SSL certificate invalid.
That's assuming your exchange server side is okay.
I've just discovered that everything part from mail will sync if I don't specify my exchange in Vista. When I do that's where the errors show up.
As for exchange on the phone, I will get "network waiting" when I disable SSL. This actually appears to be an issue with many WM devices. What do you mean when you say my clock might be wrong?
The simple Version:
Authentication inside of Active Directory runs over "Tickets" for every User. If the clocks between 2 Ressources are too tifferent, the Ticket becomes invalid, cause the time is an important component of the encryption.
The savest way is to let the phone sync its clock with the exchange server - after Active Sync configuration
For doing this you only need working SSL-encrypted "Outlook Web Access" and your Exchange account have to be "Active Sync"-enabled (an admin has to do this).
Windows Mobile shows you all information yout need to set Active Sync up.
Ah, so the exchange server needs to be active sync enabled?
At the moment I am syncing everything from outlook on my pc, not directly to the server as the device was designed to do
Mine works with my Exchange 2007 server without a problem, out of the box. I just entered my server address, my domain username and password.
Are you sure the server is set up correctly. The exchange server has to have OMA (Outlook Mobile Access) set up. Are there any other devices syncing with the server correctly? Is port 443 open?
Something to note I had to install the security certificate of the server on my phone before it could sync.
I use mine with an Exchange 2007 too. After installing the server
all the necessary features are turned on automatically:
- OWA (Outlook Web Access - website)
- OMA
- Active Sync user role for every account
The OWA-website has to be accessible for public. And the server certificate (for SSL) has to be installed if it is selfsigned
(it is if your browser shows a certificate warning on computers
outside of the company network). Copy it from the browser to
your phone and (double)click it for install. Alternativly ask your network administrator for help.
If the cert is bought from an official worldwide trusted cert
seller like thawte or verizon this should not be neccessary.
what is this ? Under
location and security there is a tab
called
select device administrators
Its support for enterprise applications by offering the Android Device Administration.
Eg. The the default email client application implements this. So if your email client connects to any enterprise exchange server. The exchange administrator forces some security policies like password/Pin to be used on your device. Also in case your device is stolen/lost the exchange administrator can remotely wipe to restore factory defaults.
Hope you got it !!!
one more thing it allows is
there are some apps which turn off your lockscreen nd lock the deivce during some call nd whn using a case and so on
it helps them
I have an exchange active sync mail account installed.
First of all the installion required to add an extra system admin to the phone.
Later on I changed this on the exchange server, but the phone keeps asking for the system admin rights when I try to configure my email again.
Are these policies stuck on my phone already and not refreshed from the server.
Is there any way to get out of having to enter a pin because of the exchange server security requirements? I don't have any info on my work email I am worried about.. so it would be nice not to have to have a PIN/Password to be able to use it.
I have an exchange, it doesn't have to ise a pin at all, I just put it on to the native the email app
Just open and your in.
If the Exchange is setup to require PIN, not all are, then no you will not be able to get around it. It depends on the IT policy who is running the Exchange environment. They can set it to wipe your phone as well if they wish. Both the native app and Touchdown will do this. If they allow other methods of accessing Exchange, then this will not be an issue. However if they are requiring a PIN then they probably don't.
clintre said:
If the Exchange is setup to require PIN, not all are, then no you will not be able to get around it. It depends on the IT policy who is running the Exchange environment. They can set it to wipe your phone as well if they wish. Both the native app and Touchdown will do this. If they allow other methods of accessing Exchange, then this will not be an issue. However if they are requiring a PIN then they probably don't.
Click to expand...
Click to collapse
Ok. Guess I'll see if I can access it through other means than exchange. Not sure. Just hate typing in the pin all the time!!
Thanks for the info though
I run an exchange server myself with a few activesync devices running. It sounds like the pin you are describing is imposed by your system administrator, when I set up an account on an evo or inc all I need is my domain credentials and a server address.
I also run an Exchange setup. I can verify that a few native e-mail apps from 2.1 days somehow bypass certain Exchange requirements, much to my dismay (Motorola comes to mind). They pretty much lied to Exchange and said they were compliant when they weren't and didn't enforce some rules. However, all the new stuff follows the ActiveSync rules, assuming that's the setup you're aiming for. I suppose if you really wanted to bypass the security you could check to see if they left IMAP or POP open, but then they'd just be some not-very-smart sysadmins.
Also, you shouldn't need anything more than your e-mail address and your password to ActiveSync. After the initial attempt at syncing it will ask for you to verify the security permissions. If it drops out and asks for your server name, domain, and such then tell your admins to fix AutoDiscover.
Oh, and while the thought of your admins being able to wipe on command is scary, you will have the ability to remote wipe your device in the event you lose it. It'll be accessible under OWA, so that's handy.