This one has me stumped, and the online info is not helpful. I just started a new job and they use Google Apps for Work. They let you add your account to your own device, but because it is a state agency they are enforcing device policies on accounts - including remote wipe and app auditing abilities. I don't particularly like the idea of them knowing about every single app I have nor the fact that they can wipe my phone. I saw that there should be the ability to create a "work profile" to keep the two separate (allowing them to only see the apps installed on the work profile, and if they issue a wipe it will only nuke the work profile), but I don't seem to have the ability to create one. This is an S5 (SM-G900R7) with bone stock/non-rooted 6.0.1. The online guides say that all I should have to do is open the Device Policy app and go to the Status page, and there should be a button to create a work profile but I do not have said button. Under Policies > Shared Device Details it does say "Work Profile: Supported", so what am I missing here? All I really need is to access my email and see my calendar from that account, but even those require the device policy, so I'm at a loss..
Anyone?
Related
So, I decided when I first got the phone, to have a 4-digit PIN to unlock the phone, but only if done after a long time. I think it was like 24 hours. I can't remember exactly, but that is irrelevant. So anyway, my friend has a Touch Diamond, and we scored a Microsoft internship together. So, a whole bunch of emails started arriving via Exchange and we wanted to sync our phones to it as well.
Now, he DIDN'T set a password earlier, so he couldn't login when the phone asked him for it, resulting in a complete reset!! He was devastated, but luckily, Outlook had stored all his contacts/tasks etc for him on the server, so he was still fine.
My problem is, I am able to login using my original PIN, but now I have to do it, every 15 mins, which the maximum I am allowed to go. (In Settings > Personal > Lock, the 'Prompt if device unused for...' checkbox is disabled.) I realise this is probably some security feature, but is there a way around this? Or will I have to give up sync priveleges to go back to the old days?
Help!
this is a security feature of exchange, not your phone.
if you don't enter the password you'll find that your phone still receives calls etc. I had this and it was very annoying, until I told our infrastructure manager to relax security permission on our exchange server for my device
check out this website... toward the end of the page is a link to an app that will allow you change the behavior of the "exchange lock" feature. now i use Exchange for push and after i'm setup, i use the app to disable the lock/password feature. my exchange service provider doesn't force me to re-enable this feature; however, your provider may be different. read the info and then decide if this is something you want to try...
I am running CheckROMv3 on my Note, and decided to install the Torch Light application of Samsung.
I found the apk in the developers thread, and when I opened it with Installer it requested a lot of permissions. Some highlights are listed bellow:
//
Add or modify calendar events, read browser's history and bookmarks, read contact data, read user defined dictionary, write contact data.
SysScope (??) (sound snooping enough?)
Directly call phone, send, receive, read, edit SMS or MMS.
Your location, both coarse as well as GPS.
Your account: act as account authenticator, use credentials.
Modify, delete USB sotrage contents.
Change audio settings, record audio, take pictures and videos.
System tools including BT, wifi etc
Discover knowns accounts, read Google service configuration, view configured accounts.
Automatically start at boot, read Home settings and shortcuts.
//
All of that for a simple torch widget?
Seriously Samsung, why do you need my GPS and access to my SMS and Google services to light a dark staircase? And how are you planning on acting as an authenticator on my part?
Is this even legal or ethical? And how about all the stock ROM users that have no idea of the above list? Are they really making an educated decision when accepting the update?
This is why I love android and cooked ROMs. I get to decide what I want to share and in this case I decided not to install it.
PS: I just hope this is just an oversight of the programmers. They might have just used a shared library that requests all of the above. Today the Torch Light widget might be using none of them, but if you give your permission to it, future updates will not inform you of any changes.
:O good thing i deleted it.
shahadat said:
:O good thing i deleted it.
Click to expand...
Click to collapse
Unfortunately it is not in the market to Vote/comment it
Hello,
I wanted to ask a question about the difference in permissions for an app that are shown on the Play store and in App Privacy area of the setting.
For example, when I downloaded Accuweather Platinum from Play store, I was told that the app will have access to Identity, Location, and Photos/Media/Files. For Identity, it further stated that it "uses one or more of: accounts on the device, profile data."
I found it rather intrusive that a weather app would want access to my identity information, be it anything. Especially, since their privacy policy dictates that they can track user behavior on ANY site the user visits and not just on AccuWeather site.
But when I go to Settings -> App Privacy -> AccuWeahter, I only see the permissions listed as "coarse location, fine location, vibrate, keep awake" and the check boxes are there to block either one or all of them (location, vibrate, keep awake.)
Can someone please help me understand how this works. Why did Google Play mention that app will have access to my identity information and if the app really has that access, why won't App Privacy allow me to restrict that access.
Thanks
I've been trying to find out how the new google play permissions work too. I don't know what permissions have changed any more because it only lists all permissions and doesn't makr the new ones, so you have to go back to the Application settings and look at what they currently use and then, like you say, work out how they line up. I think google has succeeded in gettting people to not care anymore about permissions. Why take away the visibility and control of it all? Anyway, hope I can find something that can help. In the meantime, I just won't update apps with changed permissions.
I do have an app that now says "uses one or more of: accounts on the device, profile data." and their response was "We made changes that were required by play services and advertising network". I find that a bit hard to believe.
Edit: Having said that I just came across this: http://forum.xda-developers.com/xposed/modules/playpermissionsexposed-fix-play-store-t2783076. You'll need to be rooted and have xposed framework installed though.
All,
The "Nine" exchange email app available on the play store gives you the option of Device Exchange Security protocol via device administrator OR Software level Exchange Security protocol. In other words, to receive exchange email you can either be forced to screen lock your phone or password protect the nine app to receive your exchange mail.
I have figured out how to remove the software level exchange security protocol if anyone is interested.
Here is the very quick how to.
**Prerequisite**
You must be rooted.
1. Download app
2. Install app and setup your exchange email. Use app level exchange security NOT device level.
3. Set your password. We will remove this policy later
4. Make sure your email starts to flow in
5. Download your favorite SQL database editor. I use SQLlite
6. Open database editor and go to the nine app
7. Open email provider db then account.... change policy key from 2 to 0 then save.
8. Leave account then go to policy. You are still inside email provider db.
9. Change the password mode from 2 to 0. This is the first setting at the top of the list. Scroll down to protocol policy required... Set this to 0. Then scroll all the way down to the bottom to the last policy item called alphanumeric password required... Change this from 2 to 0. Then hit save.
10. Now, back out of the SQL editor... Don't open nine email yet.
11. Force close nine email. You must force close instead of removing from recent
12. Start nine email. Go to security and enter your password once if it asks. May not even ask. Then Uncheck "password".
13. Reboot, profit. At this point the exchange policy should now be bypassed.
If this helped you by me a beer!!! See donate button by my name.
Follow me on Twitter for more awesome tweaks. @bash_array
Screenshot
Hi, tried this but I can't locate that database. I must be doing some thing wrong. I'm using a Oneplus One but I don't see the email provider db. Can you post a screen shot of what it should look like after I select Nine from the app list in SQLite? Also, there are multiple SQLite apps, which one are you using?
Here is the app I use....
https://play.google.com/store/apps/details?id=com.speedsoftware.sqleditor
Here is a screenshot. Note, the databases won't be created until you fully setup your email in nine and begin receiving emails. Once you do that it'll look like this.....
bash_array said:
Here is a screenshot. Note, the databases won't be created until you fully setup your email in nine and begin receiving emails. Once you do that it'll look like this.....
Click to expand...
Click to collapse
Not sure what I'm doing wrong. I have Nine setup with my work account and it's working but when I follow your steps I don't see the databases?
I'm on the One plus one if that matters.
hamzer11 said:
Not sure what I'm doing wrong. I have Nine setup with my work account and it's working but when I follow your steps I don't see the databases?
I'm on the One plus one if that matters.
Click to expand...
Click to collapse
Are you rooted? My apologies. I forgot to mention that you must be rooted in order to see secured databases
bash_array said:
Are you rooted? My apologies. I forgot to mention that you must be rooted in order to see secured databases
Click to expand...
Click to collapse
Yes I am. It asked and was granted permissions. You can see the # symbol in the status bar while SQLite is running. I will check again.
edit: Checked again and it has root. My Nine version is 1.8.0d (108004) Licensed. Not sure that matters.
I have the licensed app too. What OS are you running? Cm12?
bash_array said:
I have the licensed app too. What OS are you running? Cm12?
Click to expand...
Click to collapse
Yes. I will try removing the account and adding it again. I checked other apps and they all seem to have their databases.
Tried deleting account and reinstalling app. No luck. When I add my work account it forces me to accept encryption, does that have anything to do with it? I really would love this to work but I don't know what else to do.
hamzer11 said:
Tried deleting account and reinstalling app. No luck. When I add my work account it forces me to accept encryption, does that have anything to do with it? I really would love this to work but I don't know what else to do.
Click to expand...
Click to collapse
You want to set everything up including allowing the app to force you to create a password. Don't use device level security. Use app level security within nine. Once your password is set and you have begun receiving emails then the email provider db will be created. After you have set a password and get your emails up and running then go into sqlite and follow the edit instructions
bash_array said:
You want to set everything up including allowing the app to force you to create a password. Don't use device level security. Use app level security within nine. Once your password is set and you have begun receiving emails then the email provider db will be created. After you have set a password and get your emails up and running then go into sqlite and follow the edit instructions
Click to expand...
Click to collapse
I tried everything you said. I am convinced that the DB is being hidden somehow (encrypted maybe). I tried another app, aSQLiteManager. Navigated to the Nine app folder in data/data. Then went into the databases folder. Here I see the following databases:
LogReporter.db
SecureEMailProvider.db
SecureEmailProviderBackuip.db
SecureEmailProviderBody.db
I noticed all have the work "secure" before it except LogReporter. For some reason SQLite app can only see the ones not listed as secure. So I thought I was good to go but when I click on SecureEmailProvider.db I get the message "/storage/emulated/0/aSQLiteManager/SecureEmailProvider.db is not a database"
No idea where to go from here. Appreciate your help but I guess it just won't work for me. It would be nice if someone else was also trying. I should note again that I can see and open databases for other apps just fine.
bash_array said:
All,
The "Nine" exchange email app available on the play store gives you the option of Device Exchange Security protocol via device administrator OR Software level Exchange Security protocol. In other words, to receive exchange email you can either be forced to screen lock your phone or password protect the nine app to receive your exchange mail.
I have figured out how to remove the software level exchange security protocol if anyone is interested.
. @bash_array
Click to expand...
Click to collapse
Any idea if this still works on version 1.8.19? If not, do you know of any other options?
clambert11 said:
Any idea if this still works on version 1.8.19? If not, do you know of any other options?
Click to expand...
Click to collapse
I can confirm this on 1.8.19a
It worked!!!! You are amazing.. Thanks a lot.
---------- Post added at 11:34 PM ---------- Previous post was at 11:33 PM ----------
Worked in latest version that I downloaded from google play today.. 1.8.21
Thanks, worked great for me on both my phone and on my tablet.
hamzer11 said:
I tried everything you said. I am convinced that the DB is being hidden somehow (encrypted maybe). I tried another app, aSQLiteManager. Navigated to the Nine app folder in data/data. Then went into the databases folder. Here I see the following databases:
LogReporter.db
SecureEMailProvider.db
SecureEmailProviderBackuip.db
SecureEmailProviderBody.db
I noticed all have the work "secure" before it except LogReporter. For some reason SQLite app can only see the ones not listed as secure. So I thought I was good to go but when I click on SecureEmailProvider.db I get the message "/storage/emulated/0/aSQLiteManager/SecureEmailProvider.db is not a database"
No idea where to go from here. Appreciate your help but I guess it just won't work for me. It would be nice if someone else was also trying. I should note again that I can see and open databases for other apps just fine.
Click to expand...
Click to collapse
Were you able to fix this issue? I have same problem and not able to figure out how to disable this.
bash_array said:
All,
The "Nine" exchange email app available on the play store gives you the option of Device Exchange Security protocol via device administrator OR Software level Exchange Security protocol. In other words, to receive exchange email you can either be forced to screen lock your phone or password protect the nine app to receive your exchange mail.
I have figured out how to remove the software level exchange security protocol if anyone is interested.
Here is the very quick how to.
**Prerequisite**
You must be rooted.
1. Download app
2. Install app and setup your exchange email. Use app level exchange security NOT device level.
3. Set your password. We will remove this policy later
4. Make sure your email starts to flow in
5. Download your favorite SQL database editor. I use SQLlite
6. Open database editor and go to the nine app
7. Open email provider db then account.... change policy key from 2 to 0 then save.
8. Leave account then go to policy. You are still inside email provider db.
9. Change the password mode from 2 to 0. This is the first setting at the top of the list. Scroll down to protocol policy required... Set this to 0. Then scroll all the way down to the bottom to the last policy item called alphanumeric password required... Change this from 2 to 0. Then hit save.
10. Now, back out of the SQL editor... Don't open nine email yet.
11. Force close nine email. You must force close instead of removing from recent
12. Start nine email. Go to security and enter your password once if it asks. May not even ask. Then Uncheck "password".
13. Reboot, profit. At this point the exchange policy should now be bypassed.
If this helped you by me a beer!!! See donate button by my name.
Follow me on Twitter for more awesome tweaks. @bash_array
Click to expand...
Click to collapse
Please excuse this shameless hijack but it is somewhat on topic.
My company uses Outlook Web Access through Office 365 and previously I was able to use NINE to access my email. I was even able to execute this bypass hack. Recently however my company's server stopped allowing access to NINE. I thought it might be because of the bypass hack so I factory reset the phone and tried to do a fresh install and setup and it doesn't work. I tried several OWA apps and the only that works is MobiMail.
Any idea why NINE doesn't work anymore?
HTC-OH_SNAP said:
Please excuse this shameless hijack but it is somewhat on topic.
My company uses Outlook Web Access through Office 365 and previously I was able to use NINE to access my email. I was even able to execute this bypass hack. Recently however my company's server stopped allowing access to NINE. I thought it might be because of the bypass hack so I factory reset the phone and tried to do a fresh install and setup and it doesn't work. I tried several OWA apps and the only that works is MobiMail.
Any idea why NINE doesn't work anymore?
Click to expand...
Click to collapse
NINE does not use OWA, it uses active sync. MobiMail connects via OWA, so very much like a web browser. I would first ask a few co workers if their active sync app still works. If theirs does not work your IT Department broke activesync or turned it off on everyone.
If theirs works the IT Department turned it off on just your mailbox.
My mother's Nexus 7 has 2 accounts, the main/owner one which is my own and a secondary one for her. That's how I initially configured that device but I don't use it anymore, I want to remove my account from that device. How can I do that and transfer the device ownership to her account without resetting and re-configuring everything?
Anyone?
Nazgulled said:
My mother's Nexus 7 has 2 accounts, the main/owner one which is my own and a secondary one for her. That's how I initially configured that device but I don't use it anymore, I want to remove my account from that device. How can I do that and transfer the device ownership to her account without resetting and re-configuring everything?
Click to expand...
Click to collapse
Hi, Nazgulled...
I really don't think there is an easy way of transferring ownership, other than with a factory reset, and then setting it up as a new device, with a new owner.
A factory reset provides a complete and clean break from the previous owner to the new owner.
It also depends on how many accounts you have, and with which organisations.
For example, I have my standard Google account, my Guardian (UK newspaper) account, BBC account, and Facebook account (not that I use it much).
Further, using Chrome browser, I use it to login to multiple blogs, websites and forums (such as XDA), and it remembers my login and password details.
------------------
Removing Google accounts is reasonably straightforward though...
On your Nexus 7
Go to SETTINGS>>ACCOUNTS>>GOOGLE...
Select your Google account, and then tap on the '3 dot' overflow menu at the top right hand corner of the screen, and select the Remove Account option.
(See attached screenshot.)
And then do the same for your mother's Google account, as it's a secondary account.
------------------
Once both accounts are removed, tap BACK twice (to just SETTINGS>>ACCOUNTS) and select +Add Account, select Google and enter your mothers Google login details, username and password...
Or alternatively, just back out of everything to the home screen and then fire up the PlayStore or Gmail app, where you'll be prompted to enter your mother's Google account details.
You're now setting up the Nexus 7 with your mother as the primary Google account holder.
------------------
One possible problem here that I can forsee, is if you've bought any paid-for apps from Google PlayStore using your (Nazgulled) Google account, and that you currently share with your mother, they will still be installed on the Nexus 7, but they will likely, at some point, fail the Google licence check... as you will cease to be the legitimate paid-for and licenced user of those apps on this device, the Nexus 7 (because your Google account will have been removed from the device).
This may possibly result in complete cessation of those apps, or experience some degree of limited/restricted functionality. This may not happen immediately. It could be days or weeks before this happens. It depends on how the apps (in question), and their developers deal with unpaid for, and thus unlicensed software.
Your mother may need to buy the apps (a licence) to continue to use them at some point, or alternatively, uninstall them.
------------------
You should also clear the data of certain apps you currently use, as the primary user of the device...
Any email apps you happen to use, such as...
**Gmail
**Inbox
**MailDroid
Any browsers...
**Chrome and it's derivatives (Beta and Developer)
**Opera
**Boat Browser
**Maxthon Browser
Any banking or financial apps you also might have installed. This will clear username and password login details stored by these apps.
This is accomplished as follows.
I'll use Chrome as an example.
Go to SETTINGS>>APPS>>Scroll horizontally to the ALL tab...
Scroll DOWN to Chrome, tap to enter and tap the CLEAR DATA button.
The same method should be used for apps installed whose login details you wish to clear.
------------------
Please don't misunderstand me... I'm not trying to impugn your relationship with your mother or the level of trust you have with her. But privacy is a consideration when transferring a device that has not been properly wiped. And I'm just pointing out the complexity of removing your personal data from a device... without factory resetting it... and which is the only surefire and guaranteed way of cleanly transferring ownership.
------------------
If all the above sounds a bit messy, that's because it is!!!
I know from experience in the past, with Android devices, Windows PC's, and quite recently, an Apple Mac, that the most straightforward way of transferring ownership, is for the new user to begin with a completely blank slate.
And apart from anything else, a factory reset device generally tends to perform better, is smoother and is more responsive, once the accumulated detritus of months or years of use has been swept away.
------------------
Hope this is useful to you... and good luck.
Rgrds,
Ged.
Wow, such detailed post. Much appreciated...
Now that I think about it, a factory reset would probably work because my mother doesn't have that many apps and the ones that she uses are probably backed up on Google's servers which will be automatically restored when setting up the device a second time. There are no purchased apps that I share with the second account, so that's not a problem. About privacy, no worries mate, that's a non-issue, unless someone unknown gets access to the device and starts poking around, that's not a problem.
I'll probably do a factory reset than, it will probably be easier.
Thanks