Just a quick note looking to see if anyone else is having the same problems that I've been having the last 24 hours.
I've had my 8125 about 3 weeks - and in that time have successfully upgraded to various summiter AKU2 ROMs. Last night my IT department pushed out a Goodlink policy update requiring passwords on all handhelds. Of course this is a pain in the ass, but I understand the issues and don't really have a problem with this policy.
However, there is a serious issue with the goodlink password requirement and AKU2 - basically they don't seem to work together. Immediately after having the policy pushed to me, the first time I did a soft reset I ended up with a blank white screen, with the task bar on top. The left side of the task bar would quickly flash "password" and then change to "Start" (w/ no start logo) and that was it... Nothing... Soft reset - same problem. The only thing that brought the device back was a hard reset, but once I reloaded goodlink and re-entered the password I was back in the same place.
After pulling my hair out for most of the night (it's not good to go to sleep at 3:00am when you have a client board meeting at 8:30am), I decided on my way to the airport that I would try loading the original Cingular ROM back. Surprise surprise, that worked (sort of - additional details below). After spending a lot of time trying out different solutions today, I've come to the conclusion that goodlink passwords only work with the original Cingular ROM - I don't know if it's a problem with AKU2 or a problem with the customizations.
Anyone else with this issue? I'm currently running goodlink 4.7, I'm wondering if 4.8 will fix any of these problems, I just can't find an OTA link for 4.8 and the cab from goodlink doesn't install correctly.
Additional problems - Even with the original ROM, there are some conflicts with the goodlink password. If I have certain shortcuts in the startup folder (at this point I think its AEBPlus and PQZII), the device freezes immediately after entering the password. After soft-resetting, I can explore the device from my PC while it's waiting for a password and delete the offending shortcuts, soft-reset again, and then I'm back in business.
I just posted the same problem earlier today. I have been using the latest Goodlink 4.8 build and have the same problem with AKU2. White screen of death with the status line showing at the top. My IT department turned off the password requirement for me. That seems the only way to fix it so far. I guess this is one reason Cingular has not released new firmware yet.
Ira
well - it's nice to know I'm not the only one.
Unfortunately my company doesn't officially support goodlink on an Windows Mobile devices - only the Treo 650. Given the fact that the device isn't supported AND I'm using a hacked ROM, I can just imagine the laughs they'll have at my expense.
At this point I'll just hang out and wait to see what happens.
I wonder if this is why Palm pulled the AKU2 update for the Treo 700w? Supposedly it was due to a compression issue, but who really knows? I'm posting a message on on treocentral, as there's a Good rep who monitors that board.
just curious.. does your it dept use the remote erase function on the backend?
i believe we do thus we do not require password protect on goodlink...
good to know i shouldn't have probs w/ it on the treo700w since i gotta setup one on fri..
seamonkey420 said:
just curious.. does your it dept use the remote erase function on the backend?
Click to expand...
Click to collapse
We do, but I work for a company that has become very, very, very conscious of protecting client data - with a couple of in-the-news issues (one moron left a cd with client employee data on a plane). They pushed the password requirement out to blackberries last week, and Goodlink devices this week.
Yes Ive had the same problem for last 2 weeks with both mini s and sp5 and goodlink.
Ive just updated goodlink to 4.8 and all seems to be fine.
Ive only just updated to 4.8 today but so far so good.
Update
I had some free time on my hands to tinker tonight - so I decided to see if I could test 4.8 with and AKU2 ROM.
Since my company hasn't rolled 4.8 out yet, I had to basically hack it in, which involved extracting the files from the 4.8 desktop installer from the goodlink website and copying those over my existing goodlink backup on the storage card (after copying the originals somewhere else of course).
I'm happy to report that, as of right now, the issue does seem to be resolved. It does look like 4.7 isn't compatible with AKU2 (if you use passwords) - so if this situation applies to you (on 4.7, using passwords) you shouldn't upgrade to an AKU2 ROM.
4.8 still does not work for me
I initially loaded goodlink 4.8 and had the password problem with the 2.17 rom. I have given up and am using the stock firmware until there is an official cingular update.
glad to hear others are having better luck.
ira
I had the same problem with GoodLink 4.7 and the new version 2.x ROMs on my Qtek 9100. I ended up downgrading to version 1.x ROMs (Button 1.5.4.2 WWE works fine with GoodLink 4.7.
aku2, goodlink 4.7/4.8, cingular 8125, and password policy
Thanks to CameronJ on his post. I was in the same boat, i.e. Going along fine on my Cingular 8125 with the released ROM when my company rolled out a password policy on Goodlink version 4.7. On the released ROM I started having unreliable service (disconnects almost continuously). I finally upgraded to AKU2 before seeing this thread (thanks Summiter for the great AKU2 build). However at that point I hit the consistent White Password Screen of Death as soon as I reinstalled my backup of Goodlink 4.7 and the policy was enforced.
However CameronJ's 4.8 suggestion was perfect. I too couldnt do a normal upgrade but by downloading 4.8 from Good and then copying the entire directory from the Pocket PC 2005/4.8/EN/ directory into my backup directory, I was back up and running with no problems. (this of course ignores all my false starts and problems). Dont use the Smartphone files as those wont work.
I was on the verge of giving up. Thanks for this thread.
additional password hacks
After playing around a bit in the registry the last week, I also found how to have a password that violates my organization's password policies. While I understand the reasoning behind having a password, the 30 minute timeout (which is the max my organization lets me set) is way too short. It looks like the goodlink password parameters work in the following way:
- Password policies are passed down through GoodLink and stored in the registry in HKEY_CURRENT_USER\ControlPanel\GoodLink\Password. There are a number of keys here, including ITLockedTime, ITLocked, ITPasswordMinLength, and a few others.
- When you go into the Lock/Password settings, the control panel settings dialog pulls from these registry keys to determine if your password meets policy.
- After a short period of time, any changes to these registry keys get overwritten back to corporate policy, however, nothing ever checks your password (as long as you don't go back into the Lock control panel extension) to make sure it complies with policy.
Basically, this means that you can change the key for minimum length or timeout and then go into the Lock control panel extension and change your password. I currently have a 1 character password set to timeout every 24 hours (instead of 6 characters that times out in 30 minutes). I've been running this way for about 4 days now, and even though the registry keys are back to policy, my reduced security password is still in force.
ITPasswordMinLength is self explanatory - change this to however many characters you want as your minimum.
ITLockedTime is a little more obscure. The decimal value here corresponds to the number of items in the list of timeout values in the timeout dropdown. 1 means only one item will show up (which is 0 minutes), I think 11 is 24 hours.
ITLocked - I'm guessing that if you set this to 0 it doesn't check these parameters at all, which means you might be able to disable the password. I haven't played with this one yet.
Re: additional password hacks
CameronJ said:
ITLocked - I'm guessing that if you set this to 0 it doesn't check these parameters at all, which means you might be able to disable the password. I haven't played with this one yet.
Click to expand...
Click to collapse
Wow, I've been looking for this kind of hack for awhile. I'm going mad with the couple minute forced timeout/lock policy I'm forced to live with. Imagine trying to use your pocket pc as a GPS device and it locking every couple minutes! (totally sucks)
Do you know if it's possible to do what did in a normal AKU2 MS Push Mail system? (I dont use goodlink, just regular microsoft push)
Which reg keys do I mess with?
How do you keep the changes from being detected/overwritten?
Thanks!
Any update on rather this has been addressed in a more recent ROM (AKU 2.3?). I am looking to start my company's Goodlink trial program and currently have 2.17. Thanks!
Re: additional password hacks
CameronJ said:
ITLocked - I'm guessing that if you set this to 0 it doesn't check these parameters at all, which means you might be able to disable the password. I haven't played with this one yet.
Click to expand...
Click to collapse
An update - this is the best way to go. Set ITLocked to 0, go into the password control panel applet and uncheck the password box. No more password requirement.
caiken said:
Any update on rather this has been addressed in a more recent ROM (AKU 2.3?). I am looking to start my company's Goodlink trial program and currently have 2.17. Thanks!
Click to expand...
Click to collapse
As long as you are using the most recent version of the goodlink client (4.8 ) you will be fine. The issue is with the previous version of the client (4.7).
I had no problem with this nasty password bug when I upgraded to AKU 2.3. I'm using Goodlink 4.8.
Ira
irablumberg said:
I had no problem with this nasty password bug when I upgraded to AKU 2.3. I'm using Goodlink 4.8.
Ira
Click to expand...
Click to collapse
This problem only exists with AKU2+ ROMs and GoodLink 4.7 - not 4.8
CameronJ said:
irablumberg said:
I had no problem with this nasty password bug when I upgraded to AKU 2.3. I'm using Goodlink 4.8.
Ira
Click to expand...
Click to collapse
This problem only exists with AKU2+ ROMs and GoodLink 4.7 - not 4.8
Click to expand...
Click to collapse
Thanks for the update guys. I'm assuming the "Get Good" link now downloads 4.8.
CameronJ,
You wrote:
An update - this is the best way to go. Set ITLocked to 0, go into the password control panel applet and uncheck the password box. No more password requirement.
Can you elaborate on this process? Where do I find the password control panel applet?
gaelen00 said:
CameronJ,
You wrote:
An update - this is the best way to go. Set ITLocked to 0, go into the password control panel applet and uncheck the password box. No more password requirement.
Can you elaborate on this process? Where do I find the password control panel applet?
Click to expand...
Click to collapse
Also, it appears that any changes that I make to the Good settings in the registry are over-written the very next time it syncs with the Good server. Anyone know how I can lock the registry settings that I set in addition to how I remove the requirement for the Good password controlled by my IT dept.
Hello,
I have the HTC Touch Diamond with WM6.1. I love the phone but my exchange administrator has implemented password protection for my email account. So every hour my phone is locked until I enter the password. Does anyone know how to extend the time or disable the password in the registry. I have found several references to the registry setting in WM5 but that did not work so I am wondering if it is a different entry in WM6.1 Any ideas?
Can anyone help me with this?
This should work on WM6.1:
\hklm\security\policies\policies
Change value name "00001023" from '0' to '1'.
Or: http://cid-79cd30393341a619.skydrive.live.com/self.aspx/Public/WMSimulateKeyPress.zip
Or: http://www.modernnomads.info/wiki/i...ation+when+your+PocketPC+is+on+external+power
Or: http://mobilitytoday.com/forum/showthread.php?t=13030&page=2
Btw, think about it before you remove this policy. The sysadmin does not enforce this policy for nothing. I learned to live with it, it also has some advantages (for example when your device is stolen and you won't accidently push any buttons)
Thanks for the reply. the 3rd link which is Zen's program does not seem to work in WM6.1 in the Diamond. The registry entry definitely does not work because I have set it and reset the phone and it still locks. You have a point about why the password is there but it becomes a safety issue when I am driving and need to make a phone call. I am not sure what the Simulate Key press does could you provide any more information?
I am finding that with the HTC diamond alot of the customization has changed alot of the functions for the registry. I wish I could find someone that has figured all this out.
My employer changed my PPC (os CE 6.1) security settings in order to "provide" safe access to my exchange mail server. Therefore I have to give my password in case of inactivity every 15 minutes. I can only change this setting in less minutes. Quite annoying actually. Is there a way to bypass this inconvenience? The system will problem check every time I try to synchronize if the settings are in line with rules....
Thx.
manzondernaam said:
My employer changed my PPC (os CE 6.1) security settings in order to "provide" safe access to my exchange mail server. Therefore I have to give my password in case of inactivity every 15 minutes. I can only change this setting in less minutes. Quite annoying actually. Is there a way to bypass this inconvenience? The system will problem check every time I try to synchronize if the settings are in line with rules....
Thx.
Click to expand...
Click to collapse
Search....
http://forum.xda-developers.com/showthread.php?t=317107
excellent advise! thx
ADB100 said:
Search....
http://forum.xda-developers.com/showthread.php?t=317107
Click to expand...
Click to collapse
Sorry that I'm a lazy b...
Does anyone know of a software that Prevents unauthorized software installations.
If anyone knows of such a tool or can create one, please let me know. I'm running a BlackBerry OS
Thanks,
Joone
Try this
Been running this for about a month now......best part it's free!
https://www.mylookout.com/
Thanks for the quick reply dwgibson. I installed Lookout and tested it out by installing software and it prevent me from installing software. This really isn't what I'm looking for.
Thanks for you guys help in advance!
- Joone
If you feel your girlfriend is going to install spyware on your phone then I think you need to get a new girlfriend more then worry about what she might do to your phone. I hear were your coming from but I rarely leave my phone where others can gain access to it. As for the firewall program. I'll have to give it a look and see how much of a hog it is. It would be nice to have a program firewall on the phone.
Thanks for the quick reply Wil.
- Joone
Two options:
#1) Set the PIN lock on the device with <1 minute as timeout - Settings, Security.
#2) Set the Registry Policy on the device to prevent .CAB installation - Windows Mobile MSDN.
HTH,
Hi hilaireg,
Thanks for your reply. In response:
1) I mentioned in my original post that a device pin lock is not what I want to do as everytime I use my mobile very frequently as most people do and having to unlock my mobile everytime will be a problem
2) Setting the Registry Policy to prevent .CAB installation is not too bad of an idea. It will however prevent me from installing software. If I can't find the solution I'm looking for, passcode to access the software installation process, then I will have to settle for that option.
There's an app for the iphone that might work if their was a similar app for BB. The app is named Lockdown and it password protects apps that you choose to password protect. Password protecting apps may give me the privacy I need if I password protect the correct apps. However, I can't find an app similar to Lockdown available for BB.
If anyone knows of such an app please let me know. I'll continue looking.
- Joone
Hi ajmusic24,
You're describing functionality similar to Windows restricted accounts. AFAIK, there is no feature to "protect" specific funtionality ... other than via the policies.
If you aren't successful in finding a custom application to meet your needs, you could always create a couple of registry files which enable/disable the installation policy.
Cheers,
hilaireg,
I would prefer an app that can provide the option of password protecting the software installation process. What you bring up about creating a couple of registry files which enable/disable the installation policy might be a temporary fix. How would I go about doing this?
Thanks,
Joone
it might require a new app that would repace the existing cab process, something like "CabInstl". So when a cab file is launched the new app would process it. This new app then would check the registry to verify uid/psw before installing to default location or other location.
After enrolling my Lumia 920 to the corporate Exchange email, new MDM (mobile device management) policies are applied to my phone. It's OK but company administrator(s) set the unlock password (pin) expiration time too short. Every damn month I should choose and remember a new pin... And I can not use the old pins (or I don't know what is the time for "clearing" my old passwords).
Do you know/could you suggest any tricks/hacks to get around this situation? I want to reuse my old pins.
Hey Dude,
I don't think that you can do anything. And this is not the correct thread for such questions.
In the MS World the recommended value for reusing old passwords is 24 so after 2 years
(if 4 weeks was choosen) you can use the first one again.
Why do you think it's an incorrect forum? This forum is about "hacking", and I need a hack. It's definitely not a "Q&A" or "General" forums question...
Hmmm this WOULD fall under the Q&A because it is technically asking a how-to although it involves hacking. Typically the threads under the Development and Hacking are threads that start projects with the hopes of hacking instead of asking how to. With that said, I'll move that over there for now and if there is some development that comes out of this, it can be renamed and moved back to Development and Hacking.
If you have a registry editor, it's pretty easy to tweak those settings. Unfortunately, you're on a Lumia so right now that's not possible (we're working on it!)
The only other option I can think of right now is to try intercepting the communication between the phone and the corporate server. Exchange ActiveSync uses HTTPS, so any standard HTTPS proxy (like Fiddler or Burp Suite) should work. You may need to set the proxy to use a client certificate (if one was provided for your phone), and you definitely need to install the proxy's certificate on the phone (so the phone trusts it to spoof the corporate server). Anyhow, once you have interception set up, it should be pretty easy to modify the policy rules that get pushed down.
In either case, though, the changes will only last until the next time the phone checks its policy rules. I don't know how often that happens - it *might* even be only at initial enrollment, in which case if you un-enroll and then re-enroll you should be fine - but it could be a problem.
GoodDayToDie, thanks for reply. Could you remind me: is it possible to just read values from registry on the Lumia handsets? At least I want to know value of the DevicePasswordHistory settings (according to this article).
[UPDATE] I installed Fiddler's root certificate on the phone, and able to catch & decode https traffic; however there is nothing about provisioning xml in the content, account synchronization produces 3 https requests, first response is a short binary data, second contains an email body (or header) etc. , no xml at all. Looks like MDM policies are applied only on service discovery (I should google for that). Will try to remove this Exchange account and add it again. By the way, I'm not very familiar with the Fiddler: can I change https XML response on the fly?