I followed my company IT's instruction, download the OTA setup, and input my mail address and PIN. After restart goodlink downloaded IT policy. Then the policy force me to add an lock password, but every time goodlink locked my PDA it will nevery let me use it........
I clicked "unlock" input my password, it shows my desktop, but the task bar will be never unlocked, so I can not load any application any more. And if I start an application from desktop it will can not be closed becaused "x" button can not be clicked even I use the hard button on the phone.
Any solution for this issue?
Thanks
Does goodlink offer lockdown policies from the server side? We used it at my work but just for email and IT didn't lock it down.
I would guess that they have a mechanism for preventing users toying with the phone once it's installed and is managed by your IT group.
Policy
We use goodlink where I work and we have no problems but we don't use the goodlink "policies". Some work places like to lock down phones once they contain corporate emails - even if it is your personal phone. Have your IT admin look at the policies they are assigning to your goodlink account and remove them if possible (if your work security policy allows it).
Related
Friends,
How can I remove the security password at boot-up? When I sync'd exchange to my device, it asked me for the password to protect my device.
I want to use a third party app and not the crappy M$ password feature.
Is this possible to remove?
Please advise!
tvos
That M$ password is the 4 digit or the alphanumerical password you setup when you first turned on your device. You can disable it by going to Settings>Personal>Delete everything in every field and uncheck "Prompt if device unused for" and you're good
Kraize
true and I understand that... what if you have a outlook exchange profile that forces the password.. can you still turn it off after the sync with exchange?
tvos
I remember seeing a reghack to fix this.
The policy only used to refresh itself if you soft restarted the phone, or turned Direct Push off
I'll see if i can find the thread again
thanx...
i understand security is part of the protection but it's annoying...
I think if the security at startup could be configured gui based and have different ways for logging in, it would make the experience tolerable.
tvos
Ok--who wants a challenge?
I have corporate email that I am configuring active sync to automatically push to my Tilt. Everything works fine except my company has a policy that the phone must be locked with password protect. So now after it not being used for 1 hour I have to put in a password to gain access.
I checked in settings: lock: and the password check box is greyed so I can't change it. The max time the dropdown menu will go is 1 hour. So 2 part connection:
Is there a way to bypass this?
Is there a way to adjust to say 8 hours rather than 1?
volleykinginnc said:
Ok--who wants a challenge?
I have corporate email that I am configuring active sync to automatically push to my Tilt. Everything works fine except my company has a policy that the phone must be locked with password protect. So now after it not being used for 1 hour I have to put in a password to gain access.
I checked in settings: lock: and the password check box is greyed so I can't change it. The max time the dropdown menu will go is 1 hour. So 2 part connection:
Is there a way to bypass this?
Is there a way to adjust to say 8 hours rather than 1?
Click to expand...
Click to collapse
1. I don't know of a way to bypass this. There might be some sort of hack, but not one I know of.
2. If you Export your registry, then change the max time drop down and re-export your registry. Now diff the two files with a win diff program, such as WinMerge. The only difference should be the max time. See if you can hack in a bigger value.
Thanks
Dave
problem is that everytime you try to sync with your corporate email (which will be as items arrive if your talking about push), it will check the enforcement, if its not there it will prompt you that its going to enforce it again, just means that if your find a hack you will need to keep applying this hack unless you automate it....
That's what I thought...is there a hack to automatically apply the password. Where in the registry is the time...If I leave it named as "1 hour" but the actual time is say 10 hours...would that work?
there's a default sync policy thats set on the Exchange server. The only effective way to make this change is by editing that policy. There may also be legal ramifications for the company if the device is found to have been hacked to circumvent the autentication. Does the company need to adhere to Sarbanes/Oxley compliance?
grrrr....yes we are under Sarb Ox regs....I will have better luck winning the election than getting corp policy change...Any other software Ninjas that have an idea?
Where you're likely to end up is locked out once your IT department finds out your device is out of compliance.
Good point and I don't want that. Ok so I deleted off the server from active sync and soft reset but still have a grayed out password check box in the lock setting. Now that it's gone how do I go back to standard configuration? Please don't tell me hard reset.....
any software ninjas out there?
This may be a dumb way to go about it but maybe you should pose the issue to your IT department. I doubt that you are the only person who has email on his phone. Good luck.
ha ha...thank you captain obvious but IT will only support Crackberries at a VP level.
We have the same issue here at work. YOU HAVE TO SET A PASSWORD to your Tilt otherwise the email exch server wont let you ... .
Since you don't want to type it every single time:
<start> <settings> <lock>, set it to 12 hours and you should be fine.
If not, DELETE the outlook account (sure be NOT connected through active sync), soft reset the phone, set a password, soft reset again and re-establish the outlook account. Sync the first time "through the air" not USB, say YES to the security enforcement request and you should be fine.
As far as I know there's a new extension for enterprise mail server 2007 which can be enabled by your IT guys that it WILL ENFORCE password request on any connect - THAT you have to check with them.
since we are on the issue of password protection & exchange policies.
everytime I reboot my ppc tilt, I am prompted with the password to access the phone. I know this is for security purposes but it is annoying.
I use exchange on my tilt ppc for my phone that is through my own domain exchange account.
How can I disable password entry?
please advise.
tvos
I guess with xchg even with min. security settings there's no way to bypass the password after boot and sync with an xchg server. Simply use an easy PIN (4 numbers) and call it done. There are more annoying things in life for me...
i am sure there is a way, but just wondered if someone knew off hand as a quick post. i have a simple four digit password already....
tvos
volleykinginnc said:
ha ha...thank you captain obvious but IT will only support Crackberries at a VP level.
Click to expand...
Click to collapse
Then Tell Them I challenge them to an IT Technician Face off! Because if they are only supporting Crackberries, they are phonies!
Real IT People, like myself, Have all phones working IN harmony. Tilt, Crackberry, iPhones(shudder).
Using a registry editor (I use PHM), navigate to \hklm\security\policies\policies and look for the value name “00001023″. Change the data from ‘0′ to ‘1′
This will give you control back to set it how you please
Thank you thank you thank you thank you.....I was about 1 day away from a hard reset! Muuuuucho gracious that was sooooo irritating.
I'm on the other side of the fence here, being a PM who defined pin enforcement as a security requirement for implementation. I'm glad to see that there isn't a hack to get around this because we need this to prevent a SoX or FDA audit finding.
Inconvenient for the users, yes. But it has to balance against the companies IT security policy.
A possible workaround that we have shut down. Forward the mail you want to see on your device (high importance, specific senders, etc.) via outlook rules to a third party email (gMail, Hotmail, etc.) and then dload from there and kill your exchange sync all together.
my .02
there is a cab somewhere that is called "zenyee.com stay unlock" that is what I use. It seems to do the same as the registry hack posted above.
I had the same problem and it was really a headache until I found the file attached below. After installing it, go settings/lock and uncheck the "prompt if ..." box.
Hope it works for others
ok i'm sorry, but i have been all over the place and still cant make this work!
my work IT dept only allows remote email via the web. i can access using opera no problem but i'd like to sync/push/downloadupload/whateveritscalled into my outlook on the phone seamlessly. HOW DO I DO IT?!?!? i have tried and TRIED to set this up to no avail thru "new account" in the messaging and thru activesync. it cant be that hard since there are only 2 simple steps when i access it via opera.
#1) i go to the website:
www.sodexhomail.com (but when it loads, the full address is https://www.sodexhomail.com/owa/&reason=0)
#2) and i login with only 2 pieces of info:
domain\username: xx-xxxxxxx\myname
password: xxxxxxxx
please please PLEASE someone tell me how to set this up STEP BY STEP so i dont have to keep going thru opera!
thanks!
Ok this is not so hard. I configured it myself many times.
First you have to ask your IT Department whether they allow mail on your device. What if you lose your device, other people might have access to sensitive emails.
For pushmail to work you need an Active Directory user account and this account has to be mailbox-enabled. From the information you just supplied, you do have an AD account which is mailbox-enabled.
When you go to http://www.sodexhomail.com/owa you will see that you will be redirected to https://www.sodexhomail.com/owa Do you see the extra S behind HTTP ? THis means that you access your website securely. In your internet browser on your normal desktop or laptop computer you will see a little golden lock at the end of the address bar. When you click it, you have the option to see the security certificate and to export it to a file. Export this certificate to a file (just click next all the time and give it a descriptive name) and save it on your computer. Then connect your Diamond to your computer and transfer this certificate to your diamond. On your Diamond browse to this certificate and click it so it will be installed. For ActiveSync and Pushmail to work you must do this.
Ask your IT Departmend whether they have enabled your user account for active sync and pushmail. If not, you can't use pushmail. If they did, continue with the following steps on your diamond.
Ok, you've already installed the ssl security certificate on your diamond. Now open Active sync on your diamond and do the following.
1. Click MENU.
2. Click Configure Server
3. In the field Server address type: www.sodexhomail.com and enable SSL
4. click next
5. In the User name filed type your user name and password
6. In the domainfield, type sodexhomail.com and enable to remember your password.
7. Click next
8. Enable the items you want to sync, like contacts, calender, email and tasks
9. Select email and click configuration and select the option how far back active sync should go for syncing emails and select for the messages HTML.
10. Click advanced and enter your email address.
11. CLick Finish.
12. In the main Active Sync menu, click menu again and choose Schema
13. Select As items arrive and configure the times you want to receive pushmail. I entered 00:00 - 23:59 so 24h a day.
Now you should be done.
Good luck.
EDIT: If your company uses Microsoft Exchange 2007, maybe your administrators configured Outlook Anywhere. This means that you only have to install the ssl certificate and dont have to configure the above steps. On your diamond you simply go to Start - Messages and create a new account. Fill in your company mail adddress and password and on the next screen you will be asked if you want to configure your mail settings from the internet automatically. I configured this myself and works like a charm. But if your IT admins did not configure Outlook Anywhere, this won't work.
You an only do it if your company enables OMA (outlook mobile access).
OWA for access via a browser and OMA for push access via activesync are totally different.
dannyoneill said:
You an only do it if your company enables OMA (outlook mobile access).
OWA for access via a browser and OMA for push access via activesync are totally different.
Click to expand...
Click to collapse
His company uses Exchange 2007 and there is no more OMA in Exchange 2007.
MRE-net, you are awesome! thanks so much for the help, but i have good news and bad news.
i followed your instructs to the letter, but it does not work. whereas before i was getting a "check your settings/password" error or the like, i am now getting "Your account in Microsoft Exchange Server does not have permission to synchronize with your current settings. Contact your Exchange Server admin. support code: 0x85010004". before i even tried to sync, 2 things you said (as well as knowing how tight my company is with info) told me that it wouldnt work in the end:
MRE-net said:
First you have to ask your IT Department whether they allow mail on your device. What if you lose your device, other people might have access to sensitive emails.
Ask your IT Departmend whether they have enabled your user account for active sync and pushmail. If not, you can't use pushmail. If they did, continue with the following steps on your diamond.
Click to expand...
Click to collapse
so...good news, i'm acutally smart enough to follow instructions, thank you so much! and bad news is that the sync error tells me that my company doesnt support/allow it (right?), and i'm guessing theres no way around this without IT admin involvement.
thanks again.
spiffyjiff said:
MRE-net, you are awesome! thanks so much for the help, but i have good news and bad news.
i followed your instructs to the letter, but it does not work. whereas before i was getting a "check your settings/password" error or the like, i am now getting "Your account in Microsoft Exchange Server does not have permission to synchronize with your current settings. Contact your Exchange Server admin. support code: 0x85010004". before i even tried to sync, 2 things you said (as well as knowing how tight my company is with info) told me that it wouldnt work in the end:
so...good news, i'm acutally smart enough to follow instructions, thank you so much! and bad news is that the sync error tells me that my company doesnt support/allow it (right?), and i'm guessing theres no way around this without IT admin involvement.
thanks again.
Click to expand...
Click to collapse
You have to get them to enable active sync for your mailbox.
In the meantime solution
Had a similar problem so i requested IT to send duplicate emails to my live/hotmail account which they had no problem with. From hotmail its easy to sync to WM. You can also tell hotmail that when it sends emails it can do it on bahalf of [email protected].
[Then you can set a rule on hotmail to forward some emails back to your main work account - have not donr that though]
Hi
is thr any special explanation for each credentials on android?
Or any development to change credentials and etc... (without root requirement)
anyone know How to clear specific credentials that related to lock screen security ?!
Settings > Security > Device administrators (or similar).
schaggo said:
Settings > Security > Device administrators (or similar).
Click to expand...
Click to collapse
i knew the path of credentials
I wanna know how to work exactly with credentials
for example;
credential 1 >> is for A
credential 2 >> is for B
so if i clear "credential 2" B will change and ..............
I don't understand what your question is. Please try to explain a little more.
In case you ask what different "device administrators" do, that's up to the programmer of the app requesting the device administrator. My companys exchange server requests several rights, for example lock screen security, remote wipe ability etc. As long as this device administrator exists, I have to grant/do what it wants.
If there are several apps putting device administrators in place, you have to comply with ALL rules of ALL administrators. Example: if app A) wants pin or password and say another app B) only wants password, the tighter rule of app B) overrules app A).
Was that what you wanted to know?
schaggo said:
I don't understand what your question is. Please try to explain a little more.
In case you ask what different "device administrators" do, that's up to the programmer of the app requesting the device administrator. My companys exchange server requests several rights, for example lock screen security, remote wipe ability etc. As long as this device administrator exists, I have to grant/do what it wants.
If there are several apps putting device administrators in place, you have to comply with ALL rules of ALL administrators. Example: if app A) wants pin or password and say another app B) only wants password, the tighter rule of app B) overrules app A).
Was that what you wanted to know?
Click to expand...
Click to collapse
thanks for explanation
But i want to know about each record in credential of system.
it happened for me; tried to setup vpn connection and system asked me to set high level security on lock screen, So i set pattern.
then i missed swipe-mode of lock screen.
THEN i cleared all credentials and then another lockscreen options enabled, SO i had swipe then pattern to unlock my phone.
Again; i made vpn connection and swipe mode disabled.
Now i wanna know What are the credentials that disabled swipe mode?!
AW: Credentials
Obviously the VPN connection.
When the program sets up the device administrator, you get a list of all the things it enforces. Lockscreen security should be one of those.
As I said, its dependant on the app and the server or service you connect to, it is not predefined by the device or by Android but by the IT, network or service administration personnel.
Example: My schools exchange server 2010 enforces alsmost nothing (any lockscreen, screen timeout) where my works exchange server 2010 enforces almost everything (pin strength, remote wipe, timeout, ...).
schaggo said:
Obviously the VPN connection.
When the program sets up the device administrator, you get a list of all the things it enforces. Lockscreen security should be one of those.
As I said, its dependant on the app and the server or service you connect to, it is not predefined by the device or by Android but by the IT, network or service administration personnel.
Example: My schools exchange server 2010 enforces alsmost nothing (any lockscreen, screen timeout) where my works exchange server 2010 enforces almost everything (pin strength, remote wipe, timeout, ...).
Click to expand...
Click to collapse
so wht!? when i use this vpn servers on another phones, and don have problem!
so it might be something on xperia Z !?
AW: Credentials
Then the other phone doesnt honour the vpn's security requirements. So Sony is actually doing a better job than "the other" although its annoying from your perspective.
Exchange security is also annoying for me I prefer a simple swipe lockscreen while our IT dept thinks we need a complicated pin to unlock. Thus I patched Sonys email app and exchange implementation to not honour the security needs of the server.
After upgrading to Android 6 and doing a factory wipe on my Nexus 6 it now requires me to use pin or pass locks so that I can add my exchange email accounts. I never like this as I am always checking my phone so to keep entering a pin is a pain. If I go into Device Administrators I can disable email but it deleted the email accounts.
Is there anyway I can disable/remove the use of a pin to unlock the phone but still have my exchange email accounts? Why has this suddenly changed in Android 6, it wasn't a requirement when I was running Lollipop?
Turn on Smart Lock either with a bluetooth connection or a location.
I can't, smart lock is greyed out
Prototypeuk said:
After upgrading to Android 6 and doing a factory wipe on my Nexus 6 it now requires me to use pin or pass locks so that I can add my exchange email accounts. I never like this as I am always checking my phone so to keep entering a pin is a pain. If I go into Device Administrators I can disable email but it deleted the email accounts.
Is there anyway I can disable/remove the use of a pin to unlock the phone but still have my exchange email accounts? Why has this suddenly changed in Android 6, it wasn't a requirement when I was running Lollipop?
Click to expand...
Click to collapse
It is a requirement set by who ever runs your Exchange system, that is what I do for a living. Why you didn't see in on lollipop I can't answer, perhaps they just turned it on in Exchange. But that seems like a heck of a coincidence that they did it at the same time you upgraded. Maybe you set it up before they added the requirement and your phone didn't see the change until you wiped it and reset it up. That would surprise me to. Dunno.
What I do is I use the Nine email app for my Exchange account, it allows you to set the Exchange pin requirement to just that app. It is also much better on battery than using the Gmail app.
I run the mail server so I can tell you that I know for sure I didn't change anything on it. The mail server is Kerio Connect not Exchange by Microsoft. That's really odd if you say it is the server which sets that security policy because as I said until I upgraded I didn't have to use a pin
Prototypeuk said:
I run the mail server so I can tell you that I know for sure I didn't change anything on it. The mail server is Kerio Connect not Exchange by Microsoft. That's really odd if you say it is the server which sets that security policy because as I said until I upgraded I didn't have to use a pin
Click to expand...
Click to collapse
Check the settings for the ActiveSync policy in Kerio and see if it is turned on. I just tested my Exchange server with 6. If I turn it off in Exchange the phone does not require a pin/password. As soon as I turn it back on it requires one.
TonikJDK said:
Check the settings for the ActiveSync policy in Kerio and see if it is turned on. I just tested my Exchange server with 6. If I turn it off in Exchange the phone does not require a pin/password. As soon as I turn it back on it requires one.
Click to expand...
Click to collapse
I've checked the settings and there is nothing enabled. I tried installing Nine and it worked fine without a pin but my trial has now ended and I don't want to have to pay for an app that I didn't use to need
Set a simple pattern lock in Settings > Security. Then set the Automatically lock to 30 minutes and turn off Power button instantly locks. Go into Smartlock and add a trusted device, like bluetooth headset, smartwatch, or other bt device. And/or add one or more trusted places. If in a trusted place or using a trusted device, you won't have to unlock. Also, it won't lock for 30 minutes after you unlock it if you have had to. These steps have allowed me to almost never have to unlock with my pattern.