Hi all,
I have a problem with my new Nexus 6P and the exchange server in combination with my screenlock.
Whenever i set up the exchange mail account, i have to set up a pin or password to unlock my phone. When i want to change back the pin / password to a pattern, i cant and it says: "disabled by administrator encryption policy or credential storage"
Normally the reply on this post would be, your company has set up these minimum requirements for security purposes and you cant put up the mail/agenda unless you accept the terms of the company.
The weird thing is, my company doesn't`t require any security measures at all. If you want to swipe to unlock, you can (well, other people can ).
Does anyone have a solution for this problem?
If you need more background / tell info, let me know!
Thanks in advance,
Arjan
anyone?
Exchange must be requiring that or it wouldn't force it on you.
You could always use a 3rd party exchange mail client if it bothers you about it restricting your lock options. I use touchdown (contains exchange in one sandbox) my phone is still mine if the admins wipe the phone it just wipes touchdown.
Don't have to use touchdown but it's just an example.
Normally you would say that exchange forces the security, but i went by the IT-department and they have shown me that all restrictions are off.
A third party app is a possibility, but i'd rather use the app i have to combine multiple email-accounts and agenda's.
I still haven't found a solution for the problem. I really don't get why my phone restricts my screenlock options, when the IT-department has deleted all restrictions.
Related
So, I decided when I first got the phone, to have a 4-digit PIN to unlock the phone, but only if done after a long time. I think it was like 24 hours. I can't remember exactly, but that is irrelevant. So anyway, my friend has a Touch Diamond, and we scored a Microsoft internship together. So, a whole bunch of emails started arriving via Exchange and we wanted to sync our phones to it as well.
Now, he DIDN'T set a password earlier, so he couldn't login when the phone asked him for it, resulting in a complete reset!! He was devastated, but luckily, Outlook had stored all his contacts/tasks etc for him on the server, so he was still fine.
My problem is, I am able to login using my original PIN, but now I have to do it, every 15 mins, which the maximum I am allowed to go. (In Settings > Personal > Lock, the 'Prompt if device unused for...' checkbox is disabled.) I realise this is probably some security feature, but is there a way around this? Or will I have to give up sync priveleges to go back to the old days?
Help!
this is a security feature of exchange, not your phone.
if you don't enter the password you'll find that your phone still receives calls etc. I had this and it was very annoying, until I told our infrastructure manager to relax security permission on our exchange server for my device
check out this website... toward the end of the page is a link to an app that will allow you change the behavior of the "exchange lock" feature. now i use Exchange for push and after i'm setup, i use the app to disable the lock/password feature. my exchange service provider doesn't force me to re-enable this feature; however, your provider may be different. read the info and then decide if this is something you want to try...
I would like to stop putting in a password every time the phone restarts, or isn't used for more than 10 minutes or so. It's a result of my exchange account at work.
I noticed people had found solutions for other phones, but how would we accomplish this for our Fascinates?
I run an exchange server, and as long as there is not a policy with a timeout, it will never ask you for your password, even after reboot.
After all, your phone itself should be passworded already.
With a timeout policy in place, I don't see a means of subverting it without removing the policy
Sent from my SCH-I500
This sucks. I can either have work email on my phone, and be the go to guy if something goes wrong, and have to enter a password every 20 minutes, OR, not.
hrmmmm
thanks for the info
The lockout requirement is dictated by policies on your Exchange server. You cannot override them, at least not easily, and I would not recommend doing so, as there's a reason those policies exist. If you want an alternative solution, buy the Touchdown email application. The security PIN will then be enforced when opening that app, as opposed to unlocking the phone itself. It is also far superior to any stock Android email app in both features and compatibility.
Posted from my EB01 SuperClean Fascinate with Voodoo
My company upgraded their exchange server, and now requires lock screens (PIN or password, no pattern) if we want to access email on our personal phones.
As someone with a rooted phone, is there any way to disable this and still have access to my corporate email? It's really annoying to have to punch in a PIN 500 times a day, but I really do need email access on my phone as much as I'm on the road.
I think this has been discussed before, but maybe on a different phone (HeroC maybe) But essentially no there isn't away - to access the server the phone goes through a series of checks, one of the checks being that an appropraite pin was entered to unlock the phone. if that check fails, authentication to the server is denied. Someone *might* be able to spoof the check in the email app, but I am fairly sure its actually OS deep, not just within the mail client.
So it would be a large undertaking and potentially could cause you to loose your job by by passing security measures. I know I wouldn't think twice about firing someone who did it on my network.
No way that I know of, and is something that is on pretty much everyphone. Blackberrys the security policies can even block installation of 3rd party applications.
What's even more fun for you, is the ability of your it staff to lock you out of your phone or even remotely wipe your phone.
Sent from my SPH-D700 using XDA Premium App
Restola said:
My company upgraded their exchange server, and now requires lock screens (PIN or password, no pattern) if we want to access email on our personal phones.
As someone with a rooted phone, is there any way to disable this and still have access to my corporate email? It's really annoying to have to punch in a PIN 500 times a day, but I really do need email access on my phone as much as I'm on the road.
Click to expand...
Click to collapse
I think you are stuck. Do you have the option of getting a company-supplied phone to access the company email, and keep your personal Android separate?
There is a thread in Q&A talking about an app that does this.
Do you BONSAI?
Actually there is a way I had to do it to my coworkers phone for her pattern lock
What u need: locked phone phones #, wifi or u can use wifi tether if u have another phone
1. Call the persons phone #
2. Leave phone call connected on both sides
3. Connect to wifi if u havnt already
4. Goto settings/accounts manager setting or what ever and log into a diff google account then it should require u to change the password to by pass it
Should work hopefully I read this thread correctly and answered appropietly
Edit sorry read it wrong and u don't think there is a way
My way is how u get around it
Sent from my Epic 4.1g bonsai plant
Here's the link to the thread that may help:
http://forum.xda-developers.com/showthread.php?t=1033017
I thought it was just being big brother, turns out its a regulatory requirement since we were bought by a publicly traded company. I guess I'll deal with it. If it pisses me off too much I'll just get rid of my exchange account on my phone and stop responding to emails when I'm not at my desk.
A possible workaround would be to try touhdwn for your exchange mail instead of the default mail client. Its a paid app but there should be a demo version in the market. I have a dp2 for work and they pay for touchdown for us. When using touhdown it pin locks just the app instead of whole phone. On my Droid at least moto customized the screen timeout and lock to be different timers so I found the pin to be less annoying than the interface of touchdown.
With the epics slightly bigger screen to make the TD interface a litte less annoying(lots of small buttons instead of utilizing menu button) and since epics lock is all or nothing I think I might actually use TD on my epic if I were getting my corp email there.
While not a complete removal of the pin maybe it would at least make it less annoying for you. Plus I'd guess if work catches you wihout a pin it might not go over well. TD solution lets you protect the email if you lose your phone, and does have a remote wipe for the same scenario.
I tried to set up an account to my Exchange email at work using the default email app on my TF101. When I set up an account it requires that I enable all of these security settings on the tab like having a PIN and encrypting data. I don't want to do all of that. I realize that this is something set up by my Exchange administrator but I am not sure they even did it knowingly and anyway I don't want to have to deal with it to check email.
Does anyone know how to bypass this? Searches of these forums and the web show that there are some modded email apks for other platforms that let you bypass the security settings. I have not seen any such mods for ICS on the TF101.
Thanks in advance for your help.
Hello,
I do not believe the stock email is able to handle the security settings from an exchange server. You need to look at other programs like Moxier Mail or TouchDown.
+1 for touch down. Works great but it is $20
Enhanced email is another option. I got it from free app of the day by Amazon. At first, it did not work on android 3.0+, but it works fine now. It gives you the option to ignore security policies.
Alternatively, if you decompile the email.apk, I believe you can force a variable so that the email app always tells the exchange server you have sufficient security enabled (I'm not exactly sure where must be changed).
tonyz3 said:
+1 for touch down. Works great but it is $20
Click to expand...
Click to collapse
I couldn't agree more. Do the trial first to see if you like it. I don't recommend bypassing the security. You can unknowingly pass a virus through your corporate exchange. Hopefully, one day, they will resolve this issue in the Android exchange client.
tonyz3 said:
+1 for touch down. Works great but it is $20
Click to expand...
Click to collapse
+1... Touchdown. Forget any other Exchange apps.
+1 for Enhanced Email - optionally bypasses the admin security settings - works fine on Honeycomb and ICS too.
Exchange Admin
Hello,
When setting up exchange servers in the past, the default exchange policy is to have those features enabled. Even if those are DISABLED, the tablet will still ask to create the partnership. I believe this is so it can be wiped remotely. It seems ICS just tells you it is going to do all of those things as a generic warning. I have noticed this is only on ICS though. If you click ok, it shouldn't ask you to create a PIN or anything if it isn't actually required. We currently only have exchange 2010 in production in a test environment, so I have yet to look for the setting to disable this feature entirely. Hope this helps you understand how it works at least a little.
I work for a medical practice. We need to keep strict EAS policies such as force PIN or password, force Encryption, allow remote wipe, timeouts, etc. No exceptions if you want to have corporate e-mail on your mobile... and I simply can't live without it.
Anyways... I'm here to talk about biometrics. I think on Exchange 2013 they just patched in the ability to allow BM separately... but what about the rest of us who will be on 2010 for a good while longer? The iPhone totally has us beat in this category. We did some testing yesterday... and the iPhone 5S is actually "smart" enough to just push your set PIN into the phone on unlock and allows the continued use of BM. With my GS5, since BM is a completely different (unlinked) feature, it is greyed out. No BM for me. :crying:
I'm just curious if anyone else has dug into this? I have been taking a lot of flak from all my IT cohorts that I still need to use a PIN.
sipple31 said:
I work for a medical practice. We need to keep strict EAS policies such as force PIN or password, force Encryption, allow remote wipe, timeouts, etc. No exceptions if you want to have corporate e-mail on your mobile... and I simply can't live without it.
Anyways... I'm here to talk about biometrics. I think on Exchange 2013 they just patched in the ability to allow BM separately... but what about the rest of us who will be on 2010 for a good while longer? The iPhone totally has us beat in this category. We did some testing yesterday... and the iPhone 5S is actually "smart" enough to just push your set PIN into the phone on unlock and allows the continued use of BM. With my GS5, since BM is a completely different (unlinked) feature, it is greyed out. No BM for me. :crying:
I'm just curious if anyone else has dug into this? I have been taking a lot of flak from all my IT cohorts that I still need to use a PIN.
Click to expand...
Click to collapse
If you want to use the Finger Print reader to unlock on your phone and a pin just for your email, you can use email apps like Touchdown instead of the default email application. So the only time you would have to enter a pin is when you open touchdown app, not to unlock your phone.