Go Back   Android Forums > Android Phones > Motorola Droid

test: Reply
 
LinkBack Thread Tools
Old August 16th, 2010, 09:53 AM   #1 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

I was under the impression that droid 2.2 (FRG01B) was going to enforce "Enforce password on device" through Exchange Active Sync security policies.

Our policy on our exchange server forces mobile devices connecting to use a PIN for the device before it starts to sync emails. (Works perfectly on WinMo 5,6 and iPhone devices). You are prompted to set up a PIN.

I just received 2.2 OTA this morning and installed it. When adding my exchange account I am not forced to enable a PIN for the device.

Does anybody have this working on their Motorola Droid 2.2 yet?

I know that a newer build (FRG022) will be pushed OTA soon but from what I have read that build does not address Exchange issues.

Also - The remote wipe feature wasn't what I expected. It appears to just break the connection between the client and the server. Nothing is wiped. Any messages already synced to the phone stay on the phone.

Advertisements
JTSystems is offline  
Last edited by OMJ; August 16th, 2010 at 10:11 AM.
Reply With Quote
sponsored links
Old August 16th, 2010, 10:06 AM   #2 (permalink)
Member
 
Join Date: Aug 2010
Location: Abbotsford, WI
Posts: 312
 
Device(s): Samsung Galaxy Nexus XOOM Nook GoogleTV Nexus S 4G Acer Iconia Tab 100
Carrier: Not Provided

Thanks: 4
Thanked 35 Times in 32 Posts
Send a message via AIM to StrifeJester Send a message via Skype™ to StrifeJester StrifeJester
Default

They claim FRG22 is security related. This tidbit may be left out since VZW is email a lot of known corporate account holders to tell them there are 2 updates. I would wait until FRG22 hits the wild and see if that takes care of it. If not after that I would do some more digging, Currently we do not enforce PINs but it is something we are considering. I would be interested in seeing if FRG22 does contain this fix.
StrifeJester is offline  
Reply With Quote
Old August 16th, 2010, 10:10 AM   #3 (permalink)
Junior Member
 
Join Date: Jun 2010
Location: Ankeny, IA
Posts: 17
 
Device(s): Motorola Droid
Carrier: Not Provided

Thanks: 3
Thanked 3 Times in 3 Posts
Default

I am running into this same issue and we are unfortunately looking at another product as it seems that even with this update Google is only partially supporting Exchange ActiveSync protocols. I found this and it seems that password recovery policy when enabled interferes with the EAS policies. ( How do I use the new ActiveSync enterprise settings (remote wipe, PIN) when Mail app not updated? - Android Help )

Quote:
The password recovery policy is what was causing the holdup.

I had to create a custom policy for Android devices that didn't include this and everything worked as designed.

The next time I attempted to sync I had to confirm the Email app as functioning with a Device Administrator (which explains the odd Location & Security/Select Device Administrators button that nobody really knew what it did.). After allowing that, a PIN was enforced and a remote wipe was successful.

The only concern was that I was able to go in and remove Email as functioning with a Device Administrator. This prevented me from sending or receiving any new mail, but any already-synchronized email remained visible and readable.
Unfortunately I have not been able to test this myself as my manager will not allow me to disable this policy on our exchange server even with OTA 2.2. You might test this and see if it resolves your issue if your company policies will allow you to disable that policy in EAS. If you are able to test that I would be interested to hear about your results!

Otherwise we are currently looking into www.good.com as a security resolution for mobile security, however it would be really nice if Google would just fix the EAS issues that we all want so we can move our enterprise phones to android OS.

Hopefully this helps!
aioka is offline  
Reply With Quote
Old August 16th, 2010, 11:33 AM   #4 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

@StrifeJester - Thank you. I was unaware that FRG022 (the new build) had any security items in it. I will sit tight and wait for this update.

@aioka - Unless I am mistaken the password recovery policy is only available in Exchange 2007. We are running Exchange 2003 SP2.

I have also noticed that in my Mobile administration screen I see two entries for my Droid.
One entry states Droid with my device ID [Droidxxxxxxxxxxxx]. The other says "validate". Any idea what this validate is? Both have recent sync times.
JTSystems is offline  
Last edited by JTSystems; August 16th, 2010 at 02:55 PM.
Reply With Quote
Old August 17th, 2010, 11:55 AM   #5 (permalink)
New Member
 
Join Date: Aug 2010
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

It appears that as of today, 8-17, even with the 2.2 upgrade that the "Require Password" in Exchange 2010 still does not force Android to use a password, pin, or pattern.

Previous to the 2.2 upgrade only Pattern was available to lock your Android on the Motorola Droid but with the patch we are able to use a pin or password.

Still digging for answers...

EDIT: I am running Android 2.2, build FRG01B
JJMorgan is offline  
Last edited by JJMorgan; August 17th, 2010 at 12:10 PM.
Reply With Quote
Old August 17th, 2010, 12:03 PM   #6 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks. Its nice to know that its not because I am running Exchange 2003 SP2.

I am waiting for the FRG022 OTA update to see if that additional patch resolves the issue.
JTSystems is offline  
Reply With Quote
Old August 18th, 2010, 09:46 AM   #7 (permalink)
New Member
 
Join Date: Aug 2010
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Tested on a Droid X - Firmware 2.1-Update and the require password works as should with Exchange 2010.
JJMorgan is offline  
Reply With Quote
Old August 19th, 2010, 05:36 PM   #8 (permalink)
New Member
 
Join Date: Aug 2010
Posts: 2
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

I'm assuming that if you ever used/tested this before 2.2, you probably had to put in some exceptions in Exchange 2003 to allow access to devices that don't fully support password settings and to enable access to unsupported devices.

Did you try disabling those in ESM? I just tested this in my lab with my Droid/Exchange 2003 and it asked me to create a PIN upon syncing. One thing I had to do was restart IIS after removing those exceptions however.

Just something to double check...
im_corny is offline  
Reply With Quote
Old August 23rd, 2010, 02:20 PM   #9 (permalink)
New Member
 
Join Date: Aug 2010
Posts: 3
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

im_corny, you hit the nail on the head. I did have the check box to allow unprovisionable devices checked. This did not matter for the Droid X, the require password still took effect. When I unchecked the allow unprovisionable device it enforced the password policy.

Thanks for the tip.
JJMorgan is offline  
Reply With Quote
Old September 8th, 2010, 07:32 PM   #10 (permalink)
Member
 
Join Date: Mar 2010
Location: Gilbert, AZ
Posts: 203
 
Device(s): Samsung Galaxy Nexus Toshiba Thrive
Carrier: Not Provided

Thanks: 7
Thanked 31 Times in 19 Posts
Default

The DroidX wasn't an "unprovisionable device" and that is why it worked from the start. It natively supported the Exchange policies where the Droid had to be upgraded to support them. I just wish Motorola had implemented them uniformly. I am told the X can use a pattern lock with Exchange where the Droid cannot.
__________________
No trees were destroyed in the sending of this message, however, a significant number of electrons were terribly inconvenienced.
markdmac is offline  
Reply With Quote
sponsored links
Old September 9th, 2010, 12:04 PM   #11 (permalink)
New Member
 
Join Date: Sep 2010
Posts: 1
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

This FYI may be useful for someone

I'm on Exchange 2010. 2 weeks ago I upgrade to 2.2 from 2.1 on a Droid Incredible where character password was being enforced. Upgrading to 2.2 manually because OTA was available yet per this instructions How to manually install Froyo on your Droid Incredible – Android and Me and afterwards there was no enforcement of mail security at all.

Deleting and readding the account made no difference. I did a remote wipe which did resolve the problem. Deleted the phone from owa and readded it on my device which did resolve the problem.
baron112 is offline  
Reply With Quote
Old September 9th, 2010, 02:00 PM   #12 (permalink)
New Member
 
Join Date: Sep 2010
Posts: 1
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

forgive me as there is more technical speak here than i can relate to. but i have an orginal Droid and am being asked to "Update security settings" which is then telling me to "Activate decive administrator" which says it will Erase All data. Motorala has told me that this will erase all my apps. In simple terms can someone help me with what i should. BTW this happened after my Droid receive the new update a week ago. Corporate email was working jsut fine prior to the update.
MKE Badger is offline  
Reply With Quote
Old September 9th, 2010, 04:37 PM   #13 (permalink)
Junior Member
 
Join Date: Jun 2010
Location: Ankeny, IA
Posts: 17
 
Device(s): Motorola Droid
Carrier: Not Provided

Thanks: 3
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by MKE Badger View Post
forgive me as there is more technical speak here than i can relate to. but i have an orginal Droid and am being asked to "Update security settings" which is then telling me to "Activate decive administrator" which says it will Erase All data. Motorala has told me that this will erase all my apps. In simple terms can someone help me with what i should. BTW this happened after my Droid receive the new update a week ago. Corporate email was working jsut fine prior to the update.
This is from the new FRG22D update to your phone. Motorola is correct to a point. It CAN erase all your data and apps off the phone if its told to. When you setup the exchange work email on your phone it has to enable security protocals your work IT admins have in place to protect company data. AndroidOS on the Droid 1 before 2.2 FRG22D did not know how to handle these security functions so it completely ignored them and allowed your phone to sync anyways. The "Erase All Data" is used by IT admins (a.k.a "Activate decive administrator") in the case that your phone is lost, stolen or you leave the company without removing your account, they can then remotely wipe your phone so company data is not compromised. You shouldnt have to worry about it erasing your apps or information as long as none of those happen or you dont piss off your IT admin

I hope that helps, if not let us know and we can try to help again!
aioka is offline  
Reply With Quote
Old September 9th, 2010, 05:04 PM   #14 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

i'm-corny - Do you have the original Motorola Droid? Not DroidX, not Droid Incredible.

My thoughts are that this problem is specific to the original Motorola Droid using Exchange 2003.
JTSystems is offline  
Reply With Quote
Old September 9th, 2010, 05:05 PM   #15 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by MKE Badger View Post
forgive me as there is more technical speak here than i can relate to. but i have an orginal Droid and am being asked to "Update security settings" which is then telling me to "Activate decive administrator" which says it will Erase All data. Motorala has told me that this will erase all my apps. In simple terms can someone help me with what i should. BTW this happened after my Droid receive the new update a week ago. Corporate email was working jsut fine prior to the update.
MKE Badger - Are you running your original DROID with Exchange 2003?
JTSystems is offline  
Reply With Quote
Old September 9th, 2010, 05:23 PM   #16 (permalink)
Member
 
Join Date: Mar 2010
Location: Gilbert, AZ
Posts: 203
 
Device(s): Samsung Galaxy Nexus Toshiba Thrive
Carrier: Not Provided

Thanks: 7
Thanked 31 Times in 19 Posts
Default Original Droid

JTSystems- not sure who you were replying to, but I am using the original Droid with Android 2.2 non-root from Verizon. My corp email is Exchange 2007 with password pin policy enabled. Company requires some form of password being mandatory but is OK with the use of pattern lock if we can get it to work. Droid Incredible user on our network is able to use pattern lock without issue.
markdmac is offline  
Reply With Quote
Old September 9th, 2010, 05:45 PM   #17 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by markdmac View Post
JTSystems- not sure who you were replying to, but I am using the original Droid with Android 2.2 non-root from Verizon. My corp email is Exchange 2007 with password pin policy enabled. Company requires some form of password being mandatory but is OK with the use of pattern lock if we can get it to work. Droid Incredible user on our network is able to use pattern lock without issue.

markdmac -I have Exchange 2003. I'm starting to think this issue pops up when you have this combination (Original Droid using Exchange 2003)
JTSystems is offline  
Reply With Quote
Old September 10th, 2010, 01:19 AM   #18 (permalink)
Member
 
Join Date: Mar 2010
Location: Gilbert, AZ
Posts: 203
 
Device(s): Samsung Galaxy Nexus Toshiba Thrive
Carrier: Not Provided

Thanks: 7
Thanked 31 Times in 19 Posts
Default

The issue (no access to pattern lock) happens when an Exchange policy is applied. Doesn't really matter if it is an Exchange 2003 or 2007 server. The issue is that the policy requires a password pin and the Droid SHOULD be smart enough to let you use a pattern for that as it could potentially have even more complexity to it than a pin.
markdmac is offline  
Reply With Quote
Old September 10th, 2010, 10:48 AM   #19 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by markdmac View Post
The issue (no access to pattern lock) happens when an Exchange policy is applied. Doesn't really matter if it is an Exchange 2003 or 2007 server. The issue is that the policy requires a password pin and the Droid SHOULD be smart enough to let you use a pattern for that as it could potentially have even more complexity to it than a pin.
I understand that. The issue here is that on my original Droid (not incredible, not X, Not 2, not Eris) is that I do NOT receive the password/security prompt. I am not receiving the security policies that are enforced by my exchange server.

I believe there is still a problem with the native mail client for this configuration (Original Droid using Exchange 2003).

I found a email client in the market that enhances the native client. It is called "Improved Email". Using this client when I connect to my exchange mail I am prompted for the security policy (which is what it should do). For some reason it does not do this with the native client (for my original Droid and Exchange 2003 configuration).

I'm sure if I had a Droid X or Incredible I would receive the security policies using the native mail client. Or if I had Exchange 2007 or Exchange 2010 this would not be a problem but that is not my setup.

Does anybody here have the original droid using Exchange 2003 that actually is having the security policies enforced?

(I know about touchdown and that is not an option)
JTSystems is offline  
Reply With Quote
Old September 10th, 2010, 08:47 PM   #20 (permalink)
Junior Member
 
Join Date: May 2010
Posts: 15
 
Device(s):
Carrier: Not Provided

Thanks: 2
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by JTSystems View Post

Does anybody here have the original droid using Exchange 2003 that actually is having the security policies enforced?
Yes. We have Exchange 2003. When I got the FRG22D update on my Droid, it immediately had me set a pin to get into my corporate email.
gtshouse is offline  
Reply With Quote
sponsored links
Old September 12th, 2010, 11:02 AM   #21 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by gtshouse View Post
Yes. We have Exchange 2003. When I got the FRG22D update on my Droid, it immediately had me set a pin to get into my corporate email.
Are you using the native client on the droid? Would you be willing to share what your security policy settings are so i can compare with mine?

The native client Force Closes on me during email setup for an Exchange account since FRG22D
JTSystems is offline  
Reply With Quote
Old September 12th, 2010, 01:17 PM   #22 (permalink)
Member
 
Join Date: Jul 2010
Location: Utah
Posts: 115
 
Device(s): Motorola Droid
Carrier: Not Provided

Thanks: 25
Thanked 11 Times in 10 Posts
Default

Quote:
Originally Posted by JTSystems View Post
The native client Force Closes on me during email setup for an Exchange account since FRG22D
if you haven't already tried this, do a factory reset. Then setup the Exchange mail.
gndmepyon is offline  
Reply With Quote
Old September 13th, 2010, 01:09 PM   #23 (permalink)
New Member
Thread Author (OP)
 
Join Date: Aug 2010
Posts: 10
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by gndmepyon View Post
if you haven't already tried this, do a factory reset. Then setup the Exchange mail.
Same issue after the hard factory reset. The native client force closes upon setting up Exchange email.
JTSystems is offline  
Last edited by JTSystems; September 13th, 2010 at 04:34 PM.
Reply With Quote
Old September 14th, 2010, 12:27 AM   #24 (permalink)
New Member
 
Join Date: Aug 2010
Posts: 2
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by JTSystems View Post
i'm-corny - Do you have the original Motorola Droid? Not DroidX, not Droid Incredible.

My thoughts are that this problem is specific to the original Motorola Droid using Exchange 2003.
JTSystems: I have the original droid, non rooted. Exchange 2003 SP2. I think our setup is probably very similar. Is this a problem only on your phone or on all droids within your organization? I'm pretty sure my coworker tried this on his phone and it worked fine as well. everyone here uses touchdown however.

Exchange mobile services config:
Everything checked except "enable unsupported devices"

Device Security settings:
Enforce password on device
Minimum password length
Wipe device after failed attempts
im_corny is offline  
Reply With Quote
Reply

Motorola Droid
Current Rating:
Rate this Phone:

The Motorola Droid - the first ever Verizon Android Phone - exploded onto the mobile market with an incredibly successful ad campaign that brough Android to the masses. With a huge and vibrant touchscreen, solid metal body, full QWERTY keyboard, 5M... Read More



Go Back   Android Forums > Android Phones > Motorola Droid
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 06:34 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.