Problems with MS Exchange Security post 2.2Support


Last Updated:

  1. mikeinatl

    mikeinatl Active Member This Topic's Starter

    Joined:
    Jul 2, 2010
    Messages:
    27
    Likes Received:
    8
    Phone seems to work fine post 2.2, with the exception of MS Exchange. When I first activated my corporate Exchange account, I checked the box to require Encrypted Secure SSL connection, and the phone forced me to set up a password for my phone.

    After updating to 2.2 (the .6 OTA), I'm still getting email although the password lock is no longer enforced. I checked, and my Exchange settings haven't changed, so not sure why this has happened. I've alerted our security group and they've also seen the same issue (some of them have EVO's).

    Has anyone else experienced this, and are you aware of a potential fix?

    Thanks!!
     

    Advertisement
  2. ca92807

    ca92807 Member

    Joined:
    Jun 14, 2010
    Messages:
    7
    Likes Received:
    1
    I've got the same issue - no enforced password policy with EX 2K7 after the update. I wonder if remote wipe got broken too? I don't really want to try it out on my phone - again.
     
  3. marctronixx

    marctronixx Moderator Moderator

    Joined:
    Oct 12, 2009
    Messages:
    5,699
    Likes Received:
    3,503
    just so IM clear,
    you are not getting the lock time out screen after X minutes of no activity or are you referring to something else?

    did you have to re-enter your exchange info after the 2.2 update?

    im on exchange 2003 SP2 and i use lock picker to arrest the time out after X activity setting. ill turn it off and see if the lock is re enabled..
     
  4. mikeinatl

    mikeinatl Active Member This Topic's Starter

    Joined:
    Jul 2, 2010
    Messages:
    27
    Likes Received:
    8
    I usually don't wait for the time out screen (want to conserve battery), so I usually push the power button to put the phone in sleep mode. When I push the power button to bring the phone back up and swipe to unlock the screen, the password screen is bypassed and it goes directly to the home page menu.

    I don't use an app or any tool to bypass our normal security requirements.
     
  5. marctronixx

    marctronixx Moderator Moderator

    Joined:
    Oct 12, 2009
    Messages:
    5,699
    Likes Received:
    3,503
    what i was referring to is if you leave the phone unattended, after x minutes of use the lock would engage. this is how i have it set up on my TP2 and thats how i had it on the hero.

    now with the EVO about a day or two after i picked it up i found the app that overrides the exchange lock policy and have used it ever since.

    so you are saying before the 2.2 you could turn off the screen and if you turned it back on within seconds the exchange lock screen would pop up requiring you to have to enter the code each time?
     
  6. mikeinatl

    mikeinatl Active Member This Topic's Starter

    Joined:
    Jul 2, 2010
    Messages:
    27
    Likes Received:
    8
    You are correct - prior to Froyo, any time I turned the phone on (from a power off or from sleep), the password screen was required. Even though the settings are unchanged, the password screen does not appear (even after I power off), yet I am still synching with email. That means the phone is not in compliance with security policies (enforced password), while it was previously.
     
  7. ca92807

    ca92807 Member

    Joined:
    Jun 14, 2010
    Messages:
    7
    Likes Received:
    1
    That is exactly what I was experiencing. I removed the ActiveSync client, deleted the calendar storage and then reinstalled ActiveSync. It didn't complete the Autodiscovery fully, but was close. After the reinstall, I was informed that a security policy would be enforced, and I have the choice of a numeric or alphanumeric P/W. The phone no longer goes into P/W protect as soon as the screen is blanked with the power button, but does lock after the period times out. It does not use the policy's time-out value like before.

    For those concerned with enforcing their company's security policy, the 2.2 update disappoints. One solution is to remove the EVO mobile device partnership in Exchange, forcing a client reinstall.
     
  8. Pre-to-Evo

    Pre-to-Evo Member

    Joined:
    Jun 10, 2010
    Messages:
    8
    Likes Received:
    2
    Before Froyo, the screen would lock whenever the screen shut off. You would then have to enter a passcode to unlock (or use Lockpicker to totally avoid).

    After Froyo, there is an option to set the passcode time out up to 15 minutes (our IT policy actually allows an hour, and that would be nicer). What this means is that if your screen turns off and you turn it back on within 15 minutes, it will not require a passcode. Go longer than 15 minutes, a passcode will be required.

    Our IT Securtiy Policy had to be applied.
     
  9. mikeinatl

    mikeinatl Active Member This Topic's Starter

    Joined:
    Jul 2, 2010
    Messages:
    27
    Likes Received:
    8
    Wanted to give an update. I worked with our IT to resolve the issue. I deleted my Exchange account and then set it up again. At that point, it enforced security policies and required me to set a password. The new password screen is a bit different than the first one.

    Also, I wanted to respond to ca92807 and Pre-to-Evo. There are two settings that impact when you have to use the password screen (and why it may behave differently after the update):

    The first is Security. Menu -> Settings -> Security -> Lock Phone After. This can be set anywhere from Immediate up to 15 minutes.

    The other is Screen Timeout. Menu -> Settings -> Display -> Screen Timeout. This can be set anywhere from 15 seconds to whatever your Exchange security policy is. Ours is 15 minutes. But I've always had my display time out at 2 minutes because I was concerned about battery consumption.

    I think the most important one is security. If you power down your phone (or the display times out) before the security lock, I don't believe the password screen will be required. That seems different than before the upgrade.

    There was obviously a bit of a bug/disconnect in the software update process. But I believe this was caused by the phone switching from HTC Sense exchange support that came with 2.1 to native Froyo 2.2 exchange support. It would have been a much larger issue if more of our employees were using EVO's.

    Thanks for all of your comments/suggestions.
     
  10. zolom

    zolom Member

    Joined:
    Aug 24, 2010
    Messages:
    7
    Likes Received:
    0
    is there a way to increase the lock period above 15 minutes?
     

Share This Page

Loading...