My notebook has the Windows firewall enabled per Group Policy. As local administrator I don't have access to the firewall settings (all are greyed out).
Does anybody know of a hack to disable the firewall or even better to allow exceptions even when the group policy doesn't allow it?
I need to disable the firewall to get my Qtek9100 to sync with Active Sync 4.1.
If it's a work pc, you could try asking your system administrator.
I did and they will consider this the request but this can take weeks or months for them to change it. I would like to sync and use my Qtek before that
Group policy over rides local policy. The only way to get around it is to remove it ( the PC) from the domain or have the Admin disable it in GP.
log into the machine as a local user, not a domain user..
Security gone
"Post Posted: Fri Dec 23, 2005 14:13
Reply with quote
log into the machine as a local user, not a domain user..
Security gone "
Not true if domain admin has set it to be applied in both "Domain Profile" and "Sandard Policy" in Active Directory....
But as a local admin you can stop the service even disable it, but then you won't have a firewall
Related
Hey Guys,
I just installed the newest DUtty Rom and linked it to my company exchange server. All of a sudden I get a message stating "Company Policy prohibits use of text messaging on this device" My company ensures my that they didnt turn this policy on. Can anyone tell me how to fix this.
most probably it has to do with your companys policy. i havent ever seen or heard about such an error on any wm5/6 device. or maybe its me...
They have disabled it. It is an optional security policy in Exchange 2007 with WM6.
There are several others as well;
Allow Removable Storage
Allow Camera
Allow Wi-Fi
Allow infared
Allow internet sharing from the device
Allow remote desktop from the device
Allow sync from desktop
Allow Bluetooth
--[Allow
--[Handsfree Only
--[Disable
Allow browser
Allow consumer mail
Allow unsigned applications
Allow unsigned installation packages
Plus the ability to Allow specific applications or block specific applications.
So I would deffinatly say they have maanged to disable.
Later, Lew
I've searched and googled the hell out of this and still haven't found and answer.
I use my Admin account to install programs and change settings. The limited account is where I do all my work. I can log onto my admin but I have none of the files I need.
When I try and log onto my limited account it says "local settings" prevent me from logging on. If I try and add my limited account it says this user is already allowed to log on. I cant change any "remote" options from the limited account. Where are these local settings that I'm supposed to change?
Remoting into a WinXP or Vista desktop must be done using an account authorized to do so. Admins are added to the Remote users group by default.
If you want to add your limited account to the auth users, first login to vista as an admin and add it.
To do this, go into control panel, and choose the System icon.
In there, goto remote access and add your limited account in as a remote user.
- you should be all set.
I have windows xp btw.... but I did all those steps. When I add my limited account to the "Users" it says "this user is already on the list"
Ok. Next question would be whether or not you have a password set on your user account. If not, set one.
edit - you sound like you know what you're doing and probably covered all the bases already, but if not, here's a pretty complete guide on getting it up and running: http://www.microsoft.com/windowsxp/using/networking/expert/northrup_03may16.mspx
password....... check
edit:
thats the exact page I used to setup my remote desktop.
Let me first apologize if this is a question which has been discussed at length in another area.
My company currently uses blackberrys with an enterprise exchange e-mail system (i suppose that is called BES with blackberrys, no?). Anyway, on my old blackberry, all I had to do was put in my corporate e-mail and an enterprise activation password. From there the setup would do the rest. Is there any way to get my new MyTouch phone to get hooked into the system the same way my blackberry was? Cost is irrelevant, I just want to find a solution.
I have looked at software options (i.e. touchdown, and the work email program) with no luck.
Thanks for any help the community could offer!
-Ryan
Sorry I got no answer, but this is ment to be posted in the general discussion:
http://forum.xda-developers.com/forumdisplay.php?f=492
Reported
BES servers users BES accounts and they link are like this:
Blackberry <-> BES <-> Exchange
In Android, iPhone or Windows Mobile, you need your NT IAccount credentials as you communicate directly throw your phone to the Exchange server, like this:
Device <-> Exchange
So, probably what you need is:
-Name of the server (sometimes is the OWA(Outlook Web Access) address)
-Credentials (Sometimes is needed to have in your NT Account credentials for that, in the company I'm, we call it Active Sync Access).
-Username, Network login (NT ID)
-Domain
-Password
And... yeahhh this is general!!!
ral34c said:
Let me first apologize if this is a question which has been discussed at length in another area.
My company currently uses blackberrys with an enterprise exchange e-mail system (i suppose that is called BES with blackberrys, no?). Anyway, on my old blackberry, all I had to do was put in my corporate e-mail and an enterprise activation password. From there the setup would do the rest. Is there any way to get my new MyTouch phone to get hooked into the system the same way my blackberry was? Cost is irrelevant, I just want to find a solution.
I have looked at software options (i.e. touchdown, and the work email program) with no luck.
Thanks for any help the community could offer!
-Ryan
Click to expand...
Click to collapse
Interesting.. so I believe I have everything outside the credentials part. If I have my old blackberry and my work laptop, can I obtain all the information to set up the MyTouch? If so, do you know how?
Thanks a bunch!
-Ryan
Ryan, what I tried to explain to you is that the BES (Blackberry Enterprise Server) account, you can only use to your Blackberry. Any of the information there, except the e-mail address you'll use to configure your exchange account in an Android phone.
There's also other issue, not all exchange accounts will be working with the normal exchange e-mail feature on the Android, the to the security policies of some companies.
I can help you configure that, no prob man.. This is the list of things that you need to ask your IT department on your company:
- Username
- Password (will be the same as your e-mail)
- Domain
- Server address (in some cases are the same as the webmail address (OWA - Outlook Web Access).
P.S.: Ask them if this access force security features on your phone. If it does, Android phones haven't passwords to unlock and won't match the requirements for having this feature on your phone. You'll need to download a program for that (I don't remember what was that, but in the general section, you'll find as other person indicated me).
And you'll be set...
My best regards,
R
you need to also make sure that on your exchange account, they have Microsoft Activesync enabled on your account in order to allow mobile devices other than blackberry's can access corporate emails. you need to ask your admin on this part.
djchiena said:
you need to also make sure that on your exchange account, they have Microsoft Activesync enabled on your account in order to allow mobile devices other than blackberry's can access corporate emails. you need to ask your admin on this part.
Click to expand...
Click to collapse
It was already mentioned before
Hello,
first time Android user here. I know people in my company that use Android phones and I was told that anything over 2.1 would work for our exchange. When I try to set up the account, it tells me that the server requires security features the phone doesn't have. No one at my IT department, TMO support, Samsung Support, or anyone else could get it working. I know it has something to do with the password protection and remote wipe security that my companies exchange server requires. Can someone help me or will i have to go back to the blackberry ? I don't want to go back to that berry.
Try installing K9 and see if it works with your company's exchange system.
bsage said:
Hello,
first time Android user here. I know people in my company that use Android phones and I was told that anything over 2.1 would work for our exchange. When I try to set up the account, it tells me that the server requires security features the phone doesn't have. No one at my IT department, TMO support, Samsung Support, or anyone else could get it working. I know it has something to do with the password protection and remote wipe security that my companies exchange server requires. Can someone help me or will i have to go back to the blackberry ? I don't want to go back to that berry.
Click to expand...
Click to collapse
Touchdown works well with exchange as well (although it's not free). There is a free trial.
I was using touchdown untill android 2.2 came out then it started supporting remote wipe.
http://developer.android.com/sdk/android-2.2-highlights.html
Once you setup your phone it should force you to password lock it from the home screen. Don't know what else they would require other than remote wipe in the event you left the company. I need to make sure I use ssl as well.
Could be a problem with the SSL cert
I use exchange with no problems on all my android projects.
I still have not gotten this to work. N1kkI6, that is exactly what i need on this. I would assume that 2.3 would have this if 2.2 has it right?
from the link you provided:
Exchange support
Improved security with the addition of numeric pin or alpha-numeric password options to unlock device. Exchange administrators can enforce password policy across devices.
Remote wipe: Exchange administrators can remotely reset the device to factory defaults to secure data in case device is lost or stolen.
Exchange Calendars are now supported in the Calendar application.
Auto-discovery: you just need to know your user-name and password to easily set up and sync an Exchange account (available for Exchange 2007 and higher).
Global Address Lists look-up is now available in the Email application, enabling users to auto-complete recipient names from the directory.
bsage said:
I still have not gotten this to work. N1kkI6, that is exactly what i need on this. I would assume that 2.3 would have this if 2.2 has it right?
from the link you provided:
Exchange support
Improved security with the addition of numeric pin or alpha-numeric password options to unlock device. Exchange administrators can enforce password policy across devices.
Remote wipe: Exchange administrators can remotely reset the device to factory defaults to secure data in case device is lost or stolen.
Exchange Calendars are now supported in the Calendar application.
Auto-discovery: you just need to know your user-name and password to easily set up and sync an Exchange account (available for Exchange 2007 and higher).
Global Address Lists look-up is now available in the Email application, enabling users to auto-complete recipient names from the directory.
Click to expand...
Click to collapse
It should work fine. It could possibly be ssl certificate related, or maybe they don't have ActiveSync enabled on your account.. who knows. What sort of error do you get if any? I use Android on Exchange. Is it Exchange 2003/2007/2010?
PLEASE - HELP TESTING on exchange account - birthday
i know, that the nexus have some small problems on using excahnge account
(bday, aniversary, etc..)
i would like to fix it, but therefore i need YOUR HELP !
i would need to see, how the nexus send the birthday to exchange server.
if someone wants to test an exchange account - please send me a PM, and i will create an exchange account on my server, so that i can see how nexus send it.
(maybe you have skype or icq, please add it on the PM)
thanks cu camel
I have a personal Honor 8 device I use to access my company email. They use Duo Mobile software to authenticate before allowing this.
After upgrading to Nougat 7.0, I am unable to access email (using the Outlook app). I get a message saying that I need full disk encryption turned on. I don't see this as an option anywhere in my Settings. I do have a strong password set to be used.
Do I need to enable File Based encryption at this stage? I am trying to do this and do not see the option to convert to File Based encryption even after turning on Developer Options by the way.
Has anybody else run into this issue? Any guidance - I am dead in the water without being able to access my email.
Thx
AK
I remember I had a problem with my e-mail but I'm not 100% certain that it was the same issue. But try to remove all your screen locks including finger print and try again.
Ihaveatattoo said:
I remember I had a problem with my e-mail but I'm not 100% certain that it was the same issue. But try to remove all your screen locks including finger print and try again.
Click to expand...
Click to collapse
Thanks for the response. However in order to enable Corporate Email, Outlook asks for a password to be in place. Therefore I cannot remove all screen locks.
The problem seems to be that the authenticating software (Duo Mobile) is looking for two things on the device. One is that full disk encryption is explicitly enabled. The other is that the setting to "Require password at Startup" is enabled. Neither of these options are availalble on the Honor 8. Their support says that encryption is on by default and therefore there is no setting for it.
akatti said:
Thanks for the response. However in order to enable Corporate Email, Outlook asks for a password to be in place. Therefore I cannot remove all screen locks.
The problem seems to be that the authenticating software (Duo Mobile) is looking for two things on the device. One is that full disk encryption is explicitly enabled. The other is that the setting to "Require password at Startup" is enabled. Neither of these options are availalble on the Honor 8. Their support says that encryption is on by default and therefore there is no setting for it.
Click to expand...
Click to collapse
Further, I looked at turning on the new File Based Encryption that is part of Nougat. There are how-to's that discuss this, where you have to turn on Developer Options to do so. However, on the Honor 8, even after turnin on Developer Options, there is no option to "Convert to File Based encryption" available. If you search in Settings, it shows this option, but upon clicking on that option from the Settings Search results, it just takes you into Developer Options and there is no setting to enable File Based encryption.
Nvm this, poor reading comprehension on my part
I have no issues using Gmail's Exchange client to connect to my corporate email. It sounds like it's not a Nougat or Android problem, it's a Duo Mobile problem
I had the same problem.
Switched to the app Nine. It is a one-time purchase and its security model is app-wide instead of device-wide.
Have you tried it yet?
Telperion said:
I have no issues using Gmail's Exchange client to connect to my corporate email. It sounds like it's not a Nougat or Android problem, it's a Duo Mobile problem
Click to expand...
Click to collapse
The company whose email I need to get to has only enabled Outlook as a client - therefore using other email clients (such as the Gmail app) is not an option unfortunately.
akatti said:
The company whose email I need to get to has only enabled Outlook as a client - therefore using other email clients (such as the Gmail app) is not an option unfortunately.
Click to expand...
Click to collapse
To the best of my knowledge as long as you have the correct server credentials, you can use any client. For example, my credentials:
Server: subdomain.website.com
Domain\Username: test\Telperion
Port: 443
Security type: SSL/TLS
I can connect using Gmail's Exchange client, Outlook for Android, Nine, native Huawei email client, etc. While everyone's setup is different, if you're able to log in using the Outlook client, theoretically there's nothing to prevent you from using the same credentials in a different client.
That was my not my experience.
My company's Outlook server is configured to require device-level encryption for mobile devices with complex passwords. On my Nexus 6p, Outlook for Android did not work, with the error that it "did not support the encryption required". Also, I could not use fingerprint authentication on the device, and required a 8-digit unlock code. Not just for Outlook, mind you -- any time I wanted to unlock the phone.
OWA (Outlook Web App) for Android worked fine, but it supports neither push nor notifications, rendering it utterly useless. OWA is, as far as I can tell, just a shell containing an HTML rendering engine that reflows the web app.
The only reason CloudMagic (and potentially Nine) worked for me is that CloudMagic (and I think Nine) have device-level encryption on their server (?). The end-user provides credentials for their server to log in, download the email, and act as an intermediary.
Telperion said:
To the best of my knowledge as long as you have the correct server credentials, you can use any client. For example, my credentials:
Server: webmail.website.com
Domain\Username: test\Telperion
Port: 443
Security type: SSL/TLS
I can connect using Gmail's Exchange client, Outlook for Android, Nine, native Huawei email client, etc. While everyone's setup is different, if you're able to log in using the Outlook client, theoretically there's nothing to prevent you from using the same credentials in a different client.
Click to expand...
Click to collapse
biogon said:
That was my not my experience.
My company's Outlook server is configured to require device-level encryption for mobile devices with complex passwords. On my Nexus 6p, Outlook for Android did not work, with the error that it "did not support the encryption required". Also, I could not use fingerprint authentication on the device, and required a 8-digit unlock code. Not just for Outlook, mind you -- any time I wanted to unlock the phone.
OWA (Outlook Web App) for Android worked fine, but it supports neither push nor notifications, rendering it utterly useless. OWA is, as far as I can tell, just a shell containing an HTML rendering engine that reflows the web app.
The only reason CloudMagic (and potentially Nine) worked for me is that CloudMagic (and I think Nine) have device-level encryption on their server (?). The end-user provides credentials for their server to log in, download the email, and act as an intermediary.
Click to expand...
Click to collapse
When adding my corporate exchange email to Gmail, Gmail is activated as a device administrator with permissions to:
Erase all data
Set password rules
Monitor screen-unlock attempts
Lock the screen
Set lock-screen password expiration
Set storage encryption
Disable cameras
I'm not using webmail, I'm using Exchange ActiveSync. Device policy forces me to have a lock screen pin or password, but I can still fingerprint unlock it. It sounds as if your respective Exchange servers aren't configured properly, because all of the security that they're requiring can be mandated through ActiveSync and Gmail's device administration service.
t
Telperion said:
It sounds as if your respective Exchange servers aren't configured properly, because all of the security that they're requiring can be mandated through ActiveSync and Gmail's device administration service.
Click to expand...
Click to collapse
Is Exchange ActiveSync different from Office 365's Exchange?
When I asked IT about local ActiveSync, they said that they don't support it, just Office 365 on Shibboleth.
Then again, I couldn't get a Chromebook to connect to the WiFi network here due to some misconfiguration in their Cisco router's PEAP setup, so I wouldn't be surprised.
biogon said:
Is Exchange ActiveSync different from Office 365's Exchange?
When I asked IT about local ActiveSync, they said that they don't support it, just Office 365 on Shibboleth.
Click to expand...
Click to collapse
Different back end, same capabilities. Exchange ActiveSync is a site-hosted server, Office 365 is a cloud-hosted version. On a local Exchange server, your IT department will have set up a local domain and you will have a user account in Active Directory (domain\Telperion). In Office 365, your user account is your email address ([email protected]) and there is no domain mapped that you have to configure. Once you know this, you can piece together the way to configure it.
The biggest challenge is that IT typically won't mess around with supporting mobile device configuration ("I don't know Android"), and Microsoft tutorials don't give clear instructions ("I don't know Android"). Android tutorials say "I don't know Microsoft" so you end up having to piece things together from multiple sources online.
See attached tutorial, it's very easy once you know what to do.
Add new account from device Accounts menu
Choose 'Exchange' with the Gmail logo
Enter your corporate email address, don't hit next, hit "Manual Setup"
Choose 'Exchange' as the account type
Make sure your email is entered in "domain\username" field
Enter password
Server for Office 365 is "outlook.office365.com"
Port 443
Set security to "SSL/TLS"
From there it should handle all the rest of the configuration.
biogon said:
I had the same problem.
Switched to the app Nine. It is a one-time purchase and its security model is app-wide instead of device-wide.
Have you tried it yet?
Click to expand...
Click to collapse
Thanks. Tried Nine. Works the same way as Outlook so far. In other words, setting its policy to only apply to the app doesn't make a difference in how Duo Mobile (the two factor authentication checker) continues to insist the device be encrypted and have the setting "Require password on startup" be turned on.
Telperion said:
Different back end, same capabilities. Exchange ActiveSync is a site-hosted server, Office 365 is a cloud-hosted version. On a local Exchange server, your IT department will have set up a local domain and you will have a user account in Active Directory (domain\Telperion). In Office 365, your user account is your email address ([email protected]) and there is no domain mapped that you have to configure. Once you know this, you can piece together the way to configure it.
The biggest challenge is that IT typically won't mess around with supporting mobile device configuration ("I don't know Android"), and Microsoft tutorials don't give clear instructions ("I don't know Android"). Android tutorials say "I don't know Microsoft" so you end up having to piece things together from multiple sources online.
See attached tutorial, it's very easy once you know what to do.
Add new account from device Accounts menu
Choose 'Exchange' with the Gmail logo
Enter your corporate email address, don't hit next, hit "Manual Setup"
Choose 'Exchange' as the account type
Make sure your email is entered in "domain\username" field
Enter password
Server for Office 365 is "outlook.office365.com"
Port 443
Set security to "SSL/TLS"
From there it should handle all the rest of the configuration.
Click to expand...
Click to collapse
Thanks for the detailed message. Tried the above.
When I left the server be the default server name (derived from my email address), I got a "Certificate is not valid" error. I had "None" as the certificate.
After I changed the server name to be outlook.office365.com as mentioned in your instructions above, I now get a "Can't connect to server" message.
I did recheck my steps. Not sure why Gmail fails to connect. Any suggestions on where to look?
akatti said:
Thanks for the detailed message. Tried the above.
When I left the server be the default server name (derived from my email address), I got a "Certificate is not valid" error. I had "None" as the certificate.
After I changed the server name to be outlook.office365.com as mentioned in your instructions above, I now get a "Can't connect to server" message.
I did recheck my steps. Not sure why Gmail fails to connect. Any suggestions on where to look?
Click to expand...
Click to collapse
Those instructions are for Office 365, it sounds like yours is hosted.
Telperion said:
Those instructions are for Office 365, it sounds like yours is hosted.
Click to expand...
Click to collapse
I checked the settings for Outlook Web on my PC and it is an Office 365 account. I updated by Gmail settings to match (Server: outlook.office365.com, Port: 993 and Security: SSL/TLS although on the PC it was just TLS). Get a message saying "Couldn't open connection to server".