Has someone any idea how to disable this PIN screen lock when use the exchange sync??? Just tried to find out how to, but so far I did not find any way...
Your corporate IT Admin won't be too thrilled to hear you ask this question. It is after all an exchange security policy enforced by your exchange admin to protect sensitive information in case you lost your phone or get stollen.
Depending on which ROM (2.1 or 2.2) you're running, the PIN is handled differently. On 2.1, the PIN policy is part of the email app and the PIN can't even be changed after you set it. In 2.2, the PIN policy is natively supported by Android OS and you can change the PIN but not disable it. But I have yet to see any hacks to disable it on Android. I know how to do it in Windows Mobile
try a search on the forums for "lockpicker". It works for some, some it doesnt. Check this thread for more info...
http://forum.xda-developers.com/showthread.php?t=655061
Related
When I installed the MSFP/AKU2 upgrade on my SP5 over the weekend then tried to connect to my Exchange server for the first time, it enforced a mandatory security policy of having my device automatically lock out every hour (and must be unlocked with a PIN at the very least). I find this terribly annoying! When I go into the security control panel, I cannot uncheck "Prompt if device unused for".
Is there a hack to remove this security restriction?
this policy is server based, but i'm not very familiar with the new Exchange 2003 SP2 features yet.
This is on the Exchange Server @ Global Settings --> Mobile Device Properties -- Device Security Settings.
If this is "your" Exchange server then you go there and disable all that stuff.
This isn't set by default however. So it may be that it isn't your "own" server. If so then the Exchange Admin has to disable that. I have messed with this on my device a bit. Not very extensively. I more wanted to see what happens when setting these polices rather than to see if I can bypass them.
So if it is your own server then just go to above under Exchange System Administrator and disable the device security or leave what you need and take the innactivity setting out.
Hope this helps[/img]
jminiman said:
Is there a hack to remove this security restriction?
Click to expand...
Click to collapse
Isn't this the point of the MSFP? Allow the exchange administrator to set security policies?
Well, so this isn't my Exchange server. And so I respect that if I connect to someone else's Exchange server, they can lock down my device. Well, I kind of respect that.
But the point is now I have removed the Exchange profile from my device completely--but the security policy remains. Is this a bug in MSFP?
Offtopic, but has anyone tried the remote hard reset thing? I would like to know how (or where?) it's implemented so I can reverse engineer it into a generic solution. Any clues as to use or implementation would be appreciated (I'm not using an exchange server so can't test).
V
MSFP security profile remains after wipe
This is actually standard practice in the B*)&#berry world. The reason is that they figure that if it's the company's device, security should be enforced whether you (the user) want to skip it or not. I.e. you don't it to be easy for the end-user to simply bypass all that hard work you did setting up the security. So while I don't know for a fact, I am guessing this is by design.
There is a simple workaround on rooted phones for the Exchange security policy without having to replace the original mail app. I also posted this in the Android 2.2 Email.apk - Bypassing Exchange security policy - APK Attached thread but am making a new thread in case people have missed this very simple workaround. I am using it on an account on a Exchange 2007 server and I believe Exchange 2003 works as well. I heard from one person who did not have good results with Exchange 2010. All exchange functions work fine without any issues. I am using the stock email app so this only applies to the stock email app that forces a password security policy.
I am using an app called Autostarts found in the market (less than a dollar - I am not the developer) that allows disabling the exchange policy on restart. The setting can be found under Device Admin Enabled. Make sure you are in USB Debugging Mode before disabling the policy.
If you already have an Exchange account set up yet:
Install Autostarts from the Android Market and run. Find and click the Device Admin Enabled entry and press Mail (Exchange security policies) and select Disable (acknowledge the warning about disabling a system component). Close Autostarts and reboot the phone. After restart, change your screen lock under security to whatever you want (None, Pattern, or PIN).
If you don't have an Exchange account set up yet:
Install Autostarts from the Android Market then set up your Exchange account and let Exchange force the password policy. After the exchange setup is completed, run Autostarts and find and click the Device Admin Enabled entry and press Mail (Exchange security policies) and select Disable (acknowledge the warning about disabling a system component). Close Autostarts and reboot the phone. After restart, change your screen lock under security to whatever you want (None, Pattern, or PIN).
Hmm, this doesn't seem to wok. After disabling in autostarts, I reboot, and the mail app tells me (paraphrased) "You must have security policies enabled blah blah blah".
This worked perfect for me on a 2.2 Sense rom on Evo. Good find & thanks !
EDIT: So after trying this on a newer build like the Desire Z port to Evo.. it will let you bypass it, but only until you go to sync your mail. After that fact it will re-enforce your mail security. But, it is still another workaround for 2.2 builds.!
Great method! Very simple!
I am wondering if someone can anwser this for me.....
Does the ability to use a Pattern unlock vs. PIN unlock for Exchange come from the Email.apk or the OS Version?
I was running Serendipity VII (2.3) and I was able to use a pattern unlock, which I prefer. Today I switched to Fasty's (2.2) and cannot.
Would love to know. Thanks!
Exchange server often requires a minimum number of PIN digits for unlock. Pattern unlock is not supported by Exchange server. Some modified email clients can ignore any such PIN requirements/policy. That's probably the difference between the two ROMs.
The email.apk that is in OBSESSION was the only one I found that overrides Exchange security for me. I no longer need the PIN security.
When I flashed a new rom last week I pulled the "email.apk" out of the obsession package and put it in the new rom package replacing the one that was in there.
Worked...
My exchange security policy also would force the phone to encrypt all data...made moving files to and from the phone rather pesky.
Thanks , Guys! I'll tinker around with some other apk's and see if I can resolve the issue.
cjkpkg said:
The email.apk that is in OBSESSION was the only one I found that overrides Exchange security for me. I no longer need the PIN security.
Click to expand...
Click to collapse
Any chance I can get that email.apk from you? I am rooted and running the Paragon Froyo ROM on my Captivate. I want to override our exchange pin policy as well. I prefer the pattern lock.
Here is the one that works best for me. It will also start pinging your exchange server to auto fill email addresses from the GAL.
There was another email client from S VII that also bypassed the pin unlock but seemed a little finicky.
I just placed this email.apk in the system/app folder and made sure to delete the old one.
You may need to clear the cache and reset data from settings/applications/manage applications/email unless you are coming from a factory reset.
You will be prompted to set up your email again but this time no pin unlock will be necessary.
So, I just started a new job and they put my work email on my personal N5. Once they did this I was prompted to create a passcode (PIN or pattern).
I hate this. I don't like that i can view notifications from the lock screen.
Anyone have any ideas or workarounds for this?
Thanks.
Did you have encrypt you phone to use your work email? Well if so you would have to reformat to remove the encryption and then you can use Exchange Security Bypass app on xda or the Exchange Security Bypass xposed module
I'm new to the S7, though drove a Moto X Pure on Marshmallow for a while and am familiar with my way around settings. I've only had the S7 a couple of days and hadn't gotten any trusted devices to keep it unlocked reliably. I recently had several apps update and then now when I go look, The Smart Lock (Google) Trust agent is 'disabled by administrator' and it is now greyed-out and I can't turn it on. Similarly all my trusted devices are greyed-out.
Any ideas here. The one thing I CAN think of is that I'm using built-in mail to connect to my company's exchange server, so they do have the ability to push admin rules. I had the account connected before I saw this behavior, however I suppose they might push out polices only once every week or so and I just hit the day.
Any other thoughts?
- Steve
stevevetter said:
I'm new to the S7, though drove a Moto X Pure on Marshmallow for a while and am familiar with my way around settings. I've only had the S7 a couple of days and hadn't gotten any trusted devices to keep it unlocked reliably. I recently had several apps update and then now when I go look, The Smart Lock (Google) Trust agent is 'disabled by administrator' and it is now greyed-out and I can't turn it on. Similarly all my trusted devices are greyed-out.
Any ideas here. The one thing I CAN think of is that I'm using built-in mail to connect to my company's exchange server, so they do have the ability to push admin rules. I had the account connected before I saw this behavior, however I suppose they might push out polices only once every week or so and I just hit the day.
Any other thoughts?
- Steve
Click to expand...
Click to collapse
straight thought is wht u said
thr is extra policy for ur device.
remove the exchange server and check wht happen...
if nothing changed go to security setting and clear credentials and remove all admins app
:good:
I would suggest to put your company email in the myknox app. This isolates any compny policies for accessing your device.
m3xiz said:
I would suggest to put your company email in the myknox app. This isolates any compny policies for accessing your device.
Click to expand...
Click to collapse
+1 for this suggestion. I'm a big fan of My Knox. It sets Samsung apart in this area.
Sent from my SM-G930V using XDA Premium HD app
stevevetter said:
I'm new to the S7, though drove a Moto X Pure on Marshmallow for a while and am familiar with my way around settings. I've only had the S7 a couple of days and hadn't gotten any trusted devices to keep it unlocked reliably. I recently had several apps update and then now when I go look, The Smart Lock (Google) Trust agent is 'disabled by administrator' and it is now greyed-out and I can't turn it on. Similarly all my trusted devices are greyed-out.
Any ideas here. The one thing I CAN think of is that I'm using built-in mail to connect to my company's exchange server, so they do have the ability to push admin rules. I had the account connected before I saw this behavior, however I suppose they might push out polices only once every week or so and I just hit the day.
Any other thoughts?
- Steve
Click to expand...
Click to collapse
Some third party email apps are capable of applying Exchange policies on the application level instead of device level. Thus leaving the rest of the device under your control. Try an app like Nine which can do just that. The are other apps too but I like this one.
Thanks Everyone. I'll try those. It sounds like myknox might help if this is it. On my Moto X I was using before, I used Touchdown for exchange (cause the ootb mail client sucked) and it similarly kept the admin policies to the app.
hmm, removed the exchange account. now things aren't greyed out anymore. I could go into trust agents and Smart Lock (Google) is enabled. I go into phone administrators and there are two: "Android Device Manager" and Support & Protection". I turned them both off (I don't know how to REMOVE them). Restarted phone. No change in behavior. My screen still locks when, for example, connected to my Gear S2 watch though that's one of the trusted devices for smart lock..
nevermind, it's working. I was just expecting different behavior. I still have to 'swype to unlock' but I'm not hit up for credentials anymore. I was expecting that when I woke the phone it would go to the last screen it was on. I don't know why, my Moto didn't do that. I think it was having the fingerprint sensor now that just messed up my mental processing.
A very simple alternative to the same effect is offered by the Exchained app. No root required.
I found if you go to lock screen (in setting: device) and create and lock screen pattern. Trust agents becomes available (in security settings: advanced), you can then turn it on and smart lock becomes available (in security settings: advanced).
There is a youtube video about it: How To Enable Smart Lock On Any Device
Unrelated to smart lock: As user "Avah" said, I highly recommend Nine email for connecting to your exchange server. It does not force the administration policies on your device (or at least, it may ask you, and you can decline). Better than the built-in clients and way better than the old Touchdown app.