Recently I hooked up my WM6 device to my company's Exchange server. A security protocol was automatically installed. One of the restrictions of this protocol is that you must enter a password (1) every time the device is restarted and (2) after 5hrs of non-usage.
Therefore, I can't use my PDA as an alarm clock any more. At the time I want an alarm, it starts up silently and waits for a password.
Is there a workaround that anyone can think of?
What version of Exchange? What endpoint security are they using?
ndoeberlein said:
What version of Exchange? What endpoint security are they using?
Click to expand...
Click to collapse
No idea and don't know. Is this something I can check from my PDA? If not, I'm unlikely to find out. It's a large corporation (not a 50 person small business).
You had a slim chance anyways, because it's all set up in your profile on the Exchange server. Your best bet is to talk to your IT dept. and see what they can do for you.
I know what you're trying to do is a viable functionality with the security they have set up, you just have to convince them to do it.
Good luck!
ndoeberlein said:
You had a slim chance anyways, because it's all set up in your profile on the Exchange server. Your best bet is to talk to your IT dept. and see what they can do for you.
I know what you're trying to do is a viable functionality with the security they have set up, you just have to convince them to do it.
Good luck!
Click to expand...
Click to collapse
i'm a net admin and administer our exchange 03 server with about 40 wm devices. i have not had a chance to see what the new features of 07 allow device security policy, but the standard ms windows mobile admin tools are pretty limited. i only use the administration tool to remotely kill devices or check sync times. there must be some kind of pretty complex endpoint security software that they are using. granted security should not be taken lightly, but do you work for the nsa, fbi, cia or a company that works for them? other than that, every 5 hours (waking up) seems like overkill. basically, damn that sux.
however, its incredibly not useful, but you could delete the exchange connection (it probably doesn't even allow you to do this) and then just check your email through oma or owa. maybe even pop3 if its open (doubtful). if you can't delete the connection, hard reset the device
Hi, I recently bought an Omnia and decided I would have a go at writting my own JavaME applications for it.
The application that I have in mind requires access to the file system and, in the future, the ability to make HTTP connections. Since these parts of the API are restricted I added file read and write privilages to the JAD file and copied the JAD and JAR to my phone. When I tried to install the application it gave me the error message "error 910: application authorization failed".
I guessed the error was due to the fact that the code wasn't signed. I don't want to have to go to the expense of getting a real trusted certificate for a piece of code I will probably never release so I've set up my own root CA and installed the CA certificate on the phone. I then created my own code signing certificate and signed my applicaiton with it*. I now get the error message:
"The authentication of certificate is failed. Contact your application provider to correct this situation"
when I try to install my application. I think, therefore, that the code is signed but for some reason the trust chain isn't working. I can't tell if my code signing certificate is the problem or whether the phone isn't recognizing my CA certificate. The CA certificate shows up fine in the Certificates application (Settings > System > Certificates).
Is what I am trying to do even possible on the Omnia or is is too locked down? I have to assume it is possible as I can't believe that every devopler that wants to test their MIDlet idea is buying a certificate. Out of interest does anyone know what KVM the Omnia is using?
One option I haven't tried yet is installing JBed as described in this post (http://forum.vodafone.co.uk/index.php?showtopic=8896). I'm not exactly thrilled by this idea though as I have a nicely working (recently flashed to the latest version) phone at the moment.
Any help greatly appreciated (and if I get it working I'll write it up so others can use the information).
* Personal CA Setup Etc...
http://browndrf.blogspot.com/
http://www.mobilefish.com/tutorials/java/j...de_keytool.html
http://www.mobilefish.com/developer/openss...gn_request.html
As a follow up. Perhaps it's not possible to install a MIDlet using a self signed certificate but what about the posibility of turning the security checking off for the MIDlet manager on the Omnia.
There is a menu option for java settings which doesn't provide any useful settings (just something about the backlight) but there is also an appilcation menu which has an entry called permissions. The permissions options is always greyed out though. I wonder if this could be turned on via the registry or somthing?
Not sure whether it works in your case (haven't tested this on the Omnia): see my related bible: http://forum.xda-developers.com/showthread.php?t=339579
Cheers Menneisyys, great article btw, I had a read of it before posting. From what I've read most phones seem have some way of getting unsigned MIDlets running fairly eaisly. Looks like this phone is the exception to the rule.
I think I'll have to just give up and install JBed unless someone can come up with any ideas. Your article seems to imply it's a pretty simple and painless process to have more than one MIDlet manager running on the same phone (before reading the article I assumed you could only have one on a phone).
I've been a Java developer for years (server side) but this is my first foray into JavaME, I should have guessed that the security system would make it more trouble that it was worth!
I was wondering if you can spoof the device id on android devices....
A firewall is blocking all devices except for BlackBerry devices. I want to spoof my device ID to appear as a BlackBerry so I can access the exchange server remotely.
If there is no way to spoof does anyone know of any different workarounds?
Please help!!!
jdlumley said:
I was wondering if you can spoof the device id on android devices....
A firewall is blocking all devices except for BlackBerry devices. I want to spoof my device ID to appear as a BlackBerry so I can access the exchange server remotely.
If there is no way to spoof does anyone know of any different workarounds?
Please help!!!
Click to expand...
Click to collapse
There is an exchange server that is blocking all devices besides Blackberries? Never heard of one like that. What happens when you try to set up the account using HTC Mail?
It is already setup with HTC mail. It works when i'm on my work wifi because i'm already past the firewall that is blocking devices from the exchange server. When I try to access remotely, I get denied. It works fine with all blackberries. I know this because I tried with a blackberry and it worked fine. They only allow blackberries because that is he only kind of device they issue.
bump - someone help me on this please.....
Flipz?
It works with blackberries because BB uses BIS an email server that is proprietary to BB, and it bypasses your company's exchange server.. Unless you are set up for a BES exchange server, which is an additional monthly fee, and if that is the case, there is no way to make an HTC device connect to BES because it is a BB service..
Also, as of yesterday, any cellular "spoofing", be it caller id or anything else, is now a federal offense.
jdlumley said:
Flipz?
Click to expand...
Click to collapse
Really?
tooshort
azyouthinkeyeiz said:
It works with blackberries because BB uses BIS an email server that is proprietary to BB, and it bypasses your company's exchange server.. Unless you are set up for a BES exchange server, which is an additional monthly fee, and if that is the case, there is no way to make an HTC device connect to BES because it is a BB service..
Also, as of yesterday, any cellular "spoofing", be it caller id or anything else, is now a federal offense.
Click to expand...
Click to collapse
Thanks for the info but we use BES which then connects to the exchange server. The only reason it works is because the firewall allows BB device IDs. If I could spoof to appear to be a BBC I would be fine.
Also regarding your statement about spoofing, the bill is specific to spoofing caller ID and not specific to cell phones. Also, isn't law yet; requires further approval.
jdlumley said:
The only reason it works is because the firewall allows BB device IDs.
Click to expand...
Click to collapse
There is no such thing..
The blackberry connects to BES by your BB PIN... If you don't have a BB.. There is no way to "spoof".
The phone would have to be registered by BB on their server as a BB device by the PIN, which there is no way to "spoof" unless you find some way to hack into RIM.. Good luck with that approach.
Also, regarding your statement about the "Truth in Caller ID Act of 2010" which was passed by *CONGRESS* and immediately ratified, does not require any further approval. And is now effectively a law..
It also does not have any clarification between "spoofing" and "spoofing caller id".. The only clarification is that any attempt to "spoof" the originating call location. (I.e. phone number or location, and the only exception to that is you are still allowed to block that information. "Spoofing would lead the call receiver, in this case BB, to not have accurate call originating information, which in turn, is spoofing and a federal offense....
azyouthinkeyeiz said:
There is no such thing..
The blackberry connects to BES by your BB PIN... If you don't have a BB.. There is no way to "spoof".
The phone would have to be registered by BB on their server as a BB device by the PIN, which there is no way to "spoof" unless you find some way to hack into RIM.. Good luck with that approach.
Also, regarding your statement about the "Truth in Caller ID Act of 2010" which was passed by *CONGRESS* and immediately ratified, does not require any further approval. And is now effectively a law..
It also does not have any clarification between "spoofing" and "spoofing caller id".. The only clarification is that any attempt to "spoof" the originating call location. (I.e. phone number or location, and the only exception to that is you are still allowed to block that information. "Spoofing would lead the call receiver, in this case BB, to not have accurate call originating information, which in turn, is spoofing and a federal offense....
Click to expand...
Click to collapse
First off, you obviously don't know much about Exchange and the way ANY device interacts with it. BES is esentially a tunnel to get you from your BB to the exchange server. The BES still needs to get through the firewall to get to the exchange server. The firewall can be configured in many different ways. The most common are A) allow the entire BES access or B) allow specific device IDs access. Are you starting to understand?
Secondly, you're a f*cking idiot. Congress is not the final approver of this bill. Obama has not signed off on it, which means it is not law yet. And it is specific to Caller ID. If you had even processed the title of the bill correctly in your peanut-sized brain, you would know this. Please check your facts before you post and make yourself look like a douchebag.
http://news.yahoo.com/s/ytech_wguy/20100415/tc_ytech_wguy/ytech_wguy_tc1637
Now if there are any devs out there that can shed some light on where the device ID is stored or even how to spoof it, please respond!
Not worth it...
PS.. Take a guess as to what your "DEVICE ID" is..
Wow.... I already know what my device ID is. I asked how to change or spoof it.
My device ID is: HTCAnd444430*
Ya know.... they should really make you pass a test to be able to post on forums. Then I would have to deal with idiots like azyouthinkeyeiz.
Um....wouldn't common sense dictate that any sort of spoofing be ethically challenging? Well I would like to think that some things are just better not left to chance. I am not trying to be all goody goody and claim I don't do anything that isn't entirely lawful......but with how nutty the FCC can be, trying to spoof your device ID is akin to MAC spoofing to bypass security measures even if it is not for malicious intent. It can't and won't end well.
Just my two cents....
Off topic... but I wonder what that bill means, if anything, for those of us using Google Voice configured to display our GV number instead of our 'real' number.
Although not the answer you are looking for, you can do this using Nitro Touchdown Exchange.
Sent from my HERO200 using the XDA mobile application powered by Tapatalk
Ok. The question was not what your device id is, its a question of what your device id should be, which is a bb pin. (*which might I add since you keep saying Device ID, has no relevance to anything in your HTC HERO Phone, it is just a entry field label on BES for entering your BB PIN #)
Good luck trying to get it to work. Lol.. You're trying to tell a Network Admin and Sprint Tech (me) that I know nothing of, something I use everyday...
Now that I am at work not on my phone... You can use your HTC Device ID all you want.. But it means nothing.. Obviously, since it doesn't work as of now, does it? You need to have the BB "device ID" , which is if you had any sense to you at all, very apparent, as I've told you a thousand times already that it is the BB PIN.. Those are on a whitelist and to access BES your device has to be on that list, and activated through a carrier, with the attached SOC code for the BES plan..
You can access from your work, not because it passes some *firewall*, but because it bypasses BES because you are logging directly into the Exchange Server, through the local network, and that is nothing new, any business with BES is set up exactly the same.. To access your Exchange Server from home, your company uses the BES Gateway, and to use that, you have to have access to BES. And without the SOC code from your service, a BB PIN registered on the Blackberry Network, and the correct settings for your exchange server, you cannot access your email.
So next time, before you start throwing insults and acting like you know anything, at least have the key terms down... Just because the IT guy at work threw some terms around at you, doesn't mean you know anything..
You ask for help with something you obviously know nothing about, and then act like you have answers. And two people even told you, that whatever you think you are dealing with, they have never heard of before.. (a firewall that blocks anything but blackberries??? I mean really?)
You sir are an incompetent clown.
*edit.. I have also been looking all morning for anything that would even suggest that you have any idea of what you are talking about, and there are 4 HTC WinMO devices(TOUCH's and the TYTNII) that you can download a program that allows access for those specific HTC models.. Nothing else..
Ok, lets stop the name calling.
To the OP: Am I correct in assuming you've asked the Exchange Admins to add the Hero device ID and they denied the request? If so, then don't mind me. It seemed like the logical first step.
I haven't read the bill which passed (yet) but I will... Just a few notes.
The Bill has passed both Senate and House versions, it is NOT law yet, but probably will be soon. I see some issues though with the terms being somewhat Vague. Yes, it will be nice that telemarketers and such will no longer being able to hide, but INTENT is a big glaring need which has to be addressed. I mean, come on... There are PERFECTLY legitimate reasons for not wanting to give your number to someone or to give the impression you are calling from a number, i.e., masking your location.
(Honey, I'm at my friend John's house playing cards, be home late tonight)... Lmao...
To make this type of instance a Federal Crime is just "out of this world ridiculous". Big Brother on Steroids... Or what one Judge said recently, that "those who seek anonymity are only doing so for Illegal purposes". NOT!!!... So I wonder then is Ghost writers can be arrested and pseudonyms result in a 10 year stint... Come on... What next? E-mails must be your name? How about that Federal Registry/I.D. #, hell, why don't we just use our Social Security number for everything??? Forget Credit cards, bank accounts, etc...
But anyway, welcome to the New U.S. of A... where all you get to do is breathe without it being tracked, watched, cataloged, traced, recorded, stored, etc., all without your knowledge, permission or ability to resist.
Who was it that said: "Just because I'm paranoid - doesn't mean they aren't watching me!"...
azyouthinkeyeiz said:
Ok. The question was not what your device id is, its a question of what your device id should be, which is a bb pin. (*which might I add since you keep saying Device ID, has no relevance to anything in your HTC HERO Phone, it is just a entry field label on BES for entering your BB PIN #)
Good luck trying to get it to work. Lol.. You're trying to tell a Network Admin and Sprint Tech (me) that I know nothing of, something I use everyday...
Now that I am at work not on my phone... You can use your HTC Device ID all you want.. But it means nothing.. Obviously, since it doesn't work as of now, does it? You need to have the BB "device ID" , which is if you had any sense to you at all, very apparent, as I've told you a thousand times already that it is the BB PIN.. Those are on a whitelist and to access BES your device has to be on that list, and activated through a carrier, with the attached SOC code for the BES plan..
You can access from your work, not because it passes some *firewall*, but because it bypasses BES because you are logging directly into the Exchange Server, through the local network, and that is nothing new, any business with BES is set up exactly the same.. To access your Exchange Server from home, your company uses the BES Gateway, and to use that, you have to have access to BES. And without the SOC code from your service, a BB PIN registered on the Blackberry Network, and the correct settings for your exchange server, you cannot access your email.
So next time, before you start throwing insults and acting like you know anything, at least have the key terms down... Just because the IT guy at work threw some terms around at you, doesn't mean you know anything..
You ask for help with something you obviously know nothing about, and then act like you have answers. And two people even told you, that whatever you think you are dealing with, they have never heard of before.. (a firewall that blocks anything but blackberries??? I mean really?)
You sir are an incompetent clown.
*edit.. I have also been looking all morning for anything that would even suggest that you have any idea of what you are talking about, and there are 4 HTC WinMO devices(TOUCH's and the TYTNII) that you can download a program that allows access for those specific HTC models.. Nothing else..
Click to expand...
Click to collapse
You obviously do not know squat about exchange servers, corporate networks, etc... if you have not heard of ISA. ISA is a popular firewall, which my company uses with the exchange server. ISA can and is configured to manage access to certain phone models based off Device ID. All of the allowed devices IDs are BlackBerry IDs. I know for a fact my problem has nothing to do with BlackBerries using a BES. Remember, I have access on wifi, just not remotely and my friends on the exchange team confirmed this for me.
I work in IT but do not manage the exchange/ISA servers. Even if I did, our environment would require a change control for a change like this. We have asked to have our device IDs added to access the exchange server but the change committee has not decided yet if they will grant it. Again you would know nothing about these things as you are a Sprint techie.
I'm not on these boards with the intention of being rude and name calling as you are. I am sorry I lowered my standards and insulted you; I just can't stand ignorant people that think they know everything when really most everything they say/type is false. I simply created this topic in search of a way to change my device ID. I do not care if it is unlawful, wrong, yadda, yadda, yadda. If you or anyone else that reads this knows how to do this, please respond.
To the fellow that suggested Nitro Touchdown. I tried this software but it only allows you to spoof your client agent ID. ISA is configured by Device ID. Thanks for the suggestion but no luck there.
I never said I had never heard of ISA.. I said there's not a firewall that only blocks non-blackberries.. You can block whatever you want with firewalls, its not a feature that it blocks blackberries..
I am telling you the answer, even with ISA, the problem you are having is, the option on the admin side of ISA, is to allow all devices, to allow all devices from BES, or to allow user privileges. There is no button for blackberry/HTC/Apple.. You cannot access the server because you cannot pass through BES without a PIN..
I did no name calling, read back, you stooped there yourself pretty harshly, and I am still helping you... [mirror]
LISTEN- You can connect on your work's wifi, because it is directly accessing the server from an IP on the LOCAL NETWORK.. When you connect to the server on your phone through the mobile network, you are accessing from the PUBLIC DOMAIN.. Which from your explanations, indicates that they allow access only through BES... Since "it only allows blackberries"...
Changing your device ID (if even possible) is going to create more problems than it solves. You basically have 2 options for the device ID:
1 - Change the stored device ID in the handset. This will break all kinds of functionality as every single call the OS makes to getDeviceID() will return an invalid value. My guess is that no applications are coded to respond correctly to a BB device.
2 - Only use a different device ID in the email software. This would require you to write a custom application to get Exchange support.
If you can connect with a desktop PC via VPN, you might want to take a look at RoadSync -- it provides Exchange access over VPN via a proxy server. I believe the current version only has support through 1.6, so if you're running 2.1 you may have to roll back your rom to install it.
Hi
Does anyone know how to import the wireless authentication certificate from Win7 (for a WPA-Enterprise Wifi Nework - most corporate wifi networks), and install it on Android ?
Use case: I have a laptop that connects to my work wifi using a stored certificate and would like my phone to connect to the corporate wifi as well.
Also, the company does not 'officially' support Android phones. Only BB and iPhone allowed.
imarvind said:
Hi
Does anyone know how to import the wireless authentication certificate from Win7 (for a WPA-Enterprise Wifi Nework - most corporate wifi networks), and install it on Android ?
Use case: I have a laptop that connects to my work wifi using a stored certificate and would like my phone to connect to the corporate wifi as well.
Also, the company does not 'officially' support Android phones. Only BB and iPhone allowed.
Click to expand...
Click to collapse
Your IT let you connect BB and Iphones on the Corporate Network?
Look, as an IT administrator I'm going to say this... if your IT department wanted you to connect your Android device to the corporate network, they would provision it for you. If they are not provisioning it for you, you're probably breaking company policy. Even if it were possible, there's no way I'd help you do this.
rootSU said:
Your IT let you connect BB and Iphones on the Corporate Network?
Look, as an IT administrator I'm going to say this... if your IT department wanted you to connect your Android device to the corporate network, they would provision it for you. If they are not provisioning it for you, you're probably breaking company policy. Even if it were possible, there's no way I'd help you do this.
Click to expand...
Click to collapse
I see. Well that's like saying - 'If Samsung wanted you to have KitKat on their older models, they'd provision it for you. I will not help you install kangs'.
Thanks anyway. I'll look elsewhere
imarvind said:
I see. Well that's like saying - 'If Samsung wanted you to have KitKat on their older models, they'd provision it for you. I will not help you install kangs'.
Click to expand...
Click to collapse
Not really, no. Installing a Kang is not affecting someone's corporate network, putting it at risk and putting your job at risk and potentially causing massive problems for your IT department.
It's more akin to saying "My company doesn't want me to have a corporate credit card. They've given me the numbers for online purchases but I want to use it in a physical shop. Can you help me print the details to a blank card"
anyway, I said "even if it was possible", meaning in other words "it's not possible"
rootSU said:
Not really, no. Installing a Kang is not affecting someone's corporate network, putting it at risk and putting your job at risk and potentially causing massive problems for your IT department.
It's more akin to saying "My company doesn't want me to have a corporate credit card. They've given me the numbers for online purchases but I want to use it in a physical shop. Can you help me print the details to a blank card"
anyway, I said "even if it was possible", meaning in other words "it's not possible"
Click to expand...
Click to collapse
I full quote.
Anyway, on serious networks the are always port-security enabled and several checks at access and distributions layers. Say that, @imarvind, even if you can import your certificate, this is does not mean that you can reach connectivity