[Q] Exchange ActiveSync connectivity - Nexus 5 Q&A, Help & Troubleshooting

Has any tried setting up the Email app on the N5? I'm getting getting "You don't have permission to sync with your server." error mgs. I have set up hundreds of these including my own Exchange account. I have looked on the Exchange server and security is all good. Hell, I can connect just fine with my Nexus 4 or any other phone. Thoughts? THX

Works for me.
Worked out of the box for me on exchange 2010. Maybe your setup is not set to allow the nexus 5. Check your activesync device policy.

Weird! Anyway, I got it to work. I ended up removing all devices associated with my account. The Exchange 2010 Server can allow 10 user device agents and I only had 4 devices linked. Technically, I should be able to add new devices without issues without removing old user agents. Maybe in this case, the server got confused or something... lol.

The Nexus 5 isn't encrypted, are you guys really allowed to connect unencrypted devices to corporate email?
That's blocked here.
I use touchdown which stores corporate email in an encrypted container.

"The Nexus 5 isn't encrypted"
I disagree with this. Android OS does have some level of basic encryption. I recalled that it was implemented back in the Gingerbread days. The argument is not whether it's effective or not, but some sort of "encryption" does exist in the Android platform.

By default it's not encrypted, but there is an option in Security section to encrypt your device.

xxxman999 said:
"The Nexus 5 isn't encrypted"
I disagree with this. Android OS does have some level of basic encryption. I recalled that it was implemented back in the Gingerbread days. The argument is not whether it's effective or not, but some sort of "encryption" does exist in the Android platform.
Click to expand...
Click to collapse
It's not hardware level encryption that's always on, and on by default like with blackberry or iPhones though.
It's a software based option that 99.999% of people have turned off.
.

Related

2.1 Exchange/Password bypass Updated 4-7

Exchange/Password
Now with Android 2.1 it now makes me use a password word. Is there a way to bypass this as it is annoying, or maybe use a pattern instead?
With 1.5 i didn't have to use a password, but with 2.1 now i do.
This works
just thought i would update with my latest info. So here is the scoop. You can disable the exchange password lock and have it survive reboot/and mail checks. To do this follow these steps:
[APP] LockPicker - disable Exchange lock screen [30-03-2010]
Hi all,
"j0bro"
Just whipped an app together that disables the Exchange lock screen as soon as the server has enforced its policy by using a background service and an observer on the system setting. This requires no polling, scripting, etc. and survives reboots/enforcements
If you want to use the pattern lock follow the next steps if not just skip the next steps., First set the lock pattern before you setup your exchange server, Then after you set your pattern lock setup your exchange and it will ask you to set your password after complete download Lockpicker in the market and install & run. Iit will bypass the Password lock and the pattern will now work.
Or
klaus27
Originally Posted by klaus27
Ok, my app is ready. I have sent it to tamburylar for testing.
Version 1.0 is ready for testing. Working with HTC Sense. Waiting for reply for Milestone support. HERE
__________________
HTC Sense or Motorola Droid with Exchange and password policy? Get rid of it: http://forum.xda-developers.com/showthread.php?p=6044673
networx2002 said:
Exchange/Password
Now with Android 2.1 it now makes me use a password word. Is there a way to bypass this as it is annoying, or maybe use a pattern instead?
Click to expand...
Click to collapse
Not sure what you're trying to say here...
I'm using Exchange through my work, and the process is exactly the same as it has been on 1.5. Can you clarify your issue? Thanks!
networx2002 said:
Exchange/Password
Now with Android 2.1 it now makes me use a password word. Is there a way to bypass this as it is annoying, or maybe use a pattern instead?
Click to expand...
Click to collapse
This has to do with the exchange active sync policies your IT dept has implemented. I believe you can remove that option from EAS on the exchange server.
As a workaround, you can use touchdown for your exchange needs as it doesnt lock down your phone but just your exchange email.
swornenemy said:
This has to do with the exchange active sync policies your IT dept has implemented. I believe you can remove that option from EAS on the exchange server.
As a workaround, you can use touchdown for your exchange needs as it doesnt lock down your phone but just your exchange email.
Click to expand...
Click to collapse
Thanks,
With 1.5 i didnt have to use a password, but with 2.1 now i do.
Thanks
networx2002 said:
Thanks,
With 1.5 i didnt have to use a password, but with 2.1 now i do.
Thanks
Click to expand...
Click to collapse
Yeah android 2.1 is more EAS compliant and can actually do remote wipes if you ever lose your phone which is nice. I did this on my hero and it wacked everything off and would only boot into recovery. Thank god for nandroid.
Be advised that if you enter your password wrong 10 times, (provided that you are still using the built in android exchange support) it will format your phone as well.
I've got it backup, Just hate to have to unlock it all the time.
Wish they would let you use a pattern
networx2002 said:
I've got it backup, Just hate to have to unlock it all the time.
Wish they would let you use a pattern
Click to expand...
Click to collapse
I am in the same position as you. Delete your exchange account and use touchdown for your exchange mail. This way it doesnt require you to use a pin to use your phone except when accessing your exchange mail through touchdown
swornenemy said:
I am in the same position as you. Delete your exchange account and use touchdown for your exchange mail. This way it doesnt require you to use a pin to use your phone except when accessing your exchange mail through touchdown
Click to expand...
Click to collapse
i have never been able to get touchdown to work for me
Just thought I'd join this thread, as I was shocked to find the exchange password on 2.1 too. Personally I love the idea of password and secure wipe, but the problem is the keypad is so difficult to type passwords on it takes me forever to login. I prefer just using the sliding password. And lets face it if someone wants into your password protected phone all they need is a USB cable, laptop, and SDK and they can bypass it.
To this end I've been playing with a way to bypass the password and I have been somewhat successful. I am VERY new to this stuff I've been basically teaching myself as I go, so if there are any experts around with an interest please feel free to take this knowledge and run with it.
** DISCLAIMER ** I've no idea what this will do to your phone or your email so make sure you backup, i've had no problems with any of these settings and I've always been able to just delete the exchange account and readd it when there was a problem. That being said.. you've been warned, Backup. Also bypassing your companies pointless security measures may be dangerous and cause for termination.
To get started you'll need the SDK and working ADB. It appears all the exchange info is stored in a database file that you can read/edit with sqlite3. Here is what I've found so far:
adb shell (probably need root, not sure)
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
Optional sqlite3 settings to make reading easier:
.headers on
.mode column all
.width 2 40
There are two tables of interest here:
select * from secure;
select * from system;
The following update commands are what I used:
update secure set value=0 where name='DevicePasswordEnabled';
** This command will turn off the DevicePasswordEnabled and let you use a slide unlock pattern, but the password is still set from before.
update system set value=0 where name='lockscreen.lockexchange.enable';
** This command is the magic, I found out by watching logcat that when you unlock your phone it does an IF check on this variable and if it's set then it requires you to enter a password. Once this is set to 0 it skips the password and will ask for your slide unlock pattern instead. If you don't have an unlock pattern it will just jump to your home screen.
update secure set value=0 where name='MaxInactivityTimeDeviceLock';
** This one isn't too critical but I found it and thought I would share it. It basically removes the Exchange requirement for a idle timeout.. mine was set to 30 mins which was perfectly reasonable, but I removed it anyway.
Now once you run these update commands the changes are "done" no need to reboot or do anything special (don't even need to quit sqlite3) if you try to unlock your phone it might ask for a password the first time but enter it and lock the phone again. When you try to unlock it now the password has been removed. WOOOT!!
Now if you recall at the begining I mentioned that I've been "somewhat" successful, this fix appears to work perfectly and survives Mail client refreshes and reboots. BUT to my dismay every morning when I wake up and unlock my phone I'm presented with the same "You must enable security settings" msg from exchange. When you click OK it resets all the changes we made and we are back to square one and have to unlock it again.
I am guessing there is some type of refresh of the Exchange provisioning. I've not found how to disable this as of yet. I'm presently playing with the files located in /data/data/com.htc.android.mail/app_config it appears to store all the provisioning data in a file called eas_provision.prefs. I've just tried to change the two changes we made in this file in the hopes that perhaps it looks here to compare against the database settings and if it finds a difference it refresh, but I have my doubts.
Unfortunately I cannot test this until morning as I've found no way to replicate whatever causes the exchange security check.
My guess however is that the mail client itself is re-requesting the security settings.. if thats the case we'd have to either "decompile the mail cient" which I don't have the expertise to do. Another option might be to try using an older mail client (assuming this is where the check is).
I hope this helps some folks out there, please share comments and questions hopefully we can find a good solution. Remember my objective isn't to bypass the security completely but utilize the slide unlock which I feel is just as secure as the password (thought I am not certain if the wipe will happen with the slide unlock).
Good Luck
My employer is one of the paranoid companies that require the full password, so I'm also pretty interested in the answer. Changing values in the database show promise, but we'll need to see how this impacts what data is sent back to Exchange. For example, if I change the value to not requiring a lockscreen password, does Exchange know? If so, I get in trouble with Exchange admins, and they probably wipe my phone at their will. Ultimately, the device sends data back to Exchange, and the real solution is to find where the connection between Exchange and the lock screen is, and cut the cord.
For what it's worth, on the Pre this was handled in the lockscreen app and not anywhere near Exchange. The result was bypassing the lockscreen app altogether (return true; - elegant, right?), but that wouldn't meet the needs here of still having something. Once I get it reflashed with Damage's ROM tonight, I'll be playing with this.
And for the record - I'm also not trying to work around security policies enacted by my employer. This is purely for research and educational purposes.
say I wanted to go the other way, my Exchange server doesn't require a password but I want to use a pass... will following inverse instructions enable the policy?
networx2002 said:
Exchange/Password
Now with Android 2.1 it now makes me use a password word. Is there a way to bypass this as it is annoying, or maybe use a pattern instead?
With 1.5 i didn't have to use a password, but with 2.1 now i do.
Click to expand...
Click to collapse
My company has the security enforced on our Exchange server. Keyguard Disabler (look it up in Market) will do this, but it also disables the slide-to-unlock. You can toggle it on and off as you need it.
-Daryel
Ill have to try it.
Installed Keyguard Disabler from the market and it works great. Well worth the buck 50. Buggy when set to auto start on boot so I just put in the password once at boot and run the app. Completely bypassed the lock enforced by my exchange server.
Hell, I just logged into my Exchange server and disabled the pin requirement.....
tamburylar said:
Now if you recall at the begining I mentioned that I've been "somewhat" successful, this fix appears to work perfectly and survives Mail client refreshes and reboots. BUT to my dismay every morning when I wake up and unlock my phone I'm presented with the same "You must enable security settings" msg from exchange. When you click OK it resets all the changes we made and we are back to square one and have to unlock it again.
I am guessing there is some type of refresh of the Exchange provisioning. I've not found how to disable this as of yet. I'm presently playing with the files located in /data/data/com.htc.android.mail/app_config it appears to store all the provisioning data in a file called eas_provision.prefs. I've just tried to change the two changes we made in this file in the hopes that perhaps it looks here to compare against the database settings and if it finds a difference it refresh, but I have my doubts.
Unfortunately I cannot test this until morning as I've found no way to replicate whatever causes the exchange security check.
My guess however is that the mail client itself is re-requesting the security settings.. if thats the case we'd have to either "decompile the mail cient" which I don't have the expertise to do. Another option might be to try using an older mail client (assuming this is where the check is).
I hope this helps some folks out there, please share comments and questions hopefully we can find a good solution. Remember my objective isn't to bypass the security completely but utilize the slide unlock which I feel is just as secure as the password (thought I am not certain if the wipe will happen with the slide unlock).
Good Luck
Click to expand...
Click to collapse
I remember from the windows mobile days that most exchange servers automatically refresh the policies each night just after midnight. I used to have a program that ran every so many minutes that looked for that policy to be set and would unset it again. Maybe we can get a DEV here to write us a program that runs in the background on android that will chech and apply your changes above at some periodic amount of time. I would donate for it.
kranz68osu said:
I remember from the windows mobile days that most exchange servers automatically refresh the policies each night just after midnight. I used to have a program that ran every so many minutes that looked for that policy to be set and would unset it again. Maybe we can get a DEV here to write us a program that runs in the background on android that will chech and apply your changes above at some periodic amount of time. I would donate for it.
Click to expand...
Click to collapse
That would be nice
magic answer to fixing this password stuff
i had the same problem with my work email server, i tried touchdown, didnt like. here's th eanswer people, download lockbot, the free version , from the market. use it, and if your like me, you will have no problem.
damn it feels good to finally help and not be helped by these forums. lol. hope i tworks. post back
ukcatsfan said:
i had the same problem with my work email server, i tried touchdown, didnt like. here's th eanswer people, download lockbot, the free version , from the market. use it, and if your like me, you will have no problem.
damn it feels good to finally help and not be helped by these forums. lol. hope i tworks. post back
Click to expand...
Click to collapse
Downloading now
It works. Thanks
one happy hero user

[Q] Exchange email and disabling the device administrator

There have been ways to get around a corporate exchange device administrator for other devices. Anyone know what can be done on the xoom?
Since adding my exchange account, I now have a required lock screen code, and required display time out, and the possibility of a remote wipe.... Probably familiar to some of you.
The standard lock screen was so cool!!!!! Arrrrr
The techniques I've seen before included an app that disables the device admin, or an email.apk with the exchange security removed.
Mine did the same thing. Its a security setting that needs to be in place based on the Exchange server settings. My Droid X needs a lock code as well.
It is actually a good thing for me, due to the fact I keep work info on it. Frustrating but necessary.
Yes, I have the email.apk on my Captivate that bypasses this screen lock. THough it has other deficiencies like width problems in the email and the links in an email don't work. But getting the email and responding works fine. Maybe try out the email.apk for the phone and see how it looks. You can always revert. I think no matter what, you are going to have to get a hacked version to bypass the exchange permissions options that a corporate admin can impose. The guy that hacked the email.apk has a paid program that probably fixes all the bugs in his free app.. and I hear he is very good about refunding within the first 24 hours if the program doesn't work as expected. Might be something to try.
You are the reason the exchange admins at my workplace don't want to support android users.
If you're placing corporate information on your personal computer, you should secure it properly.
Sent from my PC36100 using XDA Premium App
Bauxite said:
You are the reason the exchange admins at my workplace don't want to support android users.
If you're placing corporate information on your personal computer, you should secure it properly.
Sent from my PC36100 using XDA Premium App
Click to expand...
Click to collapse
100% agreed. I did not know there was a way round this and if there is, I will not be supporting Android devices on our corporate network. I will continue to support it for private use but not corporate.
There is a way around everything. You can't just blame android. As admin you should randomly check devices to ensure the security measures are in place anyways. The users have to sign an agreement and if there a caught breaking the rules then the will suffer the consequences. Don't blame android because you too lazy to enforce your policies. You going blame windows when a user downloads torrents that contains malware?
Sent from my Xoom using XDA Premium App
Bauxite said:
You are the reason the exchange admins at my workplace don't want to support android users.
If you're placing corporate information on your personal computer, you should secure it properly.
Sent from my PC36100 using XDA Premium App
Click to expand...
Click to collapse
OK, Thanks!
Except I can add the exchange mail to my laptop and save the password. There is no enforcement of my Windows login, screen saver, or the possibility of my laptop being wiped. I don't think the device admin is a good fit for a tablet, whereas a phone is a little different.
You guys are supposed to back me up here.
What was the name of the email.apk and paid app for the Captivate?
Weird. Im using touchdown and it didnt make me enter a lock password
Pitnefor said:
Weird. Im using touchdown and it didnt make me enter a lock password
Click to expand...
Click to collapse
Depends on the server settings that your admin has setup.
Here is the 'less supported' email client apk.
http://forum.xda-developers.com/showthread.php?t=775007
His paid for program is called Enhanced Email.
https://market.android.com/details?id=com.qs.enhancedemail&feature=search_result
Here is his website with forum stuff.
http://quantumsolutions.us/forum/
As far as IT having issues with this because of android.. my last Windows phone didn't have any type of security to force a password. So I agree its not an Android issue. Plus, some people can use IMAP to get their corporate data which also doesn't impose security passwords. Not saying it is the right thing to do (get email without locking down the phone) or not, just saying it can be done and here is how. You guys are big boys and girls.. make your own decisions.
eaglecomm said:
As far as IT having issues with this because of android.. my last Windows phone didn't have any type of security to force a password. So I agree its not an Android issue.
Click to expand...
Click to collapse
Which Windows phone is that? All WM phones that support EAS (WM5 and later) supports exchange policies. Whether or not a password is required totally depends on your Exchange Server policy. WM phones also support email encryption policy which wasn't supported on iPhone until 3GS and never supported on any Android OS.
Plus, some people can use IMAP to get their corporate data which also doesn't impose security passwords. Not saying it is the right thing to do (get email without locking down the phone) or not, just saying it can be done and here is how. You guys are big boys and girls.. make your own decisions.
Click to expand...
Click to collapse
Any corporate that requires password and other security policies also disables IMAP and POP3 access to their exchange server.
Any incompetent corprate IT that left IMAP enabled probably also doesn't require any password policy either.
foxbat121 said:
Which Windows phone is that?
Click to expand...
Click to collapse
Tilt2
foxbat121 said:
Any corporate that requires password and other security policies also disables IMAP and POP3 access to their exchange server.
Any incompetent corprate IT that left IMAP enabled probably also doesn't require any password policy either.
Click to expand...
Click to collapse
It would seem your second statement here overrides your first. I am not here to debate what they SHOULD be doing. I am stating the current state (or what was the last time I tried IMAP).
Whether they are incompetent or not is not for me to decide. You all seem to have enough opinions of your own for me to worry about changing your minds.
How 'bout we get back on topic?
Security is in place for a reason. Incompetence on the part of your IT dept is one thing, but deliberately trying to circumvent an enforced policy just because you don't really like the look of a lock-screen is another. Should be an interesting meeting with HR when an unsecured device (via security circumvention) is lost with confidential company data.
Just because you can do something doesn't mean you should. So what if your admins weren't bright enough to disable IMAP/POP3 access, if they are enforcing mobile security, respect it.
In my experience, the same people that complain about security are the ones that lose their phones or laptops the most, and also stay silent when proper security measures save their butts from losing their jobs.
eaglecomm said:
Tilt2
Click to expand...
Click to collapse
Tilt2 definitely supports all the Exchange policy, all the way down to SD care encryption policy and domain enrollment policy. The fact is your 2-year old WM phone is actually much more secure at enterprise level than your fancy new Android system. This is one area that Android currently lacks.
I'm not saying the Tilt2 didn't support it... was just making the statement that it didn't have it on it because it wasn't forced. Hell, I didn't even know it was an option until I had to use an iPhone for a few months and it forced the lock screen.
And it had nothing to do with the way it looked. It has to do with everytime I want to use my phone, I had to enter in a code. There was no way to set it (that I could find) that it would only turn on the lock after being off for, say, 10 minutes. Which means if I hit the power button by accident. Locked. No matter what, as soon as the screen went black.. locked.
Anyways, I'm not looking to pick a fight.. just stating things. I figure it's a free world. Once people start enforcing every part of your life, it won't be. I am sure everyone on this forum has passed the speed limit in their car (and probably do a typical basis). Rule broken.. there for your safety.. yada yada yada. Do what you like.. hence why I moved to Android from apple.
eaglecomm said:
And it had nothing to do with the way it looked. It has to do with everytime I want to use my phone, I had to enter in a code. There was no way to set it (that I could find) that it would only turn on the lock after being off for, say, 10 minutes. Which means if I hit the power button by accident. Locked. No matter what, as soon as the screen went black.. locked.
Click to expand...
Click to collapse
That I have to agree. WM5.0 did the right way but starting from WM6.0, it basically locks the phone all the time whenever screen goes dark. Now Android 2.2 and later does the same thing. It seems to be some kind of security precaution.
Anyways, I'm not looking to pick a fight.. just stating things.
Click to expand...
Click to collapse
Not to pick a fight either. Simply correcting your misconception.
I figure it's a free world. Once people start enforcing every part of your life, it won't be. I am sure everyone on this forum has passed the speed limit in their car (and probably do a typical basis). Rule broken.. there for your safety.. yada yada yada. Do what you like.. hence why I moved to Android from apple.
Click to expand...
Click to collapse
No one is forcing anything upon you. You have the choice not to receive company emails. However, if you do elect to receive business emails, companies have the right to enforce whatever security measure it deems necessary. Company emails often contain a lot of sensitive information and even maybe trade secrects. If your phone is accidentally lost and without the proper protection, anyone could take advantage of those information stored on your phone. And if your company found out that the information leak is from you because you circumvented the security policy, you will be in deep trouble
iPhones before 3GS and most Android phones before 2.2 actually cheated a lot of the EAS security policy by falsify policy query reponse. Basically, if your exchange server has a policy to require support of email encryption on device, old iPhones running old iOS and a lot of Android phones running old Android will repond as 'YES, supported' but in reality they don't have such support at all. Apple fixed this after 3GS release (3GS and newer do support email encryption) and Google fixed it in Android 2.2 OS by correctly respond 'No, do not support such policy". A lot of big corporations do enforce email encrytions.
foxbat121 said:
Not to pick a fight either. Simply correcting your misconception.
Click to expand...
Click to collapse
No worries.. no misconception. I just stated my phone didn't have it. Which it didn't (in terms of forced security that was implemented). Likely a corporate decision, but it still didn't have it.. which is what I said.
foxbat121 said:
No one is forcing anything upon you. You have the choice
Click to expand...
Click to collapse
Agreed.. choice.. at least this far in life.. is ours.
I can understand the need for having security measures in place... by why the he77 would those permissions need to include the ability to wipe my device?
I'm rather disappointed to see how many of you are unhelpful in a forum full of people who do this exact same thing in various applications. To answer your question, I use Blue Mail to bypass this silly corporate requirement and I actually like it a lot better than Outlook. Its also free.

Help! Exchange connection only through office WiFi!

Anybody could please give me an advice about this strange issue we have with Android in our company recently?
Our configuration for Exchange worked for months perfectly on our Galaxy Tab and then on Galaxy Note with the new Exchange 2010 server and very recently probably the company IT installed a service pack or restricted the security policies.
The crazy result is that the standard mail client for Exchange on Galaxy Note (the same on the Tab) can connect and sync only if connected with the company WiFi
When connected through 3G or public WiFi they cannot connect to the Exchange server anymore! "Impossible to connect to the server" is the temporary message displayed by the device.
I tryed using the Aventail Connect client for Android (trying to simulate to be connected to the company network) but it doesn't work anyway
Connecting in the office makes the Exchange connection and sync (mail, calendar, contacts) working again!
I cannot ask our IT Department because in our company Android is not yet officially accepted neither supported and being a large company they could not make any exception and they would not listen to me, worst would claim to HR I'm not compliant with the company policies!!!!
Any advice?? Many thanks!
Best way is to befriend an IT person at your company & bribe them. That's what I tell to new hires when I'm introduced as their local IT support. While this doesn't fix your issue but it will be very helpful down the road.
RMXO said:
Best way is to befriend an IT person at your company & bribe them. That's what I tell to new hires when I'm introduced as their local IT support. While this doesn't fix your issue but it will be very helpful down the road.
Click to expand...
Click to collapse
My friend, these are wise words!
At the same time the HQ of our company is in the U.S. (with very rigid policies) and I am in Italy with difficulties in dealing in person with them... so I'm afraid that without a good hint from some guys here I cannot sort out my issue!
I can't search xda just now but in the SGSII forum there is an email app with exchange security disabled
You could try installing it. Hopefully it will display correctly on the Note.
Sent from my TITAN X310e using XDA Windows Phone 7 App
I have try it it works good, only some box and txt a little smaller on some place and not the "extended" landscape view that the note has, but works good. (also with the email widget)
the original thread
http://forum.xda-developers.com/showthread.php?t=1117452
have try the apk itself not yet try to apply the patch to our apk
jayGGjay said:
I have try it it works good, only some box and txt a little smaller on some place and not the "extended" landscape view that the note has, but works good. (also with the email widget)
the original thread
http://forum.xda-developers.com/showthread.php?t=1117452
have try the apk itself not yet try to apply the patch to our apk
Click to expand...
Click to collapse
Thanks nobnut and jayGGjay for your advice.
I don't think this could be my solution, simply because
1) to me is the access to the Exchange server that is not working, instead the modified client has "simply" the ability to skip the pin request, a typical client implication, not server wise
2) calendar and contacts are impacted by the same issue: they are not synchronized if I'm not on the local company WiFi! So even if I would sort out the mail, I would not be in sync with the rest of the Exchange resources
Basically the fact that all the Exchange/Outlook suite does not work makes me understand that this is not a matter of the mail.apk! Under the company WiFi all the suite is working perfectly, so I guess it's something related to the Exchange common access.
If it would be simple to try the alternative mail.apk I would give anyway a try, but it's complex and I'm not sure it's clear to me how to revert the patch if it is not working at 90% probabilities, ad I described above
Nobody knows Aventail Connect or NextExtender? I guess my solution would be there, having the stock mail.apk (and the rest of the suite) working under a VPN, so that Exchange server feels as it is working under the company WiFi
But, as I sayed, I cannot have NetExtender connected nor having mail.apk working through Aventail Connect (that works, "per se")
jayGGjay said:
I have try it it works good, only some box and txt a little smaller on some place and not the "extended" landscape view that the note has, but works good. (also with the email widget)
the original thread
http://forum.xda-developers.com/showthread.php?t=1117452
have try the apk itself not yet try to apply the patch to our apk
Click to expand...
Click to collapse
I have read and read again the thread and apparently it says this patch override all the security limitations vs Exchange, so it might make sense having a check, even if unfortunately the application seems to not become identical in terms of user interface....
anyway, if I would like to check it, does it mean that:
1) the patch has to be executed on a windows pc having the rooted Galaxy Note connected to it?
2) I guess the "restore.backup.cmd" should be one to revert the patch if not working, correct?
3) what the "QR Code" function is? Is that for a sort of signature to be created? If so, how should I apply that?
Sorry for the trivial questions, but I have not experiences in applying patches!
OK, some feedback
The patch itself did not work on my pc ( I am root and the patch give error "whoami suid 0") or somethings, so I have done it by hands (smali,Notepad++ basmali, and replace de classes.dex file) BUT IT DOES NOT WORKS with the note apk for some reason (have apply the 2 methods of security patch:
http://forum.xda-developers.com/showthread.php?p=14577188#post14577188
and
http://forum.xda-developers.com/showthread.php?t=1185749
The only time it has been working was if I replace my email.apk with this one from SGSII:
"Email.apk-SGS2-v2.3.5.exchange-policy-patch.zip"
Have a look for it.
But I seems that with the standard apk:
- even when configure in IMAP some policies still apply so no GO with some exchange server
- Your company (if no other imap client like thunderbird), has closed outside access to IMAP (only when you are connacted in the LAN or WIFI, it could works).
So 1st things is to know if imap works outside with some IMAP client wihout VPN, else no way it will works for your note wihout a VPN.
BTW: QR code is just a code that our phone can "capture/read" with info inside (a url or some contacts infos or such) in this case probably a DL link , You can read it with barcode scanner or shopsavvy or such free from market, so once you have one QR code reader in your phone you can just point it to the QRCode (your screen) and dl/open the link directly in your mobile (no need to send or connect a cable to transfert the apk in your phone)
EDIT: The patch 1.1 is workings but the is still missing stuff because even if it apply correctly now I still does not have my exchange server serving any email even in IMAP so .... The only way for now is to use the "Email.apk-SGS2-v2.3.5.exchange-policy-patch.zip"
jayGGjay said:
EDIT: The patch 1.1 is workings but the is still missing stuff because even if it apply correctly now I still does not have my exchange server serving any email even in IMAP so .... The only way for now is to use the "Email.apk-SGS2-v2.3.5.exchange-policy-patch.zip"
Click to expand...
Click to collapse
Thanks a lot for tests and your feedbacks!
Should I have a try with this version of the apk on my Note, what would be the process to install it? Should I use CWM? I have not yet installed it but I might do that, having rooted the phone and installed Mobile Odin, so I may have CWM
But sorry, I never used CWM to flash an apk part of the system!
And what about the reverse to the stock version if this doesn't work? Should I flash again all the stock firmware to get back a "clean" installation or could I back-up the official mail.apk and re-install it if this doesn't work in my case?
Last but not least, if you have tryed it on a Galaxy Note: how different is in terms of graphics and user interface this SGS2 version of the mail apk?
MANY THANKS!!
In addition to the tests on the the mail.apk, is anybody here expert about VPN in order to try with Aventail Connect or NetExtender to bypass the problem and so simulate the office WiFi environment?
As I said Aventail client connects with my company server but the mail doesn't pass thorugh it (how to correlate the two applications??) and NetExtender cannot connect
Any experience here?? Many thanks!
So 1st things is to know is, if IMAP clients (like Tunderbird or Outlook or such from your computer at home for ex.) works outside without VPN, else no way it will works for your note without a VPN once you are outside your Office WIFI. (Your office have probably block outside access to the server)
For the SGS II email.apk, not sure which thread it was ... Find it a few weeks ago here on xda.
But I have attach it here some you and other can use it/have a look if needed.
To install, here are just 2 ways to do it :
A) use a soft like RootExplorer or Root Browser (free and from an xda user) to:
1. go to /system/app/ and mount r/w
2. Backup Email.apk - Rename it to Email.apkBAK
3. Copy the Email.apk attached to the /system/app
4. VERIFY PERMISSIONS (DUPLICATE THE SAME AS ORIGINAL)
5. Mount system r/o
OPTIONNAL DEPEND ON WICH KIND OF APK REPLACE
6. Reboot and clear cache
7. Clear Dalvik-cache in case 6. was not enough
If any thing happens or you want to you can rename to SGS Email.apk to Email.apkSGS and put back your original Email.apkBak to Email.apk
B) with adb through a shell with command line and usb mode debug enable from your computer .... But if you have to ask your are better with A)
Good luck
jayGGjay said:
So 1st things is to know is, if IMAP clients (like Tunderbird or Outlook or such from your computer at home for ex.) works outside without VPN, else no way it will works for your note without a VPN once you are outside your Office WIFI. (Your office have probably block outside access to the server)
Click to expand...
Click to collapse
Well the strange thing is that using an i-Phone/i-Pad or my old Windows Mobile 6.5 we can still access the Exchange Server outside the office net! Both of them use the Activesync protocol.
I don't understand why you talk of IMAP client, because Outlook does not use IMAP with Exchange, as far as I know, and instead uses a Microsoft proprietary protocol.
From a mobile device, the protocol used is Activesync, quite different by IMAP and strange thing is that, I repeat, the i-OS and Windows Mobile versions are working perfectly also outside the office WiFi.
So apparently Android does not implement the same type of Activesync security profile that i-OS implements. My bypass (to avoid to change the mail.apk) was to use a VPN, but I couldn't take to work properly the ones I tested, mentioned above (Aventail Connect and NetExtender). Don't you know how to configure those? If we knew, I guess I could avoid changing the mail.apk
OK, you can connect to exchange server a few different ways, ActiveSync or IMAP ... , here the issue, with exchange with both IMAP or ActiveSync, exchange enforce security policies from your devices. Android has been at first a bite behind with those proprietary things of MS (that why IT did not "support" officially android for email at first). In recent device/android wanting to be able to say they are corporate phone, they have enforce and verify if your devices comply (for ex.: it will only works outside if your device as a PIN/Password unlock compliant with your password security from what they have enforce, and/or if they can remotly wipe the device or such).
And if Win Mobile and I-OS (works now, at one time it wasn't), if for Win it is a windows product so if their proprietary Win could not handle their proprietary exchange protocole and things .... Anyway try the SGS II apk posted and see if it works first. My old exchange 2003 server that is only open for outside access without VPN for IMAP is also enforcing thoses security (with my other/old android Motora Milestone is was OK with Note stock KO)
BTW: Outlook can connect to email server through Exchange, IMAP or POP - just like our phone (depending what have been enable/open in the server side)

[MobileIron] Using Android where only iOS supported?

Hi
I am due to move on from my trusty old iPhone 4 to a new Android.
I currently have access to corporate email on my phone via MobileIron.
I very much want to get an Android phone, but IT doesn't support Android. Apparently when testing, the email client (didn't say which one) did not render HTML properly. They are now 'testing' compatibility with Android, but this is on the backburner.
There's no way to argue with IT, as they are not going to change their policy (I work in a large company with bureaucracy).
My iPhone is jailbroken and I use xcon to trick MobileIron into thinking I'm not.
Is there any way of getting MobileIron to work on an Android phone? For example, tricking the client into saying I'm on iOS, or perhaps loading the MobileIron app and just calling IT to activate my phone and tell them that it's an iPhone?
I ONLY want email, nothing else. Perhaps that makes it a little easier for me to just connect despite being on Android?

One Plus 6 and Android for Work

I wanted to use my brand spanking new One Plus 6 for access to work email. To do this, I had to go through a setup process through which I get access to my employer's enterprise G-Suite. As part of this process, I had to;
Download mobileron and register my details with our BYOD server
Mobileiron installs the various work versions of G-Suite as well as the digital certificates I need
To finish, I have to create a VPN, using Pulse Secure, as it sets up the initial handshake with my office network
Once the VPN handshake has completed, I use Gmail to select my work email address and hey presto.
However, when I get to the VPN bit, I receive the message "Pulse Secure needs to initialize its access to Android's Credential Storage. To proceed, please allow the selected certificate on the next screen."
When I click on "OK", something tries to load and then craps out. Are there any known issues with OP6 restricting access to the Certificate Store? Any help would be much appreciated. For further info, the exact same process works for my Pixel C. Looking about the only difference I can see is the Kernel used by OP6 (Ubuntu) and Pixel C and I am wondering if the certificate stores for each are in different locations.
Any help/insight much appreciated as it's ruining an otherwise great phone.

Categories

Resources