Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 938
  • Last Modified:

Have to unlock cell phone after it goes to sleep

SBS 2008 using a self-signed certificate. I have 3 users with HTC phones (different carriers)running Windows Mobile 6.1. I installed the certificate on each phone and they are able to access/sync to the Exchange server.

The problem is - now when the phone goes to sleep, you have to enter the Exchange password to unlock the phone.

The users don't want to have to unlock the phones each time it goes to sleep. How can I remove this requirement?

Thanks.
0
notacomputergeek
Asked:
notacomputergeek
  • 10
  • 7
1 Solution
 
Alan HardistyCommented:
Which HTC handsets do you have?

I have the same issue with the HD2 and it is a bug that HTC are 'looking into'.

This is the first HTC handset that I have seen with this problem and it may not affect the HD2 alone.
0
 
notacomputergeekAuthor Commented:
(1) is Verizon Incredible
(2) are US Cellular Desire
0
 
Alan HardistyCommented:
You should be able to set the inactivity timeout on the handset assuming it does not ignore the setting like mine does : |

Start, settings, Lock, "Prompt if phone unused for" - set to x hours e.g., 2 hours, 12 hours etc
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
notacomputergeekAuthor Commented:
Wouldn't this wear down the battery faster?

Thanks for the work-around, but I'm still hoping to find a solution.

Would purchasing a SSL Certificate make a difference?
0
 
Alan HardistyCommented:
You can remove the facility to require a password from Exchange via the Activesync policy, but this then means you can't remote wipe it if it gets lost.

You can set the interval between times the password is prompted as described above, and this won't effect the battery as there is the turn off device timeout and the prompt for PIN timeout.  They are completely different.

If you set the device timeout period to 2 minutes, the phone will switch off after 2 minutes, then when you switch it on, you should not be asked for the Exchange PIN.  If you set the Prompt for PIN timeout to 2 hours, then only if the device is left unused for 2 hours should you get asked for the Exchange PIN.
0
 
Alan HardistyCommented:
An SSL certificate would not make any difference.
0
 
notacomputergeekAuthor Commented:
If I decided to change the Activesync policy, can you give me more specific steps to do that?

Thanks for the further explanation regarding the phone settings.
0
 
Alan HardistyCommented:
Sure - the Policy settings can be changed in Exchange Management Console> Organization Configuration> Client Access> Exchange Activesync Mailbox Policies
On the Password tab you can either require or not require a password (plus other password settings) - recommendation is to require a password.
The other tabs contro the default settings for Activesync, so if you set a setting, this will be picked up as default e.g., Sync Settings Tab> nclude Past Calendar Items.  If you set this to Two weeks - this is all the phones will be able to sync, because they won't see any other choices.
You can setup multiple Activesync Policies with different settings and then assign one Activesync Policy to one group of users and then another Activesync Policy to another group of users.  It is totally flexible.
0
 
notacomputergeekAuthor Commented:
"If you set the device timeout period to 2 minutes, the phone will switch off after 2 minutes, then when you switch it on, you should not be asked for the Exchange PIN.  If you set the Prompt for PIN timeout to 2 hours, then only if the device is left unused for 2 hours should you get asked for the Exchange PIN."

I want to be clear about this. What it's prompting the user for on the phone is their AD password. Is that what you're referring to as the PIN?
0
 
Alan HardistyCommented:
Ah - they should not be prompted for their AD password.  It should remember the password.
You would be better off with a 3rd party SAN / UCC SSL certificate and this should get rid of the AD password requirement.
I have an Exchange 2010 server and a 3rd Party SSL cert (from GoDaddy) and I never get asked for my AD password.  I just get asked for the 4-digit PIN EVERY TIME I TURN MY PHONE ON!!!!!!!  Still waiting for HTC to fix that particular bug : #
0
 
notacomputergeekAuthor Commented:
"On the Password tab you can either require or not require a password (plus other password settings) - recommendation is to require a password."

This setting doesn't effect OWA users at all does it? Isn't it just for mobile devices?
0
 
Alan HardistyCommented:
No - no effect on OWA at all - purely for Activesync and nothing else.
0
 
notacomputergeekAuthor Commented:
After I change the Password setting in Exchange, do I need to restart anything for it to take effect?
0
 
Alan HardistyCommented:
No - it should take immediate effect but a restart of the Transport Service won't hurt.
0
 
notacomputergeekAuthor Commented:
alanhardisty: Thanks for all your help. After unchecking the password option, the user had to delete/re-add the Exchange account on the phone. It hasn't asked for the password after that.

Good luck on your PIN problem.
0
 
Alan HardistyCommented:
You are welcome.  Glad it has stopped prompting you, but please make sure you can remote wipe the phone via OWA should the device / other devices get lost.  As far as I am aware, you won't be able to.Looking forward to my fix, as and when!
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 10
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now