Is there a way to keep iPhone,iPad and Driod password in sync

Posted on 2011-09-22
Last Modified: 2013-11-05
I have ActiveSync infrastructure in place in my current environment.
With our AD password policy set for users to change their password every 60 days this presents a minor issue for users using iPhone's, iPad's or Driod's connecting via EAS since they then need to manually change it.
We give the users a tutorial and the heads up that they will need to change the EAS password when they change it for their computer, but it goes in one ear and out the other.  So we get the calls saying "My email is not working" or "My email is not showing up on my phone".

So is there a way to use my CA to issue certs for these devices and use it for authentication?

Question by:yo_bee
  • 4
  • 2
LVL 12

Accepted Solution

Deepu Chowdary earned 250 total points
ID: 36584797
The issue is not about CA, its about logging in using our personal passwords..

Hmm AFAIK there is no CA for password issues.

You have to disable these 60 days option.
LVL 21

Author Comment

ID: 36584821
I guess then the helpdesk deals with this.
Thanks for you input and I felt that was going to be the answer.

Assisted Solution

Reubenwelsh earned 250 total points
ID: 36585272
I have troubleshooted this problem in the past, it is just as Exchange9 says, there is no solution for this currently.
Really you have the same issue with everything that saves your password, it just isnt safe (and there isnt really any point) for your password to be replicated out to the phone.

The only option i can imagine for the future is if you in the future connect your phones to the domain and have passthrough authentication. Sadly with this option you would need to enforce stong passwords on phones instead of 4digit pins... maybe in the future with retina scanners or somthing like that though.
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users should you!

LVL 21

Author Comment

ID: 36707750
I've requested that this question be deleted for the following reason:

No answer to the question other than It can not be done.

Expert Comment

ID: 36707751
The question is if it can be done, which has been answered multiple times. Not how to do it.
LVL 21

Author Comment

ID: 36898550
I've requested that this question be deleted for the following reason:

No solution
LVL 21

Author Closing Comment

ID: 36919448
I still find it hard to believe that Certificate authenication cannot be used for EAS.

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now