[Q] Exchange email and disabling the device administrator

[lightlytoasted]

There have been ways to get around a corporate exchange device administrator for other devices. Anyone know what can be done on the xoom?
Since adding my exchange account, I now have a required lock screen code, and required display time out, and the possibility of a remote wipe.... Probably familiar to some of you.

The standard lock screen was so cool!!!!! Arrrrr

The techniques I've seen before included an app that disables the device admin, or an email.apk with the exchange security removed.

 

[Procinctu]

Mine did the same thing. Its a security setting that needs to be in place based on the Exchange server settings. My Droid X needs a lock code as well.

It is actually a good thing for me, due to the fact I keep work info on it. Frustrating but necessary.

 

[eaglecomm]

Yes, I have the email.apk on my Captivate that bypasses this screen lock. THough it has other deficiencies like width problems in the email and the links in an email don't work. But getting the email and responding works fine. Maybe try out the email.apk for the phone and see how it looks. You can always revert. I think no matter what, you are going to have to get a hacked version to bypass the exchange permissions options that a corporate admin can impose. The guy that hacked the email.apk has a paid program that probably fixes all the bugs in his free app.. and I hear he is very good about refunding within the first 24 hours if the program doesn't work as expected. Might be something to try.

 

[Bauxite]

You are the reason the exchange admins at my workplace don't want to support android users.

If you're placing corporate information on your personal computer, you should secure it properly.

Sent from my PC36100 using XDA Premium App

 

[burden010]

You are the reason the exchange admins at my workplace don't want to support android users.

If you're placing corporate information on your personal computer, you should secure it properly.

Sent from my PC36100 using XDA Premium App

100% agreed. I did not know there was a way round this and if there is, I will not be supporting Android devices on our corporate network. I will continue to support it for private use but not corporate.

 

[DroidzFX]

There is a way around everything. You can't just blame android. As admin you should randomly check devices to ensure the security measures are in place anyways. The users have to sign an agreement and if there a caught breaking the rules then the will suffer the consequences. Don't blame android because you too lazy to enforce your policies. You going blame windows when a user downloads torrents that contains malware?

Sent from my Xoom using XDA Premium App

 

[lightlytoasted]

You are the reason the exchange admins at my workplace don't want to support android users.

If you're placing corporate information on your personal computer, you should secure it properly.

Sent from my PC36100 using XDA Premium App

OK, Thanks!

Except I can add the exchange mail to my laptop and save the password. There is no enforcement of my Windows login, screen saver, or the possibility of my laptop being wiped. I don't think the device admin is a good fit for a tablet, whereas a phone is a little different.

You guys are supposed to back me up here.

What was the name of the email.apk and paid app for the Captivate?

 

[Pitnefor]

Weird. Im using touchdown and it didnt make me enter a lock password

 

[bogatyr]

Weird. Im using touchdown and it didnt make me enter a lock password

Depends on the server settings that your admin has setup.

 

[eaglecomm]

Here is the 'less supported' email client apk.
http://forum.xda-developers.com/showthread.php?t=775007

His paid for program is called Enhanced Email.
https://market.android.com/details?id=com.qs.enhancedemail&feature=search_result

Here is his website with forum stuff.
http://quantumsolutions.us/forum/

As far as IT having issues with this because of android.. my last Windows phone didn't have any type of security to force a password. So I agree its not an Android issue. Plus, some people can use IMAP to get their corporate data which also doesn't impose security passwords. Not saying it is the right thing to do (get email without locking down the phone) or not, just saying it can be done and here is how. You guys are big boys and girls.. make your own decisions.

 

[foxbat121]

As far as IT having issues with this because of android.. my last Windows phone didn't have any type of security to force a password. So I agree its not an Android issue.

Which Windows phone is that? All WM phones that support EAS (WM5 and later) supports exchange policies. Whether or not a password is required totally depends on your Exchange Server policy. WM phones also support email encryption policy which wasn't supported on iPhone until 3GS and never supported on any Android OS.

Plus, some people can use IMAP to get their corporate data which also doesn't impose security passwords. Not saying it is the right thing to do (get email without locking down the phone) or not, just saying it can be done and here is how. You guys are big boys and girls.. make your own decisions.

Any corporate that requires password and other security policies also disables IMAP and POP3 access to their exchange server.

Any incompetent corprate IT that left IMAP enabled probably also doesn't require any password policy either.

 

[eaglecomm]

Which Windows phone is that?

Tilt2

Any corporate that requires password and other security policies also disables IMAP and POP3 access to their exchange server.

Any incompetent corprate IT that left IMAP enabled probably also doesn't require any password policy either.

It would seem your second statement here overrides your first. I am not here to debate what they SHOULD be doing. I am stating the current state (or what was the last time I tried IMAP).

Whether they are incompetent or not is not for me to decide. You all seem to have enough opinions of your own for me to worry about changing your minds.

How 'bout we get back on topic?

 

[khov07]

Security is in place for a reason. Incompetence on the part of your IT dept is one thing, but deliberately trying to circumvent an enforced policy just because you don't really like the look of a lock-screen is another. Should be an interesting meeting with HR when an unsecured device (via security circumvention) is lost with confidential company data.

Just because you can do something doesn't mean you should. So what if your admins weren't bright enough to disable IMAP/POP3 access, if they are enforcing mobile security, respect it.

In my experience, the same people that complain about security are the ones that lose their phones or laptops the most, and also stay silent when proper security measures save their butts from losing their jobs.

 

[foxbat121]

Tilt2

Tilt2 definitely supports all the Exchange policy, all the way down to SD care encryption policy and domain enrollment policy. The fact is your 2-year old WM phone is actually much more secure at enterprise level than your fancy new Android system. This is one area that Android currently lacks.

 

[eaglecomm]

I'm not saying the Tilt2 didn't support it... was just making the statement that it didn't have it on it because it wasn't forced. Hell, I didn't even know it was an option until I had to use an iPhone for a few months and it forced the lock screen.

And it had nothing to do with the way it looked. It has to do with everytime I want to use my phone, I had to enter in a code. There was no way to set it (that I could find) that it would only turn on the lock after being off for, say, 10 minutes. Which means if I hit the power button by accident. Locked. No matter what, as soon as the screen went black.. locked.

Anyways, I'm not looking to pick a fight.. just stating things. I figure it's a free world. Once people start enforcing every part of your life, it won't be. I am sure everyone on this forum has passed the speed limit in their car (and probably do a typical basis). Rule broken.. there for your safety.. yada yada yada. Do what you like.. hence why I moved to Android from apple.

 

[foxbat121]

And it had nothing to do with the way it looked. It has to do with everytime I want to use my phone, I had to enter in a code. There was no way to set it (that I could find) that it would only turn on the lock after being off for, say, 10 minutes. Which means if I hit the power button by accident. Locked. No matter what, as soon as the screen went black.. locked.

That I have to agree. WM5.0 did the right way but starting from WM6.0, it basically locks the phone all the time whenever screen goes dark. Now Android 2.2 and later does the same thing. It seems to be some kind of security precaution.

Anyways, I'm not looking to pick a fight.. just stating things.

Not to pick a fight either. Simply correcting your misconception.

I figure it's a free world. Once people start enforcing every part of your life, it won't be. I am sure everyone on this forum has passed the speed limit in their car (and probably do a typical basis). Rule broken.. there for your safety.. yada yada yada. Do what you like.. hence why I moved to Android from apple.

No one is forcing anything upon you. You have the choice not to receive company emails. However, if you do elect to receive business emails, companies have the right to enforce whatever security measure it deems necessary. Company emails often contain a lot of sensitive information and even maybe trade secrects. If your phone is accidentally lost and without the proper protection, anyone could take advantage of those information stored on your phone. And if your company found out that the information leak is from you because you circumvented the security policy, you will be in deep trouble

iPhones before 3GS and most Android phones before 2.2 actually cheated a lot of the EAS security policy by falsify policy query reponse. Basically, if your exchange server has a policy to require support of email encryption on device, old iPhones running old iOS and a lot of Android phones running old Android will repond as 'YES, supported' but in reality they don't have such support at all. Apple fixed this after 3GS release (3GS and newer do support email encryption) and Google fixed it in Android 2.2 OS by correctly respond 'No, do not support such policy". A lot of big corporations do enforce email encrytions.

 

[eaglecomm]

Not to pick a fight either. Simply correcting your misconception.

No worries.. no misconception. I just stated my phone didn't have it. Which it didn't (in terms of forced security that was implemented). Likely a corporate decision, but it still didn't have it.. which is what I said.

No one is forcing anything upon you. You have the choice

Agreed.. choice.. at least this far in life.. is ours.

 

[kevp75]

I can understand the need for having security measures in place... by why the he77 would those permissions need to include the ability to wipe my device?

 

[bullman619]

I'm rather disappointed to see how many of you are unhelpful in a forum full of people who do this exact same thing in various applications. To answer your question, I use Blue Mail to bypass this silly corporate requirement and I actually like it a lot better than Outlook. Its also free.