8 Replies Latest reply: Jun 5, 2009 4:30 AM by Allan Sampson
Bryan Debnam Level 1 Level 1 (20 points)
A hand full of IPhone users were initally allowed on our Active Exchange Sync server. Now one of these users phone is one failure away from "remote wipe". The user does not want to lose personal data, which has now been mingled in with corporate information. I have Iphone users asking for access to corporate mail on a daily basis. In part due to the brillaint marketing caampain surronding the iphone and its stunning features. Although we have felt a lot of pressure to roll Active Exchange Syn out to these end users We simply can not allow for this until there is a sound way to recover from lock outs. I would perfer suggestions that are covered under warranty and supported by Apple and thier EULA.

Iphone 3G, Mac OS X (10.5.6)
  • Allan Sampson Level 10 Level 10 (123,370 points)
    A user has a passcode lock enabled on their iPhone which has been forgotten?

    If so, is this iPhone also synced with iTunes on the user's computer for iTunes content and for photos transferred from the user's computer to the iPhone?
  • Bryan Debnam Level 1 Level 1 (20 points)
    In order to use our Active Exchange Sync we have a policy which enforces password protection and remote wipe. Some users tend to forget the passwords they pick. The Scary thing is some of my user base has confessed to not even using Itunes sync on their phones at all. They manually type contacts into the device and that's it. I guess folks less familar with smart phones are not apt to sync them at time. I try to educate folks on Itunes Sync whenever I have the chance.

    When dealing with non-corporate phones there are a lot of variables involved that make the lack of a back door problematic. It would be nice to have the ability to push a new OS password from Active Exchange Sync. A reset if you will. No matter what waivers or disclaimers it only takes one Executive to have a problem with his phone to leave sour taste in ones mouth.

    Also,
    At one point after forcing stronger passwords Active Exchange Sync seemingly corrupted my phone and another co-workers in IT during testing (6 or more passwords). I restored my phone and it worked for a few days then seemingly got corrupted again.
  • Allan Sampson Level 10 Level 10 (123,370 points)
    You want the ability to reset the passcode for a user who is too stupid to remember their 4 digit passcode without doing a remote wipe?
  • Bryan Debnam Level 1 Level 1 (20 points)
    Have you noticed that when enabling strong passwords Alpha Numeric keys pop up? I am not sure if you are in IT or not, but people botch strong passwords on a daily basis. I bet if Steve Jobs botches his password his help desk does not call him stupid. If my CEO botches his password I promptly reset it and say have a nice day “sir”. If you stop and think about it I am sure there are plenty of other reasons for this kind of feature in Corporate America. Perhaps an employee is terminated and a boss needs business information off of his phone. I believe you need a password to sync the device in that scenario? Or back to my original statement where the password gets corrupted by Exchange Active Sync and your CEO wants his phone recovered. Apple is advertising the IPhone as a Corporate level products so I am just asking for advise on enabling a feature that is readily available on other smart phone. The reason for posing the question is the overwhelming about of my users who wish to use corporate email on the IPhone. I am not sure why you are concerned with the reasoning behind my post to be honest.
  • Allan Sampson Level 10 Level 10 (123,370 points)
    I'm still not sure what your question is to be honest - along with all the other non-pertinent information included. Just ask your question. My questions have nothing to do with being concerned about the reasoning behind your post, which I couldn't care less about.

    Is this in regards to the iPhone's passcode lock feature, which is a 4 digit with numbers only passcode and wanting to reset this passcode remotely without having to do a remote wipe of the iPhone?

    If so, this is a 2 sentence question at most.
  • Bryan Debnam Level 1 Level 1 (20 points)
    Assuming the user the user account is enabled and the Iphone is setup properly an administrator can enforce password length (greater than 4 digits - 6 in our testing), choose aplha numeric options (seemingly non-functional), plus enable remote wipe and number of failed attempts. The phone inherits these properties when it authenticates to the Exchange Server. So if a phone is locked out it will not authenticate to server and receive new password. I can do this with Blackberry Enterprise Server and I am not interested in debating it's usefulness. I am simply looking for a similar function for the Iphone. Then the powers at be will allow the Iphone on our Active Exchange Server and the towns folk will rejoice.

    So Ideally I would an Active Sync add on/feature that can:
    1. Use Active Sync to change password complexity
    2. Set a default OS password (1234),
    3. Force the user to change their password at login.
    4. Re-apply password complexity as needed.

    OR:
    be pointed to a tool that could do the same on an individual Iphone which is not a Jailbreak or a breach of Apples ELUA.
  • roosterswife89 Level 1 Level 1 (0 points)
    I'm not stupid, and I didn't actually forget my passcode, but for some reason it will not accept the code I use everyday. I had actually turned the setting off the other day but when I went to retrieve a text earlier today it asked for a password and as I stated, it was "wrong". I have tried resetting, a hard reset, and want to try a restore but for some reason itunes will not recognize that the phone is plugged in. Please help!
  • Allan Sampson Level 10 Level 10 (123,370 points)
    What is the difference between resetting and a hard reset?

    http://support.apple.com/kb/TS1495