Think shoulder pads and referees. Your players know how the game works but need a way to play it safe and in accordance with the rules. Are you doing your part to uphold a safety net for your mobile devices and their users? Use this forum to ask questions and discuss your end-user security & compliance strategy.
Currently, there are:
27939 Views | 7 Replies
Share your thoughts with us,
and get involved!
We are seeing some issues with users updating their Exchange passwords. In a few instances, users have complained that after changing their network password (after it has expired) that they are unable to update it on their phone.
For example, User A's password expired. She changed her password on her PC. Her iPhone, which is managed through Maas360 and ActiveSync prompted her to enter her Exchange password. Upon entering the password, it told her it was incorrect. Multiple attempts failed as well. After verifying the password was correct, I attempted to enter it. It still did not work.
I then hit "Cancel" instead of trying to enter the new password. I had to do this numerous times before the pop-up would stop presenting itself. I was then able to go into Settings - Mail, Contacts, Calendars - Account and enter the new password there. This worked.
My biggest issue is that it needs to be easy for the user to change their password. Having to go through this process is too cumbersome. This exact scenario has played out at least 4 times now. However, we have had users who when presented with the new password prompt, were able to change it without issue. But we have also had users who said they were never prompted for a new password days after changing it on their PC.
Is this a known issue with ActiveSync and/or Maas360? Is there something we can do to fix this?
Thanks in advance.
Hi - this is an issue related to Active Sync. MaaS360 only delivers the mail profile information to the device. The device itself maintains communication with the Exchange Server for any other activities, mail delivery, domain password changes, etc. If you could provide your version of Exchange, I can do some additional research in terms of the configurable settings. I have read a number of articles that reference a return code of HTTP 403 instead of HTTP 500 which then prompts the user for and accepts the new password. This article was referenced, although not sure it matches with your environment:
Let me know and we can see how we can help.
We are running Exchange 2010 (Version: 14.01.0323.003). Had this happen again today where a user who changed her network password on her PC was then prompted on her iPhone, only for it to not accept the new password. Only after canceling the prompt and manually changing in Settings, did the password take. So, it seems that entering it on the device works, but only in Settings and not by using the pop-up prompt. To me that would seem like a MaaS360 issue...but I will trust what you are saying.
Thanks for the details. I have some feelers out to my Exchange contacts for some further assistance on this one and will keep this article updated with anything I find. Even without MaaS360 managing the mail profile on the device, the user would run into this prompting issue as its the Exchange server or firewall, ISA, etc in front of the Exchange server causing the improper response to be sent back. The workarounds I have seen online in general for this is to use the method you indicated by going into Settings -> Mail, Contacts and Calendars and selecting the Exchange account to update the password.
Ill keep you posted with any new information I find.
Is it possible that the ActiveSync policy for Passwords not being set could be causing this? For example, in our Default ActiveSync Policy, the "Require Password" check box is not selected. This of course is disabling the entire subset of password policies. Since we are controlling the password policy through Maas360, we left this turned off.
Is it possible that our issues are because there is no Password policy set in ActiveSync? Should we have this policy turned on if we are controlling passwords through Maas360?
I guess I never looked to see if there were ActiveSync Policy best practices when we set up Maas360.
Hello - we certainly do suggest if you are using the ios/android policies to require a passwords on the devices that you do the same in your active sync policy to make sure you are account for Windows, Palm or other active sync devices. Either way, if you have a policy that requires a password, active sync will not allow mail to be configured unless the device password is set. The password settings in MaaS360 policies are just for the device and not for Active Sync.
Hi, We are running into the same problem. Has there been a better work around to this issue? We had a user that was prompted multiple times and after continuously cancelling the prompt it allowed us to go to Settings and Mail, Contacts, Calendars however, it won't allow us to enter the user's full password (stops at around 10 characters). We finally fixed the problem by changing the user's password again and then immediately change the password from settings. -Thanks, Geoffrey
This issue has shown up on some of our iPads which were using ActivSync to obtain mail from our Exchange 2007 server. The issue lies within the iOS device apparently since MaaS360 wasn't installed yet.
If you get caught in a constant-prompting loop and can't get past it, force reset the device (hold down the sleep button and home button at the same time until the device reboots). When it comes back up, go directly in to settings and put the proper password in there. Hopefully Apple or Microsoft fix this at some point.
api application security app security bring your own device byod certificates device security doc security document security email security enterprise mobility management identity certs mdm mobile security network security passcode ports firewall dmz perimeter reports security sim change notification cellular data webcast webinar web services windows phone windows phone 7.5
MaaS360 MaaS360 by IBM
How vulnerable are financial institutions to cyber attacks? Very. ibm.co/1ClNcrf via IBM Security Intelligence
MaaS360 MaaS360 by IBM
Three Reasons to Be Concerned About 'Anonymity' Apps ibm.co/1L4Uio6
MaaS360 MaaS360 by IBM
On the blog: Unifying Windows Ecosystem Management with MaaS360 bit.ly/1y4zpVH