LinkBack URL
About LinkBacks- 11-12-2012, 10:59 AM
#1
Anyone connecting their WP8 to a corporate Exchange environment? Looks like there is one major issue I have found. My company enforces "Require encryption on device" and "Require encryption on storage card". The device encryption works great though it requires that you are logged into a Microsoft Live account which we all are anyway.
The problem is with the storage card option. WP8 seems to not support this option at all. This testing was done on a Nokia 920 which doesn't even have a storage card option. Has anyone tested with a Nokia 820 or HTC?
BTW, this same issue is also affecting the Microsoft Surface which does have a storage card option. This is a huge issue since my company might not be able to allow any Windows phones to connect to ActiveSync. I am sure a lot of other companies use this exact same policy and could really damage WP8 ability to be used by large companies. - 11-22-2012, 07:49 AM #2
I have an 8X by HTC and I am running into a problem with EAS Policies as well. I am on an Exchange 2010 server/Active Sync 14.
I have only found info on what policies WP7 supports. Can't find anything for WP8 yet. I believe WP8 supports "device encryption" which WP7 could not. I'm leaning towards the policy "require encryption on storage card". I've also read that it could be the number of number of emails it allows to be set on the device. There was a user who reported once they changed it to "unlimited" their WP8 was able to apply EAS policies.
I'll be able to look into these more when I'm back at work on Monday. Until then...enjoy your Thanksgiving! - 11-22-2012, 11:40 AM #3
I'm not having any problems syncing with my Exchange 2010 server, although we don't use the encryption policies. Just a passcode requirement and that works fine.
- 11-22-2012, 05:50 PM #5
I am returning my 920 because I have ran into the same issue. How could they miss this?
- 11-22-2012, 08:22 PM #6
I connect to my corporate exchange server for Outlook mail and I've had no problems at all. I don't know about the encryption requirements though. But I am friendly with the IT guys at work so I can ask them for details.
- 11-23-2012, 01:14 AM #7it's designed that way, so unless your company turns that storage card option off, you are out of luck, like me.... It sucks so bad because Lumia 920 doesn't have a card slot, and that server is a ms product...
Originally Posted by rkgriffin 
- 11-23-2012, 07:30 AM #8
The SD card in WP8 is read-only. It can't be encrypted because it can't be written to. Likewise, since it can't be written to, it can't be a means of moving unencrypted corporate content off of the device. See Writing to SD card in WP8 for confirmation from Microsoft.
I realize that this probably doesn't help you, but it might convince your IT security guys. - 11-23-2012, 09:23 AM #9
...fi that's the case, how does my 820 write pictures to the SD card? Why are there options in the "phone storage" settings to put pictures, music, and videos on the SD card?
- 11-23-2012, 09:33 AM #10Wp8 can write to SD card, but msft doesn't provide that functionality to developers..... Originally Posted by manicottiK
- 11-24-2012, 07:41 AM #11You have a phone with an SD card like the 820 OR your requirements may only be to have a PIN on the phone. Originally Posted by socialcarpet
The 8X and 920 do not have SD cards. It can't be encrypted because it doesn't exist. The issue is that the response from WP8 on these phones without SD cards might be FALSE instead of TRUE to allow the EAS policy to be applied correctly. Originally Posted by manicottiK
You also have an 820 so you could apply the policy to encrypt your SD card if that was one of the requirements. But I can't say for sure since you say your only requirement is a PIN. There might be another policy (ies) that aren't being applied correctly in environments where additional policies are required. Originally Posted by iamtim - 11-27-2012, 11:46 AM #12
I checked our EAS Policy and I can't think of anything in there that would prevent my 8X from being able to apply those policies.
Password Policies:
Enable Password recoveryAllow simple password
Minimum password length: 4
Password expiration: 60
Enforce password history: 12
Sync Settings:
Include past calendar items: AllInclude past e-mail items: All
Allow synchronization when roaming
Allow HTML formatted email
Allow attachments to be downloaded to the device
The only way I was able to get it to sync was to Allow non-provisionable devices. Will keep checking various things and report back. - 11-29-2012, 11:31 AM #13
EAS policy can be found on Windows Phone 8 for business | Windows Phone (United States) An EAS paper is here http://go.microsoft.com/fwlink/?LinkId=270085
- 11-30-2012, 09:26 AM #14
By process of elimination I determined that my issue was that "Allow Direct Push when roaming" needed to be checked. This is not enabled on our default policy.
Back to OP: I was NOT able to sync my email on my 8X if I had "Require encryption on storage card" enabled. I could if I only set "Require encryption on device" Neither of these are required in our environment so it's not part of either of our EAS policies.
Thanks for providing that PDF Alan. I couldn't find something when I looked earlier this month.Last edited by Edwin4NOH8; 11-30-2012 at 11:32 AM. Reason: Corrected my findings for OP
- 12-03-2012, 07:56 AM #15
@Edwin4NOH8: Did I understand you correctly that you are saying that you have a WP8-Phone without a SD card slot and you are able to sync with your corporate EAS? And the conditions for that are turning off "Require encryption on storage card" and turning on "Allow Direct Push when roaming" in the policies? So there's hope for my lumia 920.
Br,
empirsm - 12-03-2012, 06:38 PM #16That's correct. It was the Direct Push Roaming being disabled that prevented me from syncing. I also tested SD card encryption as that's the OP's culprit and that made synching fail for me as well. The 8X does not have an SD card andt WP8 is unable to apply that policy correctly. Originally Posted by empirsm
Latest Comments