Looks like the Mail for Exchange application doesn't support all of the password enforcement features its possible to set on an exchange server...

The sample I have only allows a numeric password to be set - My sysadmin is enforcing a alphanumeric password...

Had the same issue on most s60 nSeries devices other than eSeries & n97...

Hope they rectify this before launch or there will be a lot of angry customers who are looking to use this device for business purposes and cannot.

are you kidding? Of course you have alphanum password support there.

Looks like the Mail for Exchange application doesn't support all of the password enforcement features its possible to set on an exchange server...
Where did you get this from?

Without any source this is just FUD and something to ignore.... Plesae come up with a source.

I have a device and I have tested it myself.

When trying to set a password in Settings > Device Lock. It only accepts a numeric lock code....

When connecting to a Exchange Server which enforces a 6 letter password, needing uppercase, lowercase and numbers - It fails everytime. Same settings work on e71 without issue.

My conslusion for this is that the security framework doesnt support alphanumeric passwords - Just like older nSeries devices, they were missing TARM.

http://blogs.nokia.com/s60blogs/index.php/2006/12/04/tarm_terminal_administration_r/

Well, I hope this get fixed as this is a MUST for me as well.

Email is 50% of the usage of my e71 at the moment and I expect the N900 to be up to the task...

Agreed - My firmware is early and I hope that this gets fixed in a later update.

When trying to set a password in Settings > Device Lock. It only accepts a numeric lock code....

When connecting to a Exchange Server which enforces a 6 letter password, needing uppercase, lowercase and numbers - It fails everytime.

These two functions and their password are entirely unrelated and independent of one another.

Yes, you're now a bit confused. Alphanumerics work fine with Exchange.

Device lock has nothing to do with Exchange, it's for the device itself.

Remember, Mail for Exchange deals with syncing contacts, calendar (singular usage intended :-(), email etc.

It's not like group policies you get on Windows authenticated to Active Directory (and presumably on Windows Mobile too)

Yes, you're now a bit confused. Alphanumerics work fine with Exchange.

Device lock has nothing to do with Exchange, it's for the device itself.

They are directly connected.

When you sync a new device with an Exchange Server, the first thing it does is enforce a its policy to the device. In most cases this includes a password policy - Mine enforces a alphanumeric password.

As the device cannot handle the enforcement of a alphanumeric password, the M4E client will not continue with the sync session and error.

If the device lock functionality cannot support alphanumeric passwords, M4E is dooomed in most mid > large business.

The device lock is just a lock to stop pressing buttons while in the pocket and stop people using it without asking. It's never been part of the Mail support.

I can't say I've ever seen Exchange force any policy onto any Linux devices I've used with it; short of its own authentication it demands.

Its part of the Exchange Protocol.

http://technet.microsoft.com/en-us/library/cc182279.aspx

This applys to any device which syncs with an Exchange server. Windows Mobile, eSeries Symbian, iPhone all support password enforcement (invoke the device lock after x minutes, require password to unlock).

The device lock is just a lock to stop pressing buttons while in the pocket and stop people using it without asking. It's never been part of the Mail support.

I can't say I've ever seen Exchange force any policy onto any Linux devices I've used with it; short of its own authentication it demands.

This is part of device security which Exchange ActiveSync will require you to activate and to set a password. It has done this with my E71, N95, Moto Q and my iPhone at work. Our Exchange servers only require that the default lock password be changed without strict password policies.

This IS definitely part of MFE security policy.

But my password is all numeric on my E71 and it works, so assume my V large company feels this is OK. But I'm sure they may change it in the future, so would be really good to make sure this gets fixed.

Mike C

They are directly connected.


No. They are not.


When you sync a new device with an Exchange Server, the first thing it does is enforce a its policy to the device. In most cases this includes a password policy - Mine enforces a alphanumeric password.


OK. And it is up to device to take this into use or not.


As the device cannot handle the enforcement of a alphanumeric password, the M4E client will not continue with the sync session and error.


WHY? MfE client has nothing to do with device lock. Those systems in N900 are totally independent. Not like in S60 device you have seen before.

So, what sync problems can occur if device safely ignores this "enforcement"? Why sync will stop to work?


If the device lock functionality cannot support alphanumeric passwords, M4E is dooomed in most mid > large business.

Again. Those systems are independent in maemo.

And it sounds brilliant for me as with this "really intelligent" MfE logic in S60 I have lost all my data in S60 phone including photos from my vacations. Just because in one not-so-wonderful moment I have forgotten my password and S60 reformatted my phone :-(

Its part of the Exchange Protocol.

http://technet.microsoft.com/en-us/library/cc182279.aspx

This applys to any device which syncs with an Exchange server. Windows Mobile, eSeries Symbian, iPhone all support password enforcement (invoke the device lock after x minutes, require password to unlock).

It is up to device how shall it support this part of ActiveSync protocol specification.

This is part of device security which Exchange ActiveSync will require you to activate and to set a password.


Not maemo implementation. Thanks, God!


It has done this with my E71, N95, Moto Q and my iPhone at work.


The same for be. But not with Maemo. And this is something I love!

http://technet.microsoft.com/en-us/library/cc182279.aspx


Keep ion mind - the link above tells about Windows ActiveSync implementations.

"Security Policies on Windows Mobile Powered Devices Managed by Exchange Server"

N900 device is powered by Maemo (linux based OS), not WIndows Mobile.

Has anyone got MfE working with their corporate servers?

Mike C

Has anyone got MfE working with their corporate servers?

Mike C

Me. Without any issues. Exchange 2007 is used in our organization.

Me. Without any issues. Exchange 2007 is used in our organization.

Does your Organisation enforce device lock?

Mike C

Does your Organisation enforce device lock?

Mike C

Yes. And S60 implementation annoys me with request to set autolock "otherwise the data will not be synced". (Which is not true, but this is another story).

Maemo implementation just works as expected and does not bother me with lock requests.

Vitaly

many thanks for this, I had assumed my E71 asking me to do the device lock dance was a function of exchange.

but good to hear it all works.

Mike C

Vitaly

many thanks for this, I had assumed my E71 asking me to do the device lock dance was a function of exchange.


Yes. This is how this function is implemented in S60. Server asks S60 MfE client, S60 MfE client asks you (end-user).


but good to hear it all works.
Mike C

In Maemo it just does not force you to do this. That's all.

Has anyone else had problems with calendar event sync in the N900? If I do a full manual sync from the settings, I get the calendar events, but I would expect the N900 to fetch calendar events as well as part of the normal sync.

Has anyone else had problems with calendar event sync in the N900? If I do a full manual sync from the settings, I get the calendar events, but I would expect the N900 to fetch calendar events as well as part of the normal sync.


Yes. This is how it works for me. And what do you mean as a "full" manual sync? Resynchronization option?

If you experience problems with calendar sync through MfE, could you put more details about the issue?

Yes. This is how it works for me. And what do you mean as a "full" manual sync? Resynchronization option?

If you experience problems with calendar sync through MfE, could you put more details about the issue?

Yes, the resync option somewhere in the settings/options (sorry, haven't got my device here right now so I cannot check...). I assume this might have been some one time problem, but I will post here if I notice problems in the future.

Yes, the resync option somewhere in the settings/options (sorry, haven't got my device here right now so I cannot check...). I assume this might have been some one time problem, but I will post here if I notice problems in the future.


What server do you use for syncing? Exchange 2007 or something else?

What server do you use for syncing? Exchange 2007 or something else?

And does "manual sync" (just normal manual sync, not re-sync) help?

And does "manual sync" (just normal manual sync, not re-sync) help?

Ok, so this is how it works for me.

I have set Mail for Exchange to *not* sync automatically, but I want to go to the Email application and from there do a "Send & Receive". I assumed this would also update my Calendar as in the settings for Mail for Exchange I have "Synchronise calendar and tasks" enabled. Is my assumption correct?

I can't see a way to manually request a calendar update from the Calendar application.

Also in Mail for Exchange settings I see "Last syncronisation" as "Today, ...". And as I said earlier "Synchronise manually" from Mail for Exchange settings syncs my calendar as well.

So my question would be now that is it required to have automatic sync enabled in order for the calendar to also be synced?

Yes, I am using Exchange Server 2007.

Active Sync can require a specific device look.

Integration into the enterprise world is more than just syncing mails.

A Exchange Server can refuse syncing if the device does not support certain policies or encryption standards. Ask anyone with a 1st or 2nd gen iPhone (no hardware encryption).

For those who aren't familiar with the security settings configuration pages relating to Badger's original statement, linked below is a screenshot from Exchange 2003. Note- this is how we manage our small number of iPhones (not a single WinMo) with password enforcement where I work. The BES handles the vast majority of our mobiles- Blackberries of all sorts.

http://img198.imageshack.us/img198/6808/mobileservicespropertie.jpg (http://img198.imageshack.us/i/mobileservicespropertie.jpg/)

HTH

When syncing with Exchange, do all email features work? I use Colour Categories a lot (GTD) and appointment Flags. Are they supported in the Maemo email software at all?

Are there any issues with Tasks and Contacts? Are the contact fields in the Maemo contacts software sufficient?

I am planning on getting a personal Exchange server VM sorted out especially for this, so I would appreciate some comments on how I can use the N900 for these things.

Ok, so this is how it works for me.

I have set Mail for Exchange to *not* sync automatically, but I want to go to the Email application and from there do a "Send & Receive". I assumed this would also update my Calendar as in the settings for Mail for Exchange I have "Synchronise calendar and tasks" enabled. Is my assumption correct?


No. It will receive only your mail. You can do manual sync from control panel applet. There is a special big button "Synchronize manually". Could you try with it?


I can't see a way to manually request a calendar update from the Calendar application.


There is no. You need to use control panel applet for manual sync and configuration settings (the same control panel) to configure scheduled sync.

And as I said earlier "Synchronise manually" from Mail for Exchange settings syncs my calendar as well.


OK. I got you differently. I understood that the only way to sync was to open configuration applet, open settings and ress "full re-sync". But as of now it works as expected.


So my question would be now that is it required to have automatic sync enabled in order for the calendar to also be synced?


The ways to sync calendar with MfE:

1) Using scheduled sync
2) Using manual sync (from configuration panel applet)

Yes, I am using Exchange Server 2007.[/QUOTE]

Vitaly,

Thanks for checking this out for us. You are syncing directly over the air to Exchange 2007 right, not using a desktop connection?

Have you seen any support for using Exchange ActiveSync Push protocols to update Mail, Contacts, or Calendar? I was hoping that Nokia would have implemented Push, because then I could recommend an n900 instead of a WinMo device to the big bosses upstairs. Their meetings are handled by secretaries and change too fast for them to be called all the time to be told to resync their calendars, and syncing would have to be scheduled every at least every 15 minutes.

For my own use, as long as I can schedule it to sync the calendar every day that would be fine. Email needs to be nearly instantaneous, though.

Cayle

Vitaly,

Thanks for checking this out for us. You are syncing directly over the air to Exchange 2007 right, not using a desktop connection?


Sure.

We have test server in our organization. I am going to ask to configure it in the way shown in the post #33 and check how N900 client will behave.


Have you seen any support for using Exchange ActiveSync Push protocols to update Mail, Contacts, or Calendar? I was hoping that Nokia would have implemented Push, because then I could recommend an n900 instead of a WinMo device to the big bosses upstairs.


Push (is is called "Always On" in the settings) is implemented for Mail, Contacts and Calendar.

Is there support for Outlook's Colour Categories in the mail program and MfE?

Is there support for Outlook's Colour Categories in the mail program and MfE?

No. There is no support for this feature.

No. There is no support for this feature.

Oh no. That's bad news for me.

I hope MS Office Mobile arrives on Maemo soon, and supports this.

Sure.
I am going to ask to configure it in the way shown in the post #33 and check how N900 client will behave.


I have done it. Checked with Exchange server 2007. If "Allow non-provisionable devices" is not set in the options, then N900 MfE client fails to connect to the server. It shows error message during initial sync.

If I turn this option on, N900 MfE syncs with the server as usually.

N900 is on top of my list for "my first smartphone or mobile computer with phone application". Preparing its arrival I have read forum threads, watched youtube videos and web reviews. I'm convinced, Maemo+N900 rocks.

BUT I read following tidbit from one reviews comments:

----quote starts---
Most corp email admins set a policy on their Exchange server, traditionally this is to enforce a device password to protect the confidential info in the email which is being piped to the device. Although the n900 has a qwerty, the device lock capability only supports numeric passwords (like most other Nokia devices with the exception of n97's and eSeries). This is a real issue for anyone whos IT Admin enforces a alphanumeric password from the Exchange server - You simply cannot get you corp email (or calendar / contacts) sync'd to this device.

In short, the n900 only supports Exchange sync if the IT Admin lowers the policy enforcement which has worked quite happily for iPhone and Window Mobile since the beginning.....
----quote ends----

I cannot go to IT and ask, since they officially support only Winmos ...

So, In case Corporate Exchange server ,that I use, has alphanumeric password policy, I wanted to double-check that the above info is correct.

And if it is. Is "the device lock app" Nokia propriatory code or part of the open part of the Fremantle? I mean can it be hacked to support alphanumeric or do I need to wait Nokia to patch that support.


And if this asked and aswered, I'm sorry but "N900 and lock" gave way too many hits to crawl through.

there is a thread called poor mail for exchange support, which already discussed. sorry that i cant send link posting from my moby.

there is a thread called poor mail for exchange support, which already discussed. sorry that i cant send link posting from my moby.

This thread (http://talk.maemo.org/showthread.php?t=31351), I think, and the view seems to be that Maemo doesn't implement this particular mis-feature of refusing to do what the user tells it, so you should be fine.

Threads merged.

I have done it. Checked with Exchange server 2007. If "Allow non-provisionable devices" is not set in the options, then N900 MfE client fails to connect to the server. It shows error message during initial sync.

If I turn this option on, N900 MfE syncs with the server as usually.

Thank you for this.

I've read that the default value is TRUE.

Let's hope nobody changed that in our organisation. :)

I have done it. Checked with Exchange server 2007. If "Allow non-provisionable devices" is not set in the options, then N900 MfE client fails to connect to the server. It shows error message during initial sync.

If I turn this option on, N900 MfE syncs with the server as usually.

Unfortunately I have done exactly this and it doesn't work with the N900. I get the error: "Either Exchange server requires secure connection or account is disabled" and I can't proceed with account configuration on the device.

Unfortunately I have done exactly this and it doesn't work with the N900. I get the error: "Either Exchange server requires secure connection or account is disabled" and I can't proceed with account configuration on the device.

Most probably the server you try to use has "untrusted" certificate. E.g., self-signed.

I'm also having problem with MfE sync. Don't know if we have '03 or '07, but sync works fine on other devices (E71, iTouch).

On the "Allow non-provisionable devices"
the guidance from;
http://technet.microsoft.com/en-us/library/bb123484.aspx

is "This setting specifies whether older devices that may not support application of all policy settings are allowed to connect to Exchange 2007 by using Exchange ActiveSync."

How come that excludes N900s, but not E71s?

This is concerning for me as well.

I have not yet received my N900, but if I understand this thread correctly, the N900 only allows numeric codes for the device lock. If your company requires an alpha-numeric code for the device lock as part of the corporate Exchange Activesync policy, then the N900 will not sync?

My company requires an alpha-numeric device lock code, and my current E71 works without fail.

I have been waiting for the N900 for a while, but if I cannot use it to sync to my corporate mail, it will likely cause me to cancel my order. Am I missing something?

My company requires an alpha-numeric device lock code, and my current E71 works without fail.


It all depends on the policy of your organization - are non-provisionable devices supported or not.

If they are supported then you will not have any troubles. Otherwise, you can experience them.


More details can be found in this thread: http://talk.maemo.org/showpost.php?p=400273&postcount=139

is "This setting specifies whether older devices that may not support application of all policy settings are allowed to connect to Exchange 2007 by using Exchange ActiveSync."

How come that excludes N900s, but not E71s?

MS guys can say whatever they want. This is not about "older" devices. This is about devices which have this feature supported or not. Linux device is a totally different animal than MS Windows device which was in mind of MS guys when they were creating the protocol.

Most probably the server you try to use has "untrusted" certificate. E.g., self-signed.

So you say you can only use MfE with certificate, if you use a "non-self-signed-certificate"??
C'mon, if I decide to trust that certfiicate is has to work, right?!

BTW: I set up another exchange2007 w/o certificate for testing and synchronisation stops at nearly 50%... any ideas?! ;)

So you say you can only use MfE with certificate, if you use a "non-self-signed-certificate"??
C'mon, if I decide to trust that certfiicate is has to work, right?!

BTW: I set up another exchange2007 w/o certificate for testing and synchronisation stops at nearly 50%... any ideas?! ;)

You can use a self-signed certificate if you install it as described here (http://talk.maemo.org/showthread.php?p=401238#post401238) and in the following posts in that thread. (Link taken from https://wiki.maemo.org/Mail_For_Exchange_(MfE)_Heartbeat_and_FAQ )

I agree with badger. I have the same issue. Sync stuck due to security issues

I have the same problem. Synch stops at 30%............I think badger is onto something.....

BTW: I set up another exchange2007 w/o certificate for testing and synchronisation stops at nearly 50%... any ideas?! ;)

Could you check what protocol is used? (https://wiki.maemo.org/Mail_For_Exchange_%28MfE%29_Heartbeat_and_FAQ#How_ can_I_check_is_my_server_version_supported_or_not. 3F) My guessing is that it is either 2.5 or 12.0 (probably, this one as you use Exchange 2007).

what i really want in this app is ability to choose folders which phone would sync. Today, all folders are synced and i don't need all of them on phone.

what i really want in this app is ability to choose folders which phone would sync. Today, all folders are synced and i don't need all of them on phone.

Check this post, (http://talk.maemo.org/showpost.php?p=459395&postcount=747) pls.

Hello. i Had a nokia N95 and had roadsync on it to recieve mail on my phone.
Now i can not recieve mail on my new nokia N900, HOW can i fix this ?
I,m trying to set the settings, but it keep telling me that there is a problem with my passpoort, domain or username.
PLS HELP.

i'm using mail2web.com.

PLS send me a mail on bikerboy30@hotmail.com for receiving my mail from mail2web.com account to my Nokia N900.

So I have a dumb question, and as a non-developer I assume I am going to answer my own question.

Can't someone develop an application that 'tricks' exchange into thinking it is a managed device obliging to it's security requirements? The iPhone use to do it when activesync was first inabled, and currently there are many people using an app called touchdown by nitrodesk to connect to exchange on android devices since the activesync setup is hit or miss because of the managed device scenario.

Any devs out there working on something like that :) would really take off given the many many entries I have seen on this board complaining about not being able to connect to their exchange boxes because of 'non-provisionable' restrictions.

Just my 2 cents from a non-developer...

So I have a dumb question, and as a non-developer I assume I am going to answer my own question.

Can't someone develop an application that 'tricks' exchange into thinking it is a managed device obliging to it's security requirements? The iPhone use to do it when activesync was first inabled, and currently there are many people using an app called touchdown by nitrodesk to connect to exchange on android devices since the activesync setup is hit or miss because of the managed device scenario.

Any devs out there working on something like that :) would really take off given the many many entries I have seen on this board complaining about not being able to connect to their exchange boxes because of 'non-provisionable' restrictions.

Just my 2 cents from a non-developer...


Hell yeah! id pay for that! great idea

So I have a dumb question, and as a non-developer I assume I am going to answer my own question.

Can't someone develop an application that 'tricks' exchange into thinking it is a managed device obliging to it's security requirements? The iPhone use to do it when activesync was first inabled, and currently there are many people using an app called touchdown by nitrodesk to connect to exchange on android devices since the activesync setup is hit or miss because of the managed device scenario.

Any devs out there working on something like that :) would really take off given the many many entries I have seen on this board complaining about not being able to connect to their exchange boxes because of 'non-provisionable' restrictions.

Just my 2 cents from a non-developer...

The source code for the MfE connector is closed, so in order to implement this you'd also need to implement a complete MfE stack.

So I have a dumb question, and as a non-developer I assume I am going to answer my own question.

Can't someone develop an application that 'tricks' exchange into thinking it is a managed device obliging to it's security requirements? The iPhone use to do it when activesync was first inabled, and currently there are many people using an app called touchdown by nitrodesk to connect to exchange on android devices since the activesync setup is hit or miss because of the managed device scenario.

Any devs out there working on something like that :) would really take off given the many many entries I have seen on this board complaining about not being able to connect to their exchange boxes because of 'non-provisionable' restrictions.

Just my 2 cents from a non-developer...

There are SOOOO many people that have complained about it. This for me is a failed device, when I cant sync with my server due to non-provisioning..........This device was unfortunately designed for unemployed and teenagers..........

I hear you. way too bad. maybe a 3rd party will dev something. one can only hope...

just downloaded pr1.2 and still no partial provisionning support for mail for exchange like the symbian nokias have. So I still cannot use my N900 for work email with exchange. this is really bad and I can't wait for Nokia to implement something in a future firmware update.

I am disgusted that Nokia have to fixed this - Especially when Google have implemented it for Android.


The last Meamo I buy.

There are SOOOO many people that have complained about it. This for me is a failed device, when I cant sync with my server due to non-provisioning..........This device was unfortunately designed for unemployed and teenagers..........

I am aware I am waking up a zombie post but:


there are other email servers other than exchange. employers are not obliged to use microsoft products. i fact, i would venture to say that employeers are better off without them.