Support Knowledgebase

Get better support by selecting a specific product

Support for Exchange ActiveSync policies and remote wipe

Support for Exchange ActiveSync policies and remote wipe

Article ID: 58353

Support for Exchange ActiveSync policies and remote wipe

For IT administrators

If a user sets up an Exchange ActiveSync (EAS) account on a HP webOS device, the device enforces only the EAS IT policies listed here. If the company uses IT policies other than the ones listed here, the IT administrator cannot enforce these other policies on the device. The user, however, is still able to set up an EAS account.

Setting password policies

IT administrators can force employees using a webOS device to secure the device using IT password policies, including the following options:

  • Password complexity (numeric or alphanumeric): Password strength plays an important role in securing a device. A webOS device supports a combination of numeric and nonnumeric characters.

    Note If the IT administrator enforces an alphanumeric password, the webOS device requires that the password include a minimum of one non-numeric character.

  • Minimum password length (2?18): On a webOS device, alphanumeric passwords can be between two and 18 characters. Numeric passwords must always be four characters or more.
  • Maximum number of failed password attempts before local wipe: IT administrators can set the number of failed password attempts allowed to the user on the device before a local wipe occurs.
  • Autolock after X minutes of inactivity: IT administrators can set the maximum password timeout interval in the Exchange policy.
  • Remote wipe: IT administrators can delete all data from a user's device by doing a remote wipe from the Exchange management console. Use remote wipe in case a device is stolen or as a way to clear data from a device before it is transferred from one employee to another.

    Note An IT administrator can also perform a Full Erase directly on the device to erase all data without using the remote wipe policy.

Setting up EAS policies on multiple EAS accounts

The IT administrator can enforce the EAS IT policies on all EAS accounts on a device. Even if a user creates a personal EAS account with an external vendor who hosts the email account on an Exchange server, password policies enforced by the IT administrator may apply to the personal EAS account.

  • If the first account the user creates has policies associated with it, those policies are enforced for that account. The user sees a series of screens prompting the user to enter the numeric or alphanumeric password, depending on the policy settings:
  • The user can create additional EAS accounts with or without EAS policy requirements. If the account requires EAS policies, the user is asked for them during setup (as shown with the first account).
  • The most stringent settings from multiple EAS policies are enforced on all EAS accounts. For example, if a user has two EAS accounts with different timeout policies (one with a 5-minute timeout period; the other with a 10-minute timeout period), and different password policies (one requiring a 5-digit password; the other a 10-digit password), the device will enforce a 5-minute timeout period and a 10-digit password requirement on both EAS accounts.
  • If the IT Administrator enforces policies on an account after the user has created and synchronized the account, the supported policies are applied to the account on the device, unless the device already has an EAS account with policies that are being enforced.
  • If the IT administrator enforces policies on an already-created account, policy changes to other EAS accounts are not enforced, and those accounts stop synchronizing.
  • If the user removes the EAS account whose policies are being enforced from the device, the user can create a new EAS account, and the IT administrator can enforce policies in this new account. The password for the deleted account remains the active password unless the user changes it by entering a new password when creating the new EAS account on the device, or by using the Secure Unlock feature in the Screen & Lock application on the device.

For end users

If you set up an Exchange ActiveSync (EAS) account on your device, the device supports the remote wipe feature and any password policies enforced by your IT administrator.

Remote wipe

Remote wipe clears all data from your device. Use remote wipe if your device is stolen, or as a way to transfer a device to another employee. The IT administrator can perform the remote wipe, or, on Exchange Server 2007 only, you can perform a remote wipe by logging in to the Exchange server via OWA.

Remote wipe user screen 1 Remote wipe user screen 2

Password policies

Find out from your IT administrator what you need to do to follow the policies that are enforced in your EAS account. You must follow the password policies your company requires.

  • Password complexity (numeric or alphanumeric): Password strength plays an important role in securing a device. Your device supports a combination of numeric and non-numeric characters.
  • Minimum password length (2?18): On your device, alphanumeric passwords can be between two and 18 characters. Numeric passwords must always be four characters or more.
  • Maximum number of failed password attempts before local wipe: IT administrators can determine the number of failed password attempts allowed to you on the device before a local wipe occurs.
  • Auto-lock after X minutes of inactivity: IT administrators can set the timeout setting for your EAS account.

Setting up EAS policies on multiple EAS accounts

If you create multiple EAS accounts on your device, the IT administrator can enforce the EAS IT policies listed above on all of your EAS accounts.

  • If the first account you create has policies associated with it, those policies are enforced for that account. You see a series of screens prompting you to enter the numeric or alphanumeric password, depending on the policy settings:
  • You can create additional EAS accounts with or without EAS policy requirements. If the account requires EAS policies, you are asked for them during setup (as shown with the first account).
  • If the IT Administrator enforces policies on an account after you have created and synchronized the account, the supported policies are applied to the account on the device, unless the device already has an EAS account with policies that are being enforced.
  • The password for deleted EAS accounts remains the active password unless you change it by either entering a new password when creating the new EAS account on your device, or by using the Secure Unlock feature in the Screen & Lock application on the device.