FYI: This is what's in the policy.bin posted above:
Code:
Policy.inf - Management Configuration file for Desktop Software
;
;
; Notes: For comments a (;) must be at the beginning of the line
; Use (\) for line continuation for strings
;
; Format: Key = Value
; Key {Policy } = value
; Key {Default} = value
;
; where: 'value' can be an int, boolean or string.
; {Policy} key is updated if different time stamp.
; {Default} key is updated only once.
;
; If no policy attribute {}, key will default to 'Default'
;
;***************************************************************************
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Desktop Manager Configuration
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; If application is shown on task bar.
HideWhenMinimized {default} = true
; Prompt the user when the Desktop Manager starts.
MessagePrompt {default} = Welcome to the Desktop Manager.
; To enable or disable the USB-Serial converter
EnableUSBconverter {default} = false
; Control whether the Application Loader is available to the user.
ShowApplicationLoader {default} = true
; Control whether if offline IT Policy warning prompt should be displayed.
ShowPolicyErrMsg {default} = true
; Control the length of time the device password is cached by Desktop Manager. (Minutes)
DesktopPasswordTimeout {policy} = 10
; This setting controls whether or not Desktop add-ins are permitted.
; When set to false, no desktop add-in code will be executed.
AllowDesktopAddIns {policy} = true
; Indicates whether or not the desktop software will allow the user to switch devices.
AllowDeviceSwitch {policy} = true
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Synchronization
;; Synchronize for PIM,Email and Folder Management defaults.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; This setting allows you to specify whether or not you would like PIM
; information to be synchronized when the user selects the Synchronize Now
; button from the Intellisync dialog.
SynchronizeNowPIM = true
; This setting allows you to specify whether or not you would like Email
; information to be synchronized when the user selects the Synchronize Now
; button from the Intellisync dialog.
SynchronizeNowEmail = true
; This setting allows you to specify whether or not you would like the date and
; time to be synchronized when the user selects the Synchronize Now button from
; the Intellisync dialog.
SynchronizeNowDateTime = true
; This setting allows you to specify whether or not you would like PIM
; information to be to be automatically synchronized when the handheld
; is connected to the PC.
AutoSynchronizePIM = false
; This setting allows you to specify whether or not you would like Email
; information to be to be automatically synchronized when the handheld
; is connected to the PC.
AutoSynchronizeEmail = false
; This setting allows you to specify whether or not you would like Date and Time
; information to be to be automatically synchronized when the handheld
; is connected to the PC.
AutoSynchronizeDateTime = false
; This setting allows you to specify whether or not you would like to synchronize
; folders instead of performing an import.
SyncFoldersInsteadOfImport = true
; This setting allows you to specify how information conflicts between the handheld
; and the PC encountered during synchronization are handled. If set to true, desktop
; information is used. If set to false, handheld information is used.
FolderConflictDesktopWins = true
; This setting allows the enabling or disabling of wireless email reconcilation.
AllowWirelessEmailSynchronization = true
; This setting allows the wireless calendar synchronization functionality to be disabled.
DisableWirelessCalendar = false
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Redirector Settings
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Append signature on out going messages
AutoSignature = -----------------\
Sent from my BlackBerry Handheld.
; Forwards messages to the handheld
ForwardMessagesToHandheld = true
; Allows user's to receive mail when handheld is connected to cradle
ForwardMessagesInCradle = false
; Setup filter rules for email redirection
FilterRuleFile = c:\myfilters.rfi
; When filter rules don't apply, forward or don't send messages
ForwardWhenRulesDontApply = true
; When sending a message from handheld, don't save a copy in my 'Sent Items' folder
DontSaveSentMessages = false
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Backup/Restore Configuration
;;
;; These value control the setting in "Backup and Restore Options" dialog
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; This value control the value of the "Automatically backup my handheld" setting
; in the options dialog, which is enables or disables prompted Automatic Backups.
AutoBackupEnabled = true
; This value indicates how often an AutoBackup is performed in days.
AutoBackupFrequency = 7
; This setting controls the exclusion of Email and synchronized data from the
; automatic backup. If set to true, the "Backup all handheld application data"
; radio button is selected.
AutoBackupIncludeAll = true
; This setting allows control over whether email is excluded from automatic backups
; (when AutoBackupIncludeAll is false).
AutoBackupExcludeEmail = false
; This setting allows control over whether synchronized application data is excluded
; from automatic backups (when AutoBackupIncludeAll is false). "Synchronized data" is
; that data which is configured for synchronization with Intellisync; this varies
; according to the user's preferences.
AutoBackupExcludeSync = false
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; WebLink Configuration
;;
;; These values control the appearance and behaviour of the WebLink extension.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Setting this value to false prevents the WebLink icon from being displayed.
ShowWebLink = true
; This setting specifies the URL that will be used when the WebLink
; icon is activated.
WebLinkURL = www.your_network_here.com/go/downloads
; This setting controls the label that is displayed for the WebLink icon.
WebLinkLabel = Downloads
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Device Security Settings
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Determine if the password is required on device
PasswordRequired {policy} = false
; Determine if the user can disable the password
UserCanDisablePassword {policy} = true
; Minimum length of the password.
; Valid range is 1 to 12 characters, inclusive.
;
; This value indicates the minimum length of an acceptable device
; security password.
MinPasswordLength {policy} = 4
; Password Pattern Checks
; Valid range is 0 or 1 at this time
; 0 -> no checks
; 1 -> ensure password has at least on letter and one digit
PasswordPatternChecks {policy} = 0
; Suppress Password Echo
;
; Option to disable password echo after x numbers of fail attempts to unlock handheld.
; false -> Disable
; true -> Enable
;
SuppressPasswordEcho {policy} = false
; Maximum device security timeout.
; Valid range is 1 to 60 minutes, inclusive.
;
; The handheld user is permitted to select any security timeout value
; less than this value.
MaxSecurityTimeout {policy} = 60
; Password Timeout
; Valid range is 0 to 60 minutes, inclusive.
;
; Set the effective password timeout on handheld. This value must be
; less than that of the MaxSecurityTimeout.
SetPasswordTimeout {policy} = 60
;
; If set, forces the device to the lock screen when it is holstered
ForceLockWhenHolstered {policy} = false
; Determine if the user can change the timeout
UserCanChangeTimeout {policy} = TRUE
; Password aging.
; Valid range is 0 to 365.
;
; Specifying a value of 0 indicates password aging is disabled. Other
; values specify the maximum age of the password before the handheld
; user is prompted to change it.
MaxPasswordAgeInDays {policy} = 365
; Password History
; Valid range is 0 to 15
;
; Specify the number of passwords to retain for checking. Passwords in password history cannot be used when
; setting a new handheld password.
;
MaximumPasswordHistory {policy} = 0
; Maximum Password Attempts
; Valid range is 3 to 10
;
; Set the maximum number of password attempts on handheld.
;
SetMaximumPasswordAttempts {policy} = 10
; Indicate if Long Term Security Timeout is enabled/disabled
;
; If true, handheld long term timeout is enabled
; If false, handheld long term timeout is disabled.
LongTermTimeoutEnable {policy} = false
; Attachment Viewing
;
; Controls the ability to view email attachments on the handheld.
; If set to true then users can view attachments on the handheld
AllowAttachmentViewing {policy} = true
; Policies that control the behaviour of third party applications
; on Java-based handhelds.
AllowThirdPartyUseSerialPort {policy} = true
AllowExternalConnections {policy} = true
AllowInternalConnections {policy} = true
AllowSplitPipeConnections {policy} = true
DisallowThirdPartyAppDownloads {policy} = false
; Policies that control the behaviour of the handheld Browser application
;
; DefaultBrowserConfigUID {default} = "BlackBerry Browser"
; MDSBrowserTitle {default} = "YourCompany Intranet"
; HomepageAddress {default} = www.your_network_here.com
; HomepageAddressReadOnly {policy} = true
; EnableWAPConfig {policy} = false
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
; Policies that apply to the TLS protocol.
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; TLS Disable Invalid Connection
; Disallow users to connect to a server with an invalid certificate (i.e revoked, expired, etc ).
; Value: 0=true,1=false,2=prompt on device
TLSDisableInvalidConnection {policy} = 1
; TLS Disable Untrusted Connection
; Prevent TLS connections to untrusted servers.
; Values: 0=true,1=false,2=prompt on device
TLSDisableUntrustedConnection {policy} = 2
; TLS Disable Weak Ciphers
; Disable use of weak ciphers during a TLS connection.
; Values: 0=true,1=false,2=prompt on device
TLSDisableWeakCiphers {policy} = 2
; TLS Minimum Strong DH Key Length,
; Valid range 512 to 4096
TLSMinimumStrongDHKeyLength {policy} = 1024
; TLS Minimum Strong ECC Key Length
; Valid range 160 to 571
TLSMinimumStrongECCKeyLength {policy} = 163
; TLS Minimum Strong RSA Key Length
; Valid range 512 to 4096
TLSMinimumStrongRSAKeyLength {policy} = 1024
; Disable the use of any cipher that is not FIPS compliant.
TLSRestrictFIPSCiphers {policy} = false
; TLS Minimum Strong DSA Key Length
;
; Set the minimum DSA key size allowed for use during a TLS connection.
; Range: 512 - 1024 bits in 64 bit increments
TLSMinimumStrongDSAKeyLength {policy} = 1024
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Messaging Settings.
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Indicate if PIN to PIN messaging is permitted.
;
; If true, handheld users are permitted to use the PIN to PIN messaging
; feature. If false, this capability is hidden from the handheld user.
AllowPINtoPIN {policy} = true
; Indicate if the specification of BCC recipients is permitted.
;
; If true, handheld users can specify BCC recipients when composing messages.
; If false, this capability is unavailable to handheld users.
AllowBCCRecipients {policy} = true
; Indicate if SMS messaging is permitted.
;
; If true, handheld users are permitted to send SMS messages.
; If false, this capability is unavailable to handheld users.
AllowSMS {policy} = true
; Indicate if the RIM phone application can be used on the handheld.
;
; If true, handheld users are permitted to use the handheld's phone.
; If false, users are not permitted to use the handheld's phone.
AllowPhone {policy} = true
; Indicate if the RIM web browser can be used on the handheld.
;
; If true, handheld users are permitted to use the handheld's web browser.
; If false, users are not permitted to use the handheld's web browser.
AllowBrowser {policy} = true
; Indicate if other email services are permitted on the handheld.
;
; If false, no other email service books (other than the Enterprise
; edition one) are permitted on the handheld. Any other existing email
; service books are removed when the policy is installed; while the
; policy is in effect, other email service books will be rejected by the
; device. This forces all outbound email to be routed through the
; organization's BlackBerry Enterprise Server.
;
; If true, no restrictions are applied to email service books.
AllowOtherEmailServices {policy} = true
; Indicate if other browser transport services are permitted on the handheld.
;
; If false, no other browser transport service books (other than the
; Enterprise edition one) are permitted on the handheld. In this case,
; any other existing browser transport service books are removed when the
; policy is installed; while the policy is in effect, other browser transport
; service books will be rejected by the device. This forces all browser
; traffic to be routed through the organization's BlackBerry Enterprise Server.
;
; If true, no restrictions are applied to browser transport service books.
AllowOtherBrowserServices {policy} = true
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Owner Information
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Owner Name - if value = '*' use the registry setting
OwnerName {default} = Research In Motion Ltd.
; Owner Info - if value = '*' use the registry setting
OwnerInfo {default} = Please return to RIM\
Phone # (519) 888-7465\
295 Phillip St\
Waterloo Ont\
N2L 3W8
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
;; Other Info
;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;