Hi All,

Quick question....When we have a user leave our company, as of right now, we are just removing them from our BES. We have come to learn that the IT policy stays with the device even after wiping it. Is it best to send a default policy to the device and then remove them from the BES, or is there a way they can somehow "drop" the IT Policy from their device? We really don't want to have to re-add the user to our BES, re-activate them, send them the default policy, and then remove them. Is there any way around this?

Thanks everyone,
Chris

Moved to the BES Admin Corner Section.

~MrKyoo

(bump)

There isn't any way to remove the policy unless it's changed before the user is removed from the BES. Where I work, I am the one who removes from the BES, but I'm not always 'in the loop' when people leave. We wind up with devices that still have the policy on them, but most of the time they get redeployed to someone else within the company, so it's not a big deal if the policy is there (we only use 1 policy).

No, you can't drop the policy. The only workaround which exists is this one: Unlocking the Blackberry (http://blackberry.ig3.net/)

No, you can't drop the policy. The only workaround which exists is this one: Unlocking the Blackberry (http://blackberry.ig3.net/)


Hmm I havent' tested that but I am under the impression that you cannot overwrite a wireless policy with a wired one.

Either way, for finkus55 I would send the user a default policy and confirm that it arrives before removing the user from the BES.

Anyone know, will a hard javaloader wipe kill an unwanted IT policy?

Anyone know, will a hard javaloader wipe kill an unwanted IT policy?
From what I’ve been told, no.

~MrKyoo

Hmm I havent' tested that but I am under the impression that you cannot overwrite a wireless policy with a wired one.


I had the same impression, but then I tested it myself with a device which received the original policy wirelessly. I was able to remove the policy with the guide mentioned above.

When doing a security wipe on the device, it is open to receive a new policy, no matter the source (legacy wired policy or current wireless/tethered activation policy). This is the key to the directions on the webpage listed above.

The only big problem with the policy listed there is that if your former policy kept default options on some of the Bluetooth settings (such as a default/unselection option of True for Disable Bluetooth Data Transfer), then you'd still have that inability. Some screamed about this months and months and months ago.

As an administrator, it'd probably be nice of you, although it's not really required. I've tried to set up a process to do this, but a lot of times when someone leaves the company, it's not really because they want to (atleast in my situations) and I typically find out as they are on their way out of the door. If they leave and are gone, then you do NOT want to re-add them to your network (if they are no longer employed, this typically breaks ANY and ALL network security best practices rules).

You may want to look through the policy defaults and make a new non-Default policy to completely enable the device for all functionality. A Default policy will still disable some features.