BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 06-22-2009, 09:53 AM   #1 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Security Timeout via Policy

Please Login to Remove!

We just setup our new BES, version 5.0.0.137, I've setup different groups with different policies (i.e. group A uses policy A and group B uses policy B). All the policies were based off the default policy with minor changes. I've set all the policies to have a security timeout of 30 minutes and set that users can change this option. However every Blackberry is still using the default of 2 minutes on the security timeout and no one can change the option....they have little red locks next to them.

Is there something else I need to change to fix this?

TIA
Offline  
Old 06-22-2009, 10:31 AM   #2 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,631
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

What is the exact name of the IT Policy setting that you set?

Maximum Security Timeout?

Do you also have the Password Required policy setting set?
Offline  
Old 06-22-2009, 12:20 PM   #3 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Policy names are "CH Policy", "PD Policy", "PW Policy" and "IT Dept Policy"

Under each policy, the following is set:

Device Only > Password Required > Yes
Device Only > Maximum Security Timeout > 480
Device Only > User Can Change Timeout > Yes

Password > Set Password Timeout > 30
Password > Periodic Challenge Time > 30

Security > Key Store Password Maximum Timeout > 60
Offline  
Old 06-22-2009, 12:29 PM   #4 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,631
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Do you have any devices with HH OS 4.7 or greater? I'm wondering if something isn't properly sticking and see this reference in the policy reference guide to 2 minutes versus 30 minutes based on OS version:

-----

Set Password Timeout IT policy rule
Description
This rule specifies the number of minutes of inactivity before the security timeout occurs and a BlackBerry® device user must type the password to unlock the BlackBerry device.
Default value
The default value is 2 minutes for BlackBerry® Device Software versions earlier than 4.7, and 30 minutes for BlackBerry Device Software versions 4.7 and later
Offline  
Old 06-22-2009, 12:37 PM   #5 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Oh, I guess that may be a problem. We're using the Curve 8350i s and the it looks like the are on v.4.6.1.128 (Platform 3.0.0.62).

So I suppose my next thread would be in regards to doing an OS update thru the BES and where to get the HH OS to do so.
Offline  
Old 06-22-2009, 12:43 PM   #6 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,631
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

The thing is though ... if you manually make this setting something else it should process it without issue. These are just default settings and you're configuring it such that a user should be able to change it if desired.

Honestly, it looks like you've done everything right and it isn't working properly. Anyone else care to chime in?
Offline  
Old 06-22-2009, 12:51 PM   #7 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

The odd thing is we were on BES v 4.something before and moved our dept, IT, to this new BES a few weeks ago for testing along with the new Exchange 2007. Everything works as desired except for this on set of settings...it worked on the old BES. Even after fine tuning everything and then deploying all the other devices to the new BES via enterprise activation, they all work great, except this same setting.

It's extremely annoying to be reading an email or set the blackberry down and have to re-type your password every 2 minutes, haha
Offline  
Old 06-22-2009, 01:38 PM   #8 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Update: I moved my blackberry to a different policy, "Basic Password Security". After powercycling the phone and policy update I was able to change the timeout to 30 minutes.

Afterwards I moved myself back into the "IT Dept Policy" and the settings held...my security time out is still at 30 minutes and is unlocked.

Maybe I just had to be moved out of the policy and back into it...who knows.
Offline  
Old 06-22-2009, 01:41 PM   #9 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,631
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

what happens with the other users if you simply re-send the policy?
Offline  
Old 06-22-2009, 01:57 PM   #10 (permalink)
New Member
 
Join Date: Jun 2009
Model: 8350i
PIN: N/A
Carrier: Nextel
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

No changes whatsoever.
Offline  
Old 06-22-2009, 04:01 PM   #11 (permalink)
BlackBerry Genius
 
hdawg's Avatar
 
Join Date: Aug 2006
Model: hdawg
PIN: port3101.org
Carrier: hdawg
Posts: 6,631
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Honestly ... sounds like a bug. I'd open up a call with T-Support to have this investigated further.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.