I have a Microsoft Exchange server for a small business and we just upgraded to 2010. It's now prompting people on Android with:
Activate device administrator?
- Erase all data: Perform a factory reset, deleting all of your data without any confirmation
- Limit Password: Restrict the types of passwords you are allowed to use.
- Watch login attempts: Monitor failed attempts to login to the device, to perform some action
- Force Lock: Control when device locks, requiring you re-enter its password.
We don't want this. Is there a way in Exchange to turn this off?
Best Answer
This is pretty similar to how to disable remote wipe for Exchange 2010 ActiveSync?
The short answer is - No. Android will prompt for those permissions regardless of whether Exchange's ActiveSync policies specifically allow or deny Exchange's ability to do those actions.
As far as I can tell, Android's ActiveSync apps have to require that you approve all possible permissions that an ActiveSync policy MIGHT require. I think it has to do with Android's permission models - in order to change the permissions, you have to update the app, and since an Exchange server changing its ActiveSync policy does not physically change the underlying app (and the app itself generally only physically changes through updates from the AppStore), it has to ask for the entire permission set up front.