Removing Exchange Direct Push Device Security Policy

[fablife]

I know there was another thread about this somewhere but I could not find it. But I wanted to share this info just in case anyone else was looking for it as I was.

I found this over at XDA, the original thread is:
http://forum.xda-developers.com/showthread.php?t=317107

Basically it provides the registry tweaks needed to change/remove the direct push policies enforced by some companies. Not to say the policy is not needed, but it is a huge both for me having to enter a 10+ alpha-numeric password if my device has not been in use for more than 5 min.

Here are the registry tweaks:
using a device registry editor (remote, or PHM) modify the following key(s)
The Exchange Security Policy (4131) updates the device policy:
HKLM\Security\Policies\00001023: 0 = Enabled; 1 = Disabled

To change the inactivity timer:
HKLM\Comm\Security\Policy\LASSD\AE\{50C13377-C66D-400C-889E-C316FC4AB374}\
AEFrequencyType: 0 = No inactivity time; 1 = Activity time enable
AEFrequencyValue: = number of minutes before timeout

To change the password strength policy:
HKLM\Comm\Security\Policy\LASSD\LAP\lap_pw\
MinimumPasswordLength: minimum number of characters in password (0 defaults to 1)
PasswordComplexity: 0 = Require Alphanumeric; 1 = Require numeric (PIN); 2 = No restriction

And finally to change the Device wipe settings:
HKLM\Comm\Security\Policy\LASSD\
DeviceWipeThreshold: -1 = disabled; (any positive number) = # failed attempts before device memory gets whacked
CodewordFrequency: # of attempts before a codeword is displayed to prevent accidental device wipe.




I also was using a small proggy I found over at mobility today but has issues with SPB mobile shell now screen and the program. If your not using SPB MS, than this would be a much easier way to apply the above.
http://mobilitytoday.com/forum/showt...t=13030&page=2

cheers,