Samsung Galaxy S5 fingerprint reader and ActiveSync
Wondering if anyone knows the issue with Android fingerprint readers and ActiveSync - is there a setting somewhere that needs to be altered to allow the fingerprint reader with the S5? I know the iPhone5s'
fingerprint reader works, but having no luck so far with the S5.
Thanks
April 14th, 2014 7:36pm
Im experiencing the same problem in our environment running exchange 2007. Ive read some posts stating that some people have overcome this with applications that use ActiveSync at an application level as apposed to the phone itself. The app "Nine" apparently
works although i havent had a play yet. Im yet to find a way to get S5's fingerprint working with activesync. To make things worse after removing the exchange account from my phone the fingerprint scanner is still greyed out as an option to unlock the device.
Has anyone else had the same issue?
Thanks
Ry
April 15th, 2014 11:17pm
Yes. I'm having the same issue. We are running Exchange 2010 SP2 Update 7 I think. I have the Galaxy S5 from AT&T.
I'm our Exchange administrator, so I ended up creating an ActiveSync policy that doesn't require any passwords and set my mailbox to use that policy for now. Obviously it's not a solution. But I did play with all the permutations of password
options in the ActiveSync policies. Nothing would allow fingerprint unlock other than disabling requiring any password at all.
I also experienced the bug you're describing in that after I removed ActiveSync from the phone, the policies pushed onto it by ActiveSync were not removed. This is a bug with the phone for sure. I think this will get fixed at some point. For
now you can add back in your ActiveSync connection, and then change the ActiveSync policy to require no passwords. Of course you'll need to be an Exchange admin to do this. No admin in their right mind will turn off the requirement for password
security for you. If not I factory defaulted my phone and it also removed the ActiveSync policies (of course), I'm sure that's not helpful to you, but I didn't figure out another way. I did hear someone say you could go to Settings->Storage->Cached
Data->OK to clear out the settings after removing ActiveSync from your phone. I haven't tried it, but it seems harmless enough.
April 17th, 2014 4:40am
Not yet, though I agree this seems like a big problem. The iphone feature works out of the box with no special activesync policy so I suspect it must do something tricky in it's activesync implementation.
I'd really like to see this fixed, or else this is a useless feature for a lot of people.
April 21st, 2014 7:46pm
To be able to use the fingerprint scanner and anything else but the PIN and password after removing your exchange account, you have to remove the e-mail application from Device administrators list. It is in Settings--Security--Device administrators.
This will re-enable the other authentication methods.
April 22nd, 2014 2:29pm
Can you uncheck the box and the email still work?
April 23rd, 2014 7:17pm
Nope,
Disabling Email application's authority to administer your device will delete all email accounts that require it, along with their emails, contacts, calendar, events and other data.
April 24th, 2014 9:37am
On the S5 , I've removed the Exchange Account from the mail client and there is no Exchange or E-Mail application listed in the Device Administrators list - however, the password options are still restricted to PIN. This suggestion does not seem
to be valid with a s5
April 24th, 2014 4:51pm
Hey Guys
I have got a solution to the fingerprint scanner to work with Microsoft Exchange. My finger print scanner works !
It's a two step solution: One for Email using CloudMagic (which works without the PIN and with the Finger Print) and another for Calendar using Google Calendar Sync (which can sync corporate calendar to Gmail and vice versa ).
Please see the articles I wrote on how to do this:
search for
Exchange Sync to S5:
http://satnix.wordpress.com/2014/04/11/galaxy-s5-issue-with-microsoft-exchange/
Exchnage Calendar Sync to S5:
http://satnix.wordpress.com/2014/04/16/galaxy-s5-finger-print-scanner-issue-with-ms-exchange-calendar-sorted/
-
Proposed as answer by
satnix
Tuesday, April 29, 2014 9:47 PM
April 29th, 2014 9:46pm
That is not a solution as it bypasses security. As an Exchange Admin and the owner of an S5 I want to have security and use my fingerprint.
I hope Samsung addresses this issue.
May 6th, 2014 11:32pm
James
I might disagree with the 'bypass' argument. However, I do agree with Samsung fixing the issue. My phone's security is not compromised as I still use my fingerprint scanner to login. The only thing it doesn't ask me is the 8 digit PIN. The argument can be
challenged by the fact that no system is foolproof when it comes to security. My solution only helps end users who expected a better experience and not challenge the Exchange security point of view. As an end user, I see it helping me access my email, calendar
and still use the finger print scanner. As an exchange admin, I would ask Microsoft to change the logic ;)
I would like to point out that Surface Pro2 has three way login requirements: Password, 4 Digit PIN & Image swiping mechanism. It has my Exchange installed and it works without an issue with any of the three options. Talking about 'Double standards'
here :D
May 10th, 2014 5:42pm
I just got my S5 and have Exchange with Fingerprint Reader running.
But I had an issue after importing a certificate to the device ;(.
Do you have any certificates installed? Try removing and check, if the Fingprint Option is enabled.
I'm looking for a workaround, because I want Lync too and it seems I need to install certificates.
May 24th, 2014 3:47pm
This is an issue with the way Samsung interprets the "Require password" ActiveSync policy. When a device first connects, it goes through a provisioning process and the Exchange server says, "I require a password with a minimum length of X characters".
Other devices (e.g. iPhone 5S) interpret the fingerprint scan to be the same as entering the passcode. It appears the built-in mail client on the Samsung Galaxy S5 interprets it as, "I have to force the user to enter the PIN code", and sets its security
accordingly (disables the fingerprint unlock feature). Samsung would need to change the way it interprets the policy in order for you to use the fingerprint unlock and have the built-in email client connected to ActiveSync (assuming you don't want to,
or can't, change the passcode requirement in the ActiveSync policy).
As others have mentioned, an alternative is to use an email client that interprets the policy differently (or one that just doesn't bother to enforce the policy) such as CloudMagic, Nine, or Touchdown.
June 5th, 2014 4:46pm
fingerprint work with stock android 5 on galaxy s5. Yippee!
December 8th, 2014 12:53pm
How did you get it to work?
December 22nd, 2014 6:58pm
Do you have your S5 connected to an Exchange environment? Does your Exchange policy require passcode? If so, how is yours working, because my stock verizon S5, even with the new 4.4.4 update, does not allow for fingerprint.
December 23rd, 2014 1:30pm