1. Welcome Guest! You must register first before you can post - registration is free! Or to start viewing posts, click Forum. If you are new to web forums, check out our FAQ.
View RSS Feed

jdellasala

"Clearing" IT Policy - OS 4.2 and earlier

Rating: 5 votes, 5.00 average.
5 Comments
by
jdellasala
, 01-29-2008 at 08:10 AM (9330 Views)
 .JerryD.

NOTE: If your device is running OS 4.3 or higher, see this post as it is significantly easier to remove IT policy that way!

Please do not post questions here (and don't PM me with questions). Use the forums - that's what they're for! You'll probably get an answer much faster too. See note at the bottom of this post.

DISCLAIMER: The attached Policy.bin (in the Zip file) sets the Firewall to Enabled and locked!. I have searched - no scoured the Internet for an IT Policy that unlocks the Firewall, but have not been able to find it. Additionally, I have been told there is no such thing.

I have been using a BlackBerry with the Firewall enabled with no problem.

If you have an IT Policy that unlocks this setting, please PM it to me! I'd prefer the INF file, but would be happy to get the BIN file.

BlackBerry IT Policy is an advanced security feature allowing management of virtually every setting on a BlackBerry connected to a BlackBerry Enterprise Server. Typically, this crops up when a BlackBerry is aquired second hand or someone leaves the company that managed the BES and a clean Policy was not applied before breaking the connection with the BES.

Applying a "blank" IT Policy is not too difficult, there are just a lot of things that need to be set up before it can happen. The actual replacing of the policy literally takes seconds! There used to be an excelent How To on the Internet, but it's gone.

Before proceeding, understand that IT Policy can NOT be overridden! That is, if you are on a BES and attempt to clear your company's IT Policy as outlined here, your company's IT Policy will be reapplied as soon as you begin the Enterprise Activation process required to connect to your company's BES - so don't even bother!

Here is EVERYTHING you need to have and what to do:
You must have:
  1. Desktop Manager 4.1 or higher installed in Internet mode - Enterprise mode will not work.

    As this implies, you must also have your BlackBerry and a USB cable to connect your BlackBerry to Desktop Manager.

    I do not know if a BlueTooth connection will work, and would not recommend it anyway!

    (Scripting note: If DM is set up in Internet mode, the registry entry "RedirectorConfiguration" under "HKEY_LOCAL_MACHINE\SOFTWARE\Research In Motion\BlackBerry\Manager\Extensions" will NOT exist)
    .
  2. Have wiped your BlackBerry before starting.
    1. Go to Options --> Security Options --> General Settings, Click the Menu button or Scroll wheel and select Wipe handheld.
    2. You can also set a password and enter it incorrectly 10 times.
    3. If you need to retain data, do a Selective backup (use the Advanced button) and only backup data
    .
  3. A blank policy.bin file (in the attached Zip file) saved to %ProgramFiles%\Research In Motion\BlackBerry\policy.bin where %ProgramFiles% a system environment variable and typically (although not always) set to C:\Program Files. A blank poicy.bin is in the attached policy.zip.
    .
  4. A registry entry needs to be made. The easiest way is to simpy go to Start and select Run and enter the following command (Win2K and higher):
    Code:
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Research In Motion\BlackBerry\Policy Manager" /v Path /t REG_SZ /d "c:\Program Files\Research In Motion\BlackBerry\policy.bin"
    NOTE: If your environment variable %ProgramFiles% is not C:\Program Files, replace C:\Program Files with the appropriate value. In some European distributions of Windows %ProgramFiles% is C:\Programs. To find the value of your environment variable, open a command prompt window and type set program and hit [Enter]. You whould get the response ProgramFiles=C:\Program Files. Use whatever it says to the RIGHT of the equal sign.
To summarize:
  • Desktop Manager 4.1 or higher installed with Internet settings, and able to connect to the BlackBerry to be cleared.
  • Wipe the BlackBerry to be cleared
  • Extract policy.bin in the attached policy.zip to C:\Program Files\Research In Motion\BlackBerry\policy.bin
  • The following registry entry:
    HKEY_LOCAL_MACHINE\SOFTWARE\Research In Motion\BlackBerry\Policy Manager
    "Path"="C:\Program Files\Research In Motion\BlackBerry\policy.bin"
Now, start Desktop Manager, and once it's up and running plug in your BlackBerry. When Desktop Manager connects, it will briefly say it's working, and then stop. Give it a good 10-15 seconds just to be sure. Your BlackBerry should now have the default factory IT Policy applied without any restrictions.

NOTE: I have closed comments to this post because the Blog format doesn't facilitate replying to individual posts. If you have a question, please post it on the RIM Handheld OS Forum (read the above carefully and search the forum first!). You can post directly to that forum by clicking this link.
Attached Thumbnails Attached Files

Updated 01-24-2009 at 08:03 AM by 3389

Categories
BlackBerry Info

Comments

  1. sameermehra - 01-29-2008 12:16 PM
    sameermehra's Avatar
    Can there be network problem, I mean not getting the edge in capital letters on the black berry as teh clean-up wasnt done.
  2. jonnyxedge - 01-30-2008 01:59 AM
    jonnyxedge's Avatar
    this may be a dumb quesion, what if i am already on a BES sever, and i did it to my device would i still be on the BES with a "blank it policy"
  3. rizadoang - 01-30-2008 03:23 AM
    rizadoang's Avatar
    How do we know the "Clearing IT Policy" process succeed? Thanks.
  4. BlackBerry8800 - 02-07-2008 11:14 PM
    BlackBerry8800's Avatar
    will this reset the firewall enabled? and you need to change pipeing to true in the policy.bin you have
  5. jdellasala - 03-01-2008 06:21 AM
    jdellasala's Avatar
    In answer to questions above:

    jonnyxedge - your answer is clearly stated in the fourth paragraph above.

    rizadoang - if you need to ask, you probably don't need to do it! You'd know it worked when the setting you wanted to change and couldn't change can be changed.

    BlackBerry8800 - are you saying that you have a BlackBerry that had an IT Policy that enabled the firewall and couldn't change it before or after you tried the procedure above? If so, PM me.

    As noted in the new opening paragraph, please post any other questions in the Forums. This is the only time I'll be replying to posts.

    Comments regarding problems or issues with the post itself are welcome.