Related
Hey there XDA.
i'm in the IT department for a big-time company, and we (obviously) have specific security parameters on our network.
Recently, with all of the talk about android tablets because of CES and other factors (i personally own a Viewsonic G-Tablet running VEGAn 5.1b) the team and i have come to wonder if we would be able to put an android tablet onto the domain the same way we would a regular old Windows PC/Laptop or a Blackberry phone onto the exchange server.
We use Citrix clients/servers as well as pc/laptops, and so far, as i've been scouring the market, i've been able to find a Citrix app, and a Wyse terminal app, which could be used to open VPN sessions on the server, as well as another app which allows an android device to be connected completely with Microsoft Exchange Server. ( touchdown http://www.nitrodesk.com/TouchDown.aspx )
So, i figured, where else would i go but here, to the most well versed android development website on the interwebs, to ask if you guys might know of anything at all, or if something could be done.
Any ideas?
Sent from my X10a using XDA App
Hi,
I'm kind of unclear about what you're looking for, from your post, I guess because there could be any number of interpretations, e.g.:
- Are you asking if an Android device could be joined to your Windows domain?
- Are you asking if you can "see" shares on your Windows machines from Android?
- Are you asking if you can RDP to a Windows machine from Android?
- Etc.?
Probably (I think) #1 above is "no", at least as far as I can see now (plus I don't know if it'd make sense).
The answer to the 2nd and 3rd are "yes".
For #2, either you can use something like ES File Explorer, or you can use CIFS Manager on an Android machine that has CIFS support.
For #3, Pocketcloud can do that (the one from Wyse), and there are a few more.
Jim
jimcpl said:
Hi,
I'm kind of unclear about what you're looking for, from your post, I guess because there could be any number of interpretations, e.g.:
- Are you asking if an Android device could be joined to your Windows domain?
- Are you asking if you can "see" shares on your Windows machines from Android?
- Are you asking if you can RDP to a Windows machine from Android?
- Etc.?
Probably (I think) #1 above is "no", at least as far as I can see now (plus I don't know if it'd make sense).
The answer to the 2nd and 3rd are "yes".
For #2, either you can use something like ES File Explorer, or you can use CIFS Manager on an Android machine that has CIFS support.
For #3, Pocketcloud can do that (the one from Wyse), and there are a few more.
Jim
Click to expand...
Click to collapse
Thanks for the reply, and yes i was looking to concentrate more around number 1. If number 1 were to be solved, number 2 would end up working out perfectly, with no security risks (becuase the shared files are only available to domain devices or thin clients using the VPN/RDP services we have setup). I guess looking at it from another angle, we would probably be able to (theoretically) limit a user's access capabilities on the tablet so that a general user could still be able to access the file shares using VPN without creating a security risk...
as you can see i currently have a whole lot running around in my head, and i'm not even sure if i'm mkaing it sound like english... T_T
I use my Zpad for work, the business apps I use:
Touchdown (for exchange, would like spell checker though)
File Expert (access shares)
Xtralogic Remote Desktop (works VERY well, better than PocketCloud and worth the $25)
mortician10101 said:
Thanks for the reply, and yes i was looking to concentrate more around number 1. If number 1 were to be solved, number 2 would end up working out perfectly, with no security risks (becuase the shared files are only available to domain devices or thin clients using the VPN/RDP services we have setup). I guess looking at it from another angle, we would probably be able to (theoretically) limit a user's access capabilities on the tablet so that a general user could still be able to access the file shares using VPN without creating a security risk...
as you can see i currently have a whole lot running around in my head, and i'm not even sure if i'm mkaing it sound like english... T_T
Click to expand...
Click to collapse
It sounds like you're looking for something like PAM authentication capability from the Gtab. I know that there are products that do that for *nix, but I'm not aware of anything specifically for Android. Then again I think that there are public domain implementations, so it might be possible. Sorry that I can't be more help ...
Jim
mortician10101 said:
Hey there XDA.
i'm in the IT department for a big-time company, and we (obviously) have specific security parameters on our network.
Recently, with all of the talk about android tablets because of CES and other factors (i personally own a Viewsonic G-Tablet running VEGAn 5.1b) the team and i have come to wonder if we would be able to put an android tablet onto the domain the same way we would a regular old Windows PC/Laptop or a Blackberry phone onto the exchange server.
We use Citrix clients/servers as well as pc/laptops, and so far, as i've been scouring the market, i've been able to find a Citrix app, and a Wyse terminal app, which could be used to open VPN sessions on the server, as well as another app which allows an android device to be connected completely with Microsoft Exchange Server. ( touchdown http://www.nitrodesk.com/TouchDown.aspx )
So, i figured, where else would i go but here, to the most well versed android development website on the interwebs, to ask if you guys might know of anything at all, or if something could be done.
Any ideas?
Sent from my X10a using XDA App
Click to expand...
Click to collapse
Did you ever figure out anything more on this? We are looking at the same thing right now, and it'd be great if you found any more info out
So, I'm having a blast with my new nook. So far it's done just about everything I've asked of it. But not this. My office has citrix remote access that is working fine for the ipad, and is in testing for a few approved android devices. Since I work with the guys who manage it, I ran a test or two today to see how the NC performs.
The good? Got connected. The bad? I get an SSL/TLS JSSE error when I try to launch apps. So, what's the deal? Do I need to get android 2.2 or is my fix something else? If it's just 2.2, then I'll wait for the rumored update probably.
Would a nookie froyo boot sd work well enough to test this out? If so I've got a spare card with honeycomb that might be getting wiped.
*rooted nook color 1.1 with the 'monster pack' bootable sd image*
also have the same problem! Let me know if you find a solution.
Yes you need at least 2.2. I'm running CM7 on my nook and the Citrix receiver works great. I also use it on my HTC EVO on 2.2 and it works there as well.
Yes the bookie froyo SD bootable should work fine.
huh, got busy and never got a chance to check back. from what I've read, if you install the certificate you can get access. however, there's no option on my nook to install from SD card.
still looking into this when i have time, just haven't really had time.
That's weird. I am using the Citrix receiver on my stock rooted NC and haven't seen any issues (yet). Granted, I only used the VNC app to remote into my work computer but it worked flawlessly.
Are you using the Citrix Receiver or the Citrix Labs Receiver. I know I have just the Receiver. Not sure what the difference is between the two (haven't really looked that closely) but it might be somthing to check.
Try to save the link to the app usually in the form of *.ica file type. Then launch that file through astro. I used this workaround on my Streak.
Using CM7 n30, Citrix wouldn't accepting SSL certificate initially but problem went away after n12 or so, working fine since.
Ok, did a little reading, and found the system reqs for citrix reciever.
Device
Citrix Receiver supports Android mobile devices with operating system 2.0 or later.
About Secure Connections and SSL Certificates
When securing remote connections using SSL, the mobile device verifies the authenticity of the remote gateway's SSL certificate against a local store of trusted root certificate authorities. The device automatically recognizes commercially issued certificates (such as VeriSign and Thawte) provided the root certificate for the certificate authority exists in the local keystore.
Private (Self-signed) Certificates
If a private certificate is installed on the remote gateway, the root certificate for the organization's certificate authority must be installed on the mobile device in order to successfully access Citrix resources using the Citrix Receiver.
Note: If the remote gateway's certificate cannot be verified upon connection (because the root certificate is not included in the local keystore), an untrusted certificate warning appears. If a user chooses to continue through the warning, a list of applications is displayed; however, application fails to launch.
Importing Root Certificates on Android Devices
Android devices currently do not support automatic import of root certificates. More importantly, gaining root access to a device or changing the keystore can result in an inoperable device.
Click to expand...
Click to collapse
Pretty sure we're using self signed certificates at my workplace, and I can get it, I just am not sure how to install/import it. Our remote access guy mentioned that on his android device he can go to security and then import a cert from the SD card, but if that option is on the Nook, I missed it under Nook Color Tools.
The other thing is that the cert needs to be exported to .p12, which should be trivial if we can actually find/activate the import from SD option.
rico posted on a thread on androidtablets.net
The setting in stock Android 2.1, can allow for apps secure certificates. In the NC, most SSL sites work automatically, but for those which require a more manual approach, I think the stock Android setting is need. So far I haven't found how to turn this setting on.
Click to expand...
Click to collapse
soo..... looks like unless i go from rooted to rom'ed, i'm scr*wed.
maybe after the rumored/legendary/elusive/mythical update that is coming any day now from B&N?
Nook Certs Import
I'm using CM7, running Gingerbread. Under Settings>Location & Security there is an option to Install from SD card.
I just don't know where to get a certificate that works.
envygreen said:
Ok, did a little reading, and found the system reqs for citrix reciever.
Pretty sure we're using self signed certificates at my workplace, and I can get it, I just am not sure how to install/import it. Our remote access guy mentioned that on his android device he can go to security and then import a cert from the SD card, but if that option is on the Nook, I missed it under Nook Color Tools.
The other thing is that the cert needs to be exported to .p12, which should be trivial if we can actually find/activate the import from SD option.
rico posted on a thread on androidtablets.net
soo..... looks like unless i go from rooted to rom'ed, i'm scr*wed.
maybe after the rumored/legendary/elusive/mythical update that is coming any day now from B&N?
Click to expand...
Click to collapse
Try running one of the SD card builds of CM7.
as suggested, I got a working SD bootable CM7 build running, and was able to connect with no issues, so it's purely a problem with older (2.1?) builds of android. The remote access guy here says that he believes that was resolved in 2.2 or even a late build of 2.1.
to clarify, i did NOT have to import a root or mid level cert from the SD card. once I was on (CM7) 2.3, citrix reciever just worked but on (rooted) 2.1 it did not.
Not sure what the fix is, if any, for anyone running a rooted nook instead of a custom rom. if I find a fix I'll update though.
I too find i can't get citrix working on a stick 1.1 rooted nook. It'll make the initial connection but wont bring up the desktop window. Is there an explanation and a workaround?
wkearney99 said:
I too find i can't get citrix working on a stick 1.1 rooted nook. It'll make the initial connection but wont bring up the desktop window. Is there an explanation and a workaround?
Click to expand...
Click to collapse
For me it works perfectly on my Epic 4g (Froyo), but not on my Xoom (HC3.1), where it would obviously be much more useful. Get my list of published apps but when I launch just sits at waiting. Same exact settings, very fustrating.
Citrix Reciever "The Server encountered an error"
All, I'm have a rooted NC that's at 1.2 running 2.2 (sorry, I'm not 100% on the right verbiage to use)
I downloaded and installed Citrix Receiver from the market. I enter all of my settings and it shows me my published apps. However, when I try to click on anyone of them I gett the following.
Server error "The server encountered an error."
Any idea on the fix?
So, I was thinking (famous last words)... would it be possible for my nook color to completely duplicate my evo 4g's display and touchscreen (basically an android device with a vnc connection to another android device)?
I'd envision the network connection would be via wifi, most likely with the wireless tether feature on the evo. The purpose would be to use the nook color's larger display as a more car accessible way to access the phones apps, music, dial pad, etc.
It will work, but not without some issues. You can find Droid VNC Server on the market (free) and use any of the available clients. I use Wyse Pocket Cloud Pro, it's not cheap at $15, but honestly, it's worth the money if you need to VNC often. But the free version will certainly work too.
Run the server, and connect with the client. The main issue you'll run into is replicating the soft buttons for navigation. You'd need something similar to what he have on the nook with soft buttons on the status bar. Otherwise it seem to work fine.
This is what I do to connect my android from any other device that can run a VNC viewer/server and vice versa:
1. You need to have root access on your host device (if its android).
2. Get "droid VNC server" for free from market and run this on your evo.
3. There are a lot of VNC viewers but one I find that works well is "androidVNC" from market (free of course) which you install on your NOOK.
4. Profit.
Thanks! I'll have to try these out to see how usable they are.
Hmm is there no new client app to have the Android buttons (home, back...) from the android server device on my client ?
New to XDA,...first post and all that jazz. On to the question...
I've rooted my Prime this morning...that all works fine and dandy; big props to all the folks involved in that!
One of the reasons was that I need AnyConnect to connect to my work VPN. I've installed the latest version from the market, installed the latest tun.ko using the tun.ko installer from the market. I've got the latest iptables. Also, my Prime is all on the latest firmware across the board.
AnyConnect starts just fine, grabs the list of groups. I am able to give it a username/password, but once I attempt to authenticate, the Prime freezes for a moment, then reboots.
I've tried uninstalling/reinstalling each component in this with no luck. I'm reaching out to the community on this. It would be fantastic to have this since it's the last thing keeping me from selling my 1215n, (...that 1215n is awesome, but bulky compared to the Prime, though I did upgrade it to 8GB ram and a 128GB SSD).
Thanks in advance; everyone here is awesome, give yourselves cookies and beers.
I'll be trying this as soon as I have time to root/play; I'll let you know what I find out.
But one thing to keep in mind is that ICS will bring a native VPN API system, and there should be a true Cisco AnyConnect method that works without rooting very soon.
digimuzik said:
I'll be trying this as soon as I have time to root/play; I'll let you know what I find out.
But one thing to keep in mind is that ICS will bring a native VPN API system, and there should be a true Cisco AnyConnect method that works without rooting very soon.
Click to expand...
Click to collapse
I did read that ICS would supposedly have native support for AnyConnect. I'm just hoping that this works so I can list that netbook sooner rather than later. I'm sure I'm not the only person that wants to connect their Prime to their AnyConnect VPN now though.
[bump]
Hoping a few others get a chance to see this and try it.
digimuzik said:
I'll be trying this as soon as I have time to root/play; I'll let you know what I find out.
But one thing to keep in mind is that ICS will bring a native VPN API system, and there should be a true Cisco AnyConnect method that works without rooting very soon.
Click to expand...
Click to collapse
Perhaps a stupid question, but does this mean F5 Firepass SSL will work natively in ICS?
AnyConnect originally didn't support rooted devices. Cisco came up with a version that did. You might want to do some research. It might just be that it's incompatible with the Prime. There are G-Tab users that have it working with root so the rooted version works with HC.
anyone else notice that the VPN service from the network settings causes a reset?
AnyConnect available on market (2.4) does not support TF201, AnyConnect 2.5 in beta has ICS support, currently does not have TF201 specific support though. Hopefully we will have full ICS support upon official release on market.
I was getting similar issues prior to ICS upgrade, now, different set of issues on the AnyConnect 2.5 loading properly.
TF201 ICS
I've used Rooted AnyConnect 2.4.7073 with sklid's tun.ko, and didn't have any issues. I only used it for a few minutes, though.
Noxious Ninja said:
I've used Rooted AnyConnect 2.4.7073 with sklid's tun.ko, and didn't have any issues. I only used it for a few minutes, though.
Click to expand...
Click to collapse
Hey, I tried a few things to get up and running and had a lot of problems. I then ended up needing to reinstall the latest firmware/distro (don't ask).
I installed ICS, then it installed cisco anyconnect (latest from market), I then rooted my transformer prime tf201. At this point when I opened cisco anyconnect it loaded fine but showed me tun.ko wasn;t installed.
Instead of fudging around I installed:
Tun.ko Installer
From the android market
I then checked all boxes to narrow the search and installed.
Everything worked fine, and I'm on the company VPN.
The ICS build for the TF201 was initially compiled without the tun kernel module. An update that should already be available will be compatible with the now available AnyConnect ICS package from the market. If you're using the existing rooted package (2.4.7073) you might run into some undesired behavior getting everything setup and working, though it sounds like some of you were able to get it working fine.
Also note that if you want to install the new AnyConnect ICS package, you will need to uninstall the rooted package before installing that one since the package ids are different. A reboot between uninstalling and installing is also desired.
Root needed?
I was patiently waiting for the 9.4.2.15 update to see if VPN would be fixed (without root). I was actually able to get connected with 9.4.2.14, but cannot remote desktop, ping, etc. with either version.
Am I correct in saying that without rooting and doing other "things" aside from the standard firmware updates that i will not be able to get VPN working (IPSEC XAUTH PSK). I know my settings are correct because VPN works on my laptop and iphone.
Any help would be appreciated as this is the last piece that I am trying to get working on my Transformer Prime.
Thanks, James
In a moment of madness the other day, I ordered one of these devices. I've had some experience of Android on an HTC Wildfire & Archos 101 so thought it would be a relatively safe bet. But oh no.
Can't find a way to access photos on a Windows Media Connect server with the supplied apps & of course, there's no user guide supplied. Look online & the current user guide is for Gingerbread when the device has Froyo. So I thought I'd check & see if Gingerbread has been released in the UK & if that made any difference. Dear old Samsung can't be like other manufacturers & provide a simple "check for software update" in the settings menu, that would be far too simple. No, you need to download & install a Windows program & update via USB. Now while a PITA, would be just about acceptable if Samsung had ever in their history written a decent piece of Windows software - which they haven't. PC Studio & Emodio being two examples of flaky software with pigeon English. So no surprise whatsoever when Kies proves to be yet another piece of ****.
Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine? Just sits there trying to connect. No errors, no timeout, just sits there.
When posting here, you really need to post your variant... 4.0 or 5.0?
I'm surprised you're still on Froyo - usually it's United States customers that get screwed on updates but both the 4.0 and 5.0 are on Gingerbread I'm fairly certain.
Apologies, too busy ranting, it's 5.0.
After trying an XP machine with another USB cable I've discovered that the device has to be manually placed into Kies mode under Settings > USB. Again, why can't they just prompt when the USB is connected like other manufacturers?!
Anyway, so now I finally have Kies running & it tells me that despite the current online manual being for Gingerbread, Froyo is the latest available. Think I'll just give up, send it back & write a big note to self never to buy anything from Samsung again.
"Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine?"
Yes, because you have to set the USB mode to KIES mode. That is for Gingerbread; I do not know if that is the case for Froyo, or why you have the old system.
I have a 5.0, never used Kies and don't plan to. USB set on "Mass Storage", connects with USB instantly. I'm on W7. Must used USB cable provided (unless you're lucky and found another that works, many don't). Never used Media Connect, can't help you there, I just dragged all my MP3 into the extrernal SD card.
crocodile said:
In a moment of madness the other day, I ordered one of these devices. I've had some experience of Android on an HTC Wildfire & Archos 101 so thought it would be a relatively safe bet. But oh no.
Can't find a way to access photos on a Windows Media Connect server with the supplied apps & of course, there's no user guide supplied. Look online & the current user guide is for Gingerbread when the device has Froyo. So I thought I'd check & see if Gingerbread has been released in the UK & if that made any difference. Dear old Samsung can't be like other manufacturers & provide a simple "check for software update" in the settings menu, that would be far too simple. No, you need to download & install a Windows program & update via USB. Now while a PITA, would be just about acceptable if Samsung had ever in their history written a decent piece of Windows software - which they haven't. PC Studio & Emodio being two examples of flaky software with pigeon English. So no surprise whatsoever when Kies proves to be yet another piece of ****.
Anyone have any idea why Kies can't establish a USB connection to W7 despite the mass storage device connecting fine? Just sits there trying to connect. No errors, no timeout, just sits there.
Click to expand...
Click to collapse
I have a 5.0 from the UK as well and the 2.3.5 Gingerbread ODIN version posted in the Android Dev section (http://forum.xda-developers.com/showthread.php?t=1389809) works fine on our devices. It even saves you the hassle of using Kies which is a giant pain.
As for Windows Media Connect, not exactly sure what protocol it uses but you may have some luck with the AllShare app provided by Samsung (unsure if it was included in the Froyo version but it is definitely standard in Gingerbread.) Hope you have some luck as it really is a great device once you get past the initial humps. Let us know how it goes.
Thanks guys.
markr041 said:
Yes, because you have to set the USB mode to KIES mode. That is for Gingerbread; I do not know if that is the case for Froyo, or why you have the old system.
Click to expand...
Click to collapse
Worked that out in the end thanks. According to this thread, Gingerbread isn't released in the UK:
http://forum.xda-developers.com/showthread.php?t=1362386
n64_ali said:
I have a 5.0 from the UK as well ..
Click to expand...
Click to collapse
Seen the Odin option but don't really want to start hacking in case it does need to go back. Haven't looked to see if Odin can revert back to Froyo. If it can I may give it a go but hearing reports that Gingerbread knackers the GPS receiver.
AFAIK, Media Connect is just another DLNA. The Gallery app seems to have no option to view anything on the LAN & AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!
The hardware seems decent enough but I'm not sure I have the will or desire to source replacements for every pre-installed app. My worry going forward is that Samsung pull their usual stunt of "Here's a new model, we don't have to bother with the (6 month) old one now"...
I use File Expert to view/move files/pictures on my home PC, does a wireless connection (as do many explorers). FX File Explorer is also nice (as well as Astro and ES Strong). Most pre-installed apps on any device have much better free counter parts. I don't think I'm use anything that came with the phone (other than system stuff), and I'm not rooted (yet)... but will be so I can get rid of it all for good. Although there's tons of app space, so doesn't bother me much at the moment.
Music Player: Cubed
File Explorer: File Expert
Tasks: Any.do
Calls: GrooveIP
Mail: K9
Photos: Quickpic
Texting: Google Voice
Camera: Camera Zoom
Apps:: Appbrain
Calendar: Yes I am using default calendar! (with Simple Cal Widget)
Kindle Reader
Not much there that came with it!
tcat007 said:
I have a 5.0, never used Kies and don't plan to. USB set on "Mass Storage", connects with USB instantly. I'm on W7. Must used USB cable provided (unless you're lucky and found another that works, many don't). Never used Media Connect, can't help you there, I just dragged all my MP3 into the extrernal SD card.
Click to expand...
Click to collapse
All of my USB cables work with the device (from N900, N950, various other phones) so I'm not sure why people have troubles with this. But I may just be lucky.
Re Windows Media Connect server, does the pre-installed app called "AllShare" not work?
lardman said:
Re Windows Media Connect server, does the pre-installed app called "AllShare" not work?
Click to expand...
Click to collapse
crocodile said:
AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!
Click to expand...
Click to collapse
Can't be sure without any proper documentation but it appears to be limited as above.
I'm really not sure the device offers enough to make the effort of rooting in order to uninstall all the garbage worth while.
I'd like to think that the lack of an official Gingerbread release means Samsung are working on fixing the bugs. But my previous experience of their products makes me think otherwise.
Lack of Gingerbread is more likely something weird that's UK-specific... In the US, it's been Gingerbread from the beginning and I think international devices in the rest of the world are too.
I have never had good results with UPnP media format support on any device - even my PS3 is really damn finicky. However it's annoying that the G70 seems to have issues with UPnP streaming of stuff it plays locally.
I rarely view photos on my phone and haven't ever done it on the player, but in my case I have a Smugmug account so I just browse my galleries that way.
It seems like unfortunately your usage patterns are in a corner case where the device doesn't do so well. UPnP support is kinda "meh" - but as I said I've never seen any device where it wasn't. An iPod touch would probably do just as badly trying to browse photos via UPnP.
AllShare plays my HD video files on my server
"AllShare seems to be limited to creating AV playlists. It can't view photos & every video file on my server is apparently in an "unsupported format"!"
I have used AllShare. It sees all of my video files files on my server (just a home computer that shares). And I have played 640x480 AVI video files and a 720p wmv video file from my server smooth as butter and with great resolution on the SGP. It will not stream or play 1080p video files, however (which is in accord with the specs).
For what it's worth, I have no 720 files never mind 1080. AllShare can see them all (a mixture of AVI & MPG mostly) but won't play them. However, I can create a shortcut to them with ES FIle Explorer & play them all fine with Rockplayer. Guess I need to find a photo viewer than can do the same.