This section provides tips for dealing with issues you may encounter when using Mobile Security.
If a new version of Mobile Security Management Module is available on the ActiveUpdate server and your Mobile Security Management server does not display the version number properly, restart the Plug-in Manager on the Mobile Security Management server.
You have configured Internet Explorer to use a higher security level. To resolve this problem, return the security level for Internet Explorer to the default setting.
Mobile Security does not support remote management through Control Manager.
Make sure the phone services for the SMS senders are still available. For example, check that you have paid the phone bills and the services are not terminated.
If you connect an SMS sender to a host computer using ActiveSync and a firewall is installed on the MSMM or MSCM server, you must configure a firewall rule to allow traffic on port 5721. Otherwise, the SMS sender cannot receive instructions from the server to send messages to mobile devices.
Check that SMS senders are connected to the MSMM or MSCM server.
Make sure the phone services for the SMS senders are still available. For example, check that you have paid the phone bills and the services are not terminated.
If you installed SMS sender and Mobile Device Agent on the same mobile device, and a firewall is installed on the MSMM or MSCM server, you must configure a firewall rule to allow traffic on port 5721. Otherwise, the SMS sender cannot receive instructions from the server to send messages to mobile devices.
Change the encoding method on SMS senders and try again. By default, SMS senders use the unicode encoding method when sending messages. Some service providers may not support this encoding method.
Mobile device keyboards can only support a certain set of characters. Trend Micro recommends that the administrator compile a list of characters supported by the devices. After compiling the list of supported characters, the administrator can then set the uninstall protection password from the management console using the list of supported characters.
The version of Mobile Security agent supporting a DNS address should be higher than 5.0.0.1099 for Windows Mobile platform and higher than 5.0.0.1061 for Symbian OS 9.x S60 3rd Edition platform. Previous versions can connect via IP address only.
The firewall may pop up a SYN Flood warning dialog when an administrator is using the TMMS 7.1 web console remotely/locally. This is an Intrusion Detection System (IDS) warning from the firewall. It is caused by the OfficeScan web server (IIS or Apache) that doesn't have the "Keep alive" option enabled. This option should be enabled in order to keep this message from reappearing. See your web server documentation for instructions on how to do this.
When a user uses the Encryption Module on a device, some existing applications may not function. The reason is that these existing applications may be not be contained in the trusted list. After the Encryption Module is enabled, certain file types will be encrypted (for example, doc, txt, ppt, pdf, xls and etc). The Encryption Module only allows trusted applications to access encrypted data. Therefore, the administrator must add these applications to the trusted application list.
If Master Server and Policy Server are not accessible during the update, the Mobile Device Agent will update from Trend Micro’s official AU server. In this case, the update may succeed, but the Mobile Device Agent will not sync with the Policy server. This will cause the device's component status or configuration status to be out-of-date.
This issue may happen if the system clock of SCEP server is set to the incorrect time or the Simple Certificate Enrollment Protocol (SCEP) certificate is not obtained by Trend Micro Mobile Security. Make sure that the system clock of SCEP server is set to the correct time. If the issue persists, perform the following steps:
Log on to the OfficeScan Web console and click Plug-in Manager.
ClickManage Program for Mobile Security, and then click Administration > Policy Server Settings.
Without changing the settings, click Save.
If the uninstallation process started deleting the files and services that are important for the Policy Server’s normal operation before the process was stopped, the Policy Server may not function normally. To resolve this issue, install and configure the Policy Server again.
The Policy Server cannot receive the policy from the BlackBerry Enterprise Server (BES) if the policy name contains special characters. Check if the policy name contain any special characters and replace them with alphabets and numbers.
The Device Management page uses Active X to display various data on the page. Performing the upgrade on the Master Server replaces the old Active X on the server. You must restart the Master Server to enable Internet Explorer to use the latest Active X. If the problem persists even after restarting the Master Server, then perform the following steps:
Close Internet Explorer.
Go to the directory C:\Windows\Downloaded Program Files and delete TMMS_AtxConsole.ocx.
Open Internet Explorer, and log on to the OfficeScan Web console to access Trend Micro Mobile Security.
If you are using SQL Server Express, use the following format in the Server address field: <SQL Server Express IP address>\sqlexpress.
Replace <SQL Server Express IP address> with the IP address of SQL Server Express.
This problem may occur when SQL Server 2005 is not configured to accept remote connections. By default, SQL Server 2005 Express Edition and SQL Server 2005 Developer Edition do not allow remote connections. To configure SQL Server 2005 to allow remote connections, complete all the following steps:
Enable remote connections on the instance of SQL Server that you want to connect to from a remote computer.
Turn on the SQL Server Browser service.
Configure the firewall to allow network traffic that is related to SQL Server and to the SQL Server Browser service.
This problem may occur if Visual Studio 2008 is not installed in the default location and therefore, the SQL Server 2008 setup cannot find devenv.exe.config configuration file. To resolve this issue, perform the following steps:
Go to <Visual Studio installation folder>\Microsoft Visual Studio 9.0\Common7\IDE folder, find and copy devenv.exe.config file and paste it to the following folder (you may need to enable display extensions for known file types in folder options):
For 64-bit Operating System:
C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE
For 32-bit Operating System:
C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE
Run the SQL Server 2008 setup again and add BIDS feature to the existing instance of SQL Server 2008.
This may occur if the downloading of encrypted files is disabled in the Internet Explorer. Perform the following steps to enable the encrypted files download:
On your Internet Explorer, go to Tools >Internet options, and then click the Advanced tab on the Internet Options window.
Under Security section, clear Do not save encrypted pages to disk.
Click OK.
This is because the Mobile Security device administrator is not activated on that mobile device. If the user does not activate Mobile Security in the Device administrators list, then the Mobile Security cannot synchronize server policies with the mobile device, and displays its status as Out of Sync.