Versions Compared

Old Version 6

changes.mady.by.user Former user

Saved on

compared with

New Version 7

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

WSO2 EMM Agent configurations to enroll and manage devices

Table of Contents

...

  1. Configuring the monitoring frequency:

    • Configure the monitoring frequency via the EMM console. For more information, see General Server Configurations.

      Info

      If you configure the monitoring frequency via the EMM console, it will overwrite the monitoring frequency configuration done by editing the cdm-config.xml file, as shown below.

    • Configure the DeviceMonitorFrequency parameter in the cdm-config.xmlfile, which is in the <EMM_HOME>/repository/conf directory. Specify this value in milliseconds. The EMM server uses this parameter to determine how often the devices enrolled with EMM need to be monitored. By default, this value has been configured to 60000ms (1min).

      Example:

      Code Block
      <DeviceMonitorFrequency>60000</DeviceMonitorFrequency>

    Uncomment the following code in the carbon.xml file, which is in the <EMM_HOME>/repository/conf directory, and enter your organization domain. 

    Info

    This step is only required for the production environment.

    Example:

    Code Block<HostName>www.wso2.org</HostName> <MgtHostName>www.wso2.org</MgtHostName>
  2.  Anchor
    carbon.local.ip
    carbon.local.ip
    Configure the following fields that are under the <APIKeyValidator> tag in the <EMM_HOME>/repository/conf/api-manager.xml file.
     Info
    This step is only applicable in the production environment.
    • Configure the <serverURL> field by replacing ${carbon.local.ip} with the hostname or public IP of the production environment.
       Code Block
      <ServerURL>https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>
      Example:
       Code Block
      <ServerURL>https://45.67.89.100:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>
    • Configure the <RevokeAPIURL> field by replacing ${carbon.local.ip} with the hostname or public IP of the production environment.
       Code Block
      <RevokeAPIURL>https://${carbon.local.ip}:${https.nio.port}/revoke</RevokeAPIURL>
      Example:
       Code Block
      <RevokeAPIURL>https://45.67.89.100:${https.nio.port}/revoke</RevokeAPIURL>
  3.  Anchor
    HTTPS
    HTTPS
    Enable HTTPS communication.  
     Info
    • This step is only required for the production environment. Once enabled, the HTTP requests will be redirected to use HTTPS automatically.
    • You will need to setup the BKS file in the android agent once HTTPS is enabled.
    1. To enable HTTPS redirection for a specific web application, uncomment the following code in the respective web application's web.xml.
      Example: Enable HTTPS redirection for the mdm-android-agent web app by navigating to the <WSO2_EMM>/repository/deployment/server/webapps/mdm-android-agent/WEB-INF/web.xml file.
       Code Block
       <security-constraint>
   <web-resource-collection>
      <web-resource-name>MDM-Admin</web-resource-name>
      <url-pattern>/*</url-pattern>
   </web-resource-collection>
   <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
   </user-data-constraint>
</security-constraint>
    2. To enable HTTPS redirection for the entire servlet container, configure the web.xml file, which is in the wso2emm-2.1.0/repository/conf/tomcat folder, by including the following:
       Code Block
      <security-constraint>
   <web-resource-collection>
      <web-resource-name>MDM-Admin</web-resource-name>
      <url-pattern>/*</url-pattern>
   </web-resource-collection>
   <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
   </user-data-constraint>
</security-constraint>
...
  1. Create an email account to send out emails to users that register with EMM (e.g., no-reply@foo.com).
  2. Open the <EMM_HOME>/repository/conf/axis2/axis2.xml file, uncomment the mailto transportSender section, and configure the EMM email account.
     Code Block
    <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
   <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
   <parameter name="mail.smtp.port">587</parameter>
   <parameter name="mail.smtp.starttls.enable">true</parameter>
   <parameter name="mail.smtp.auth">true</parameter>
   <parameter name="mail.smtp.user">synapse.demo.0</parameter>
   <parameter name="mail.smtp.password">mailpassword</parameter>
   <parameter name="mail.smtp.from">synapse.demo.0@gmail.com</parameter>
</transportSender>
     Info
    For mail.smtp.frommail.smtp.user, and mail.smtp.password, use the email address, username, and password (respectively) from the mail account you set up.
    Example:
     Code Block
    <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
   <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
   <parameter name="mail.smtp.port">587</parameter>
   <parameter name="mail.smtp.starttls.enable">true</parameter>
   <parameter name="mail.smtp.auth">true</parameter>
   <parameter name="mail.smtp.user">foo</parameter>
   <parameter name="mail.smtp.password">$foo1234</parameter>
   <parameter name="mail.smtp.from">no-reply@foo.com</parameter>
</transportSender>
  3. Configure the email sender thread pool.
    Navigate to the email-sender-config.xml file, which is in the <EMM_HOME>/repository/conf/etc directory, and configure the following fields under <EmailSenderConfig>.
    • MinThreads: Defines the minimum number of threads that needs to be available in the underlying thread pool when the email sender functionality is initialized.
    • MaxThreadsDefines the maximum number of threads that should serve email sending at any given time.
    • KeepAliveDuration: Defines the duration a connection should be kept alive. If the thread pool has initialized more connections than what was defined in MinThreads, and they have been idle for more than the KeepAliveDuration, those idle connections will be terminated
    • ThreadQueueCapacityDefines the maximum concurrent email sending tasks that can be queued up.
    Example:
     Code Block
    <EmailSenderConfig>
   <MinThreads>8</MinThreads>
   <MaxThreads>100</MaxThreads>
   <KeepAliveDuration>20</KeepAliveDuration>
   <ThreadQueueCapacity>1000</ThreadQueueCapacity>
</EmailSenderConfig>
  4. Customize the email templates that are in the <EMM_HOME>/repository/resources/email-templates directory. 
     Info
    The email templating functionality of WSO2 EMM is implemented on top of Apache Velocity, which is a free and open-source template engine.
    1. Open the email template that you wish to edit based on the requirement, such as the user-invitation.vm or user-registration.vm file.
    2. Edit the <Subject> and <Body> to suite your requirement.
    3. Restart WSO2 EMM.
     Tip
    If you need to access HTTP or HTTPS base URLs of the server within your custom template configs, use the $base-url-http and $base-url-https variables, respectively.
WSO2 EMM Jaggery apps configurations to enroll and manage devices
...