Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version 3

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColor#11375B
bgColor#FFFFFF
borderWidth2

The following modules are required to configure the reverse proxy:

  • mod_proxy.so
    This module deals with proxying in Apache.

  • mod_proxy_http.so
    This module handles connections with both the HTTP and HTTPS protocols.

Navigate to the etc/apache2 directory and use the following command to enable the above modules:

Code Block
cd /etc/apache2
a2enmod proxy_http
Expand
titleClick here to see the Reverse Proxy configuration file format
Panel
titleReverse Proxy configuration file format
Code Block
ServerName localhost
ProxyRequests off
ProxyPreserveHost off
  <Proxy *>
  Order deny,allow
  #Deny from all
  Allow from all    
  </Proxy>
ProxyPass /ENROLLMENTSERVER/PolicyEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/certificatepolicy/xcep
ProxyPassReverse /ENROLLMENTSERVER/PolicyEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/certificatepolicy/xcep
ProxyPass /ENROLLMENTSERVER/DeviceEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/deviceenrolment/wstep
ProxyPassReverse /ENROLLMENTSERVER/DeviceEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/deviceenrolment/wstep
ProxyPass /Syncml/initialquery http://<server-ip>:<server-port>/mdm-windows-agent/services/syncml/devicemanagement/request
/Syncml/initialquery 
ProxyPassReverse http://<server-ip>:<server-port>/mdm-windows-agent/services/syncml/devicemanagement/request
ProxyPass /ENROLLMENTSERVER/ONPREMISE/PolicyEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/certificatepolicy/xcep/onpremise
ProxyPassReverse /ENROLLMENTSERVER/ONPREMISE/PolicyEnrollmentWebservice.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/certificatepolicy/xcep/onpremise
ProxyPass /ENROLLMENTSERVER/ONPREMISE/DeviceEnrollmentWebservice.svc  http://<server-ip>:<server-port>/mdm-windows-agent/services/deviceenrolment/wstep/onpremise
ProxyPassReverse /ENROLLMENTSERVER/ONPREMISE/DeviceEnrollmentWebservice.svc  http://<server-ip>:<server-port>/mdm-windows-agent/services/deviceenrolment/wstep/onpremise
ProxyPass /emm http://<server-ip>:<server-port>/emm
ProxyPassReverse /emm http://<server-ip>:<server-port>/emm
Info

The default <server-ip>:<server-port> is localhost:9443.

...

Panel
borderColor#11375B
bgColor#FFFFFF
borderWidth2
Info

The first GET and POST HTTP requests are received by the same MDM endpoint and the rewrite conditions filter the device requests. By default the Apache Rewrite engine is disabled.

Follow the steps given below to enable the Rewrite engine when running on Ubuntu:

  1. Invoke the rewrite rules:
    1. Create a .htaccess file in the /var/www/ directory with the specific rewrite rules.

    2. Enable the mod_rewrite module.

      Code Block
      sudo a2enmod rewrite

  2. Configure the 000-default file, which is in the /etc/apache2/sites-enabled directory.

    Info

    This step is required to replicate the configuration changes required in the Apache versions on a few files.In the older Apache versions, all virtual host directory directives were managed in the apache2.conf file, which is in the /etc/apache2 directory. In the Apache 2.4.7 version this has changed and the alterations are handled within the /etc/apache2/sites-enabled directory.

    1. Configure the value assigned to AllowOveride from None to All under <Directory/>.

      Code Block
      AllowOverride All

    2. Configure the content under <Directory /var/www/>.

      Info

      If the 000-default file does not contain the Directory tag you need to add it to the file as shown below:

      Code Block
      <Directory /var/www/>
 Options Indexes FollowSymLinks MultiViews
 AllowOverride all
 Order allow,deny
 allow from all
</Directory>

  3. Restart the Apache server.

    Code Block
    server.sudo service apache2 restart
Expand
titleClick here to see the Rewrite Engine Configuration file format
Panel
titleRewrite Engine Configuration file format
Code Block
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(GET)$
RewriteRule /EnrollmentServer/Discovery.svc   http://<server-ip>:<server-port>/mdm-windows-agent/services/discovery/get [P,L]

RewriteCond %{REQUEST_METHOD} ^(POST)$
RewriteRule /EnrollmentServer/Discovery.svc http://<server-ip>:<server-port>/mdm-windows-agent/services/discovery/post [P,L]
Info

The default <server-ip>:<server-port> is localhost:9443.

...