WSO2 EMM Agent configurations to enroll and manage devices
| Table of Contents |
|---|
...
Configuring the monitoring frequency:
Configure the monitoring frequency via the EMM console. For more information, see General Platform Configurations.
Info If you configure the monitoring frequency via the EMM console, it will overwrite the monitoring frequency configuration done by editing the
cdm-config.xmlfile, as shown below.Configure the
DeviceMonitorFrequencyparameter in the cdm-config.xmlfile, which is in the<EMM_HOME>/repository/confdirectory. Specify this value in milliseconds. The EMM server uses this parameter to determine how often the devices enrolled with EMM need to be monitored. By default, this value has been configured to 60000ms (1min).Example:
Code Block <DeviceMonitorFrequency>60000</DeviceMonitorFrequency>
Uncomment the following code in the
carbon.xmlfile, which is in the<EMM_HOME>/repository/confdirectory, and enter your organization domain.Info This step is only required for the production environment.
Example:
Code Block <HostName>www.wso2.org</HostName> <MgtHostName>www.wso2.org</MgtHostName>
Configure the following fields that are under theAnchor carbon.local.ip carbon.local.ip <APIKeyValidator>tag in theapi-manager.xmlfile, which is in the<EMM_HOME>/repository/confdirectory.Info This step is only applicable in the production environment.
Configure the
<serverURL>field by replacing${carbon.local.ip}with the hostname or public IP of the production environment.Code Block <ServerURL>https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>Example:
Code Block <ServerURL>https://45.67.89.100:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>Configure the
<RevokeAPIURL>field by replacing${carbon.local.ip}with the hostname or public IP of the production environment.Code Block <RevokeAPIURL>https://${carbon.local.ip}:${https.nio.port}/revoke</RevokeAPIURL>Example:
Code Block <RevokeAPIURL>https://45.67.89.100:${https.nio.port}/revoke</RevokeAPIURL>
Enable HTTPS communication.Anchor HTTPS HTTPS Info - This step is only required for the production environment. Once enabled, the HTTP requests will be redirected to use HTTPS automatically.
- You will need to setup the BKS file in the android agent once HTTPS is enabled.
To enable HTTPS redirection for a specific web application, uncomment the following code in the respective web application's
web.xml.
Example: Enable HTTPS redirection for the mdm-android-agent web app by navigating to the<WSO2_EMM>/repository/deployment/server/webapps/mdm-android-agent/WEB-INF/web.xmlfile.Code Block <security-constraint> <web-resource-collection> <web-resource-name>MDM-Admin</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>To enable HTTPS redirection for the entire servlet container, configure the
web.xml file, which is in thewso2emm-2.0.1/repository/conf/tomcatfolder, by including the following:Code Block <security-constraint> <web-resource-collection> <web-resource-name>MDM-Admin</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
Configure the email client to send out registration confirmation emails through EMM to the respective users.Anchor email email Info In EMM, user registration confirmation emails are disabled by default, and the admin needs to provide the required configuration details to enable it.
Create an email account to send out emails to users that register with EMM (e.g., no-reply@foo.com).
Open the
<EMM_HOME>/repository/conf/axis2/axis2.xmlfile, uncomment themailtotransportSender section, and configure the EMM email account.Code Block <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> <parameter name="mail.smtp.user">synapse.demo.0</parameter> <parameter name="mail.smtp.password">mailpassword</parameter> <parameter name="mail.smtp.from">synapse.demo.0@gmail.com</parameter> </transportSender>
Info For
mail.smtp.from,mail.smtp.user, andmail.smtp.password, use the email address, username, and password (respectively) from the mail account you set up.Example:
Code Block <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> <parameter name="mail.smtp.user">foo</parameter> <parameter name="mail.smtp.password">$foo1234</parameter> <parameter name="mail.smtp.from">no-reply@foo.com</parameter> </transportSender>
- Customize the email that is being sent out by navigating to the
notification-messages.xmlfile, which is in the<EMM_HOME>/repository/confdirectory. Customize the link being sent in the email to download the EMM application by navigating to the
cdm-config.xmlfile, which is in the<EMM_HOME>/repository/confdirectory, and configuring the following fields under<EmailClientConfiguration>.LBHostPortPrefix: Provide the load balancer host and port prefix.enrollmentContextPath: Provide the path to download the application.
Expand title Click here to view an example. Code Block <EmailClientConfiguration> <minimumThread>8</minimumThread> <maximumThread>100</maximumThread> <keepAliveTime>20</keepAliveTime> <ThreadQueueCapacity>1000</ThreadQueueCapacity> <LBHostPortPrefix>https://localhost:9443</LBHostPortPrefix> <enrollmentContextPath>/mdm/enrollment</enrollmentContextPath> </EmailClientConfiguration>
...