Page Comparison

WSO2 EMM Agent configurations to enroll and manage devices

...

1. Configure the DeviceMonitorFrequency parameter in the cdm-config.xml file, which is in the <EMM_HOME>/repository/conf directory. Specify the value in milliseconds. 

   Info
   title Why is this step needed?
   The EMM server uses this parameter to determine how often the devices enrolled with WSO2 EMM need to be monitored. By default, this value has been configured to 60000ms (1min).

   Example:

   Code Block
   <DeviceMonitorFrequency>60000</DeviceMonitorFrequency>

2. Uncomment the following code in the carbon.xml file, which is in the <EMM_HOME>/repository/conf directory, and enter your organization domain. 

   Info
   This step is only required for the production environment.

   Example:

   Code Block
   <HostName>www.wso2.org</HostName> <MgtHostName>www.wso2.org</MgtHostName>

3. Anchor
   carbon.local.ip carbon.local.ip

   Configure the following fields that are under the <APIKeyValidator> tag in the <EMM_HOME>/repository/conf/api-manager.xml file. 

   Info
   This step is only applicable in the production environment.

   • Configure the <serverURL> field by replacing ${carbon.local.ip} with the hostname or public IP of the production environment.

     Code Block
     <ServerURL>https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>

     Example:

     Code Block
     <ServerURL>https://45.67.89.100:${mgt.transport.https.port}${carbon.context}/services/</ServerURL>

   • Configure the <RevokeAPIURL> field by replacing ${carbon.local.ip} with the hostname or public IP of the production environment.

     Code Block
     <RevokeAPIURL>https://${carbon.local.ip}:${https.nio.port}/revoke</RevokeAPIURL>

     Example:

     Code Block
     <RevokeAPIURL>https://45.67.89.100:${https.nio.port}/revoke</RevokeAPIURL>

4. Anchor
   HTTPS HTTPS

   Enable HTTPS communication.  

   Info
   This step is only required for the production environment. Once enabled, the HTTP requests will be redirected to use HTTPS automatically. You will need to setup the BKS file in the android agent once HTTPS is enabled.

   1. To enable HTTPS redirection for a specific web application, uncomment the following code in the respective web application's web.xml.
      Example: Enable HTTPS redirection for the mdm-android-agent web app by navigating to the <WSO2_EMM>/repository/deployment/server/webapps/mdm-android-agent/WEB-INF/web.xml file.

      Code Block
      <security-constraint> <web-resource-collection> <web-resource-name>MDM-Admin</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

   2. To enable HTTPS redirection for the entire servlet container, configure the web.xml file, which is in the wso2emm-2.0.1/repository/conf/tomcat folder, by including the following:

      Code Block
      <security-constraint> <web-resource-collection> <web-resource-name>MDM-Admin</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>

5. Anchor
   email email

   Configure the email client to send out registration confirmation emails through EMM to the respective users.

   Info
   In EMM, user registration confirmation emails are disabled by default, and the admin needs to provide the required configuration details to enable it.

   1. Create an email account to send out emails to users that register with EMM (e.g., no-reply@foo.com).

   2. Open the <EMM_HOME>/repository/conf/axis2/axis2.xml file, uncomment the mailto transportSender section, and configure the EMM email account.

      Code Block

      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> <parameter name="mail.smtp.user">synapse.demo.0</parameter> <parameter name="mail.smtp.password">mailpassword</parameter> <parameter name="mail.smtp.from">synapse.demo.0@gmail.com</parameter> </transportSender>

      Info
      For mail.smtp.from, mail.smtp.user, and mail.smtp.password, use the email address, username, and password (respectively) from the mail account you set up.

      Example:

      Code Block

      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> <parameter name="mail.smtp.user">foo</parameter> <parameter name="mail.smtp.password">$foo1234</parameter> <parameter name="mail.smtp.from">no-reply@foo.com</parameter> </transportSender>

   3. Customize the email that is being sent out by navigating to the notification-messages.xml file, which is in the <EMM_HOME>/repository/conf directory.

   4. Customize the link being sent in the email to download the EMM application by navigating to the cdm-config.xml file, which is in the <EMM_HOME>/repository/conf directory, and configuring the following fields under <EmailClientConfiguration>.

      • LBHostPortPrefix: Provide the load balancer host and port prefix.

      • enrollmentContextPath: Provide the path to download the application.

      Expand
      title Click here to view an example.
      Code Block <EmailClientConfiguration> <minimumThread>8</minimumThread> <maximumThread>100</maximumThread> <keepAliveTime>20</keepAliveTime> <ThreadQueueCapacity>1000</ThreadQueueCapacity> <LBHostPortPrefix>https://localhost:9443</LBHostPortPrefix> <enrollmentContextPath>/mdm/enrollment</enrollmentContextPath> </EmailClientConfiguration>

...