Hitachi

JP1 Version 12 JP1/IT Desktop Management 2 - Smart Device Manager

3.13.4 Procedure for creating a configuration profile on the communication server (when managing iOS devices)

Create a configuration profile on the communication server in order to distribute client certificates to iOS devices. You need to perform this procedure only when managing iOS devices.

Note

A configuration profile stored in the communication server is downloaded to iOS devices after the setup of the communication server is completed when the installation of a smart device agent is performed. To apply an updated configuration profile to iOS devices, on the smart device agent, tap "Communication Server" and "Re-download Configuration Profile" in order, and then download it.

Organization of this subsection

(1) Procedure when using the iPhone Configuration Utility

Prerequisites

The following procedure is provided based on the iPhone Configuration Utility version 3.6.

Procedure

  1. Install the Apple iPhone Configuration Utility.

  2. In the left pane of the window, select Library, and then Configuration Profiles. Then, click the New button at the top of the window.

  3. Specify the General settings as follows:

    Item

    Specifiable value

    Name

    Any

    Identifier

    Any

    Organization

    Any

    Description

    Any

    Consent Message

    Any

    Security

    Select With Authentication.

    Automatically Remove Profile

    Select Never.

  4. For the Credentials setting, select the root certificate used for connecting iOS devices to the communication server. Enter the credential name, and then add the root certificate. (This step is required if the root certificate for the communication server is not installed on an iOS device.)

    Tip

    You can also set root certificates for individual iOS devices.

  5. In the Credentials settings, select the client certificate (APNsMDMPushDev.p12) used by iOS devices to connect to the APNs server. Then, enter the credential name and the password for the certificate, and then add the client certificate.

    Tip

    Even if the client certificate expires, you do not need to update the configuration profile which has been distributed to devices.

  6. Specify the Mobile Device Management Settings information as follows:

    Item

    Specifiable value

    Server URL

    https://communication-server-host-name:26055/CommunicationServerWeb/ios/server

    Check in URL

    https://communication-server-host-name:26055/CommunicationServerWeb/ios/checkin

    Topic

    Set the UID in the Subject DN of the MDM certificate created by using the Apple Push Certificates Portal.

    Identity

    In the list, select the credential name specified in step 5, which is used for connecting to the APNs server.

    Sign messages

    Select the check box.

    Check Out When Removed

    Select the check box.

    Access Rights

    Select all check boxes.

    Apple Push Notification Server

    Clear the check box.

  7. Click the Export button at the top of the window, select Sign Configuration Profile, and then export the configuration profile.

    For the file name, specify mdmprofile.mobileconfig.

  8. Store the configuration profile in the following folder on the communication server:

    JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\conf

Related Topics

To Page Top

(2) Procedure when using the configuration profile generation tool

Procedure

  1. Start the configuration profile generation tool.

    The configuration profile generation tool is stored in the following location:

    JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\bin\sdmgeneratemobileconf.exe

  2. Specify the General settings as follows: To update a configuration profile,click the [Import...] button, import the configuration profile to be updated, and then edit it.

    Item

    Description

    Required

    Name

    Display name of the profile

    Y

    Identifier

    Identifier of the profile

    Y

    Organization

    Organization name of the profile

    --

    Description

    Description of the profile

    Y

    Consent

    Message which is shown when the profile is installed.

    --

    Security

    Select Always.

    Y

    PayloadUUID

    Payload UUID of the configuration profile

    Click the Generate button to generate a payload UUID.

    Set the payload UUID to the unique value for each communication server in which a configuration profile is installed.

    Y
    Legend:

    Y: Required

    --: Optional

    You cannot use the characters "<", ">", and "&" as the value of the items.

  3. For the Credentials setting, select the client certificate used by iOS devices to connect to the APNs server. Enter the credential name and the password for the certificate, and then add the client certificate.

    When you set "Generate password" checked, you can omit the input of the password when performing an installation to an iOS device.

    Tip

    Even if the client certificate expires, you do not need to update the configuration profile which has been distributed to devices.

  4. Specify the Mobile Device Management Settings information as follows:

    Item

    Specifiable value

    Required

    Server URL

    https://communication-server-host-name:26055/CommunicationServerWeb/ios/server

    Y

    Check in URL

    https://communication-server-host-name:26055/CommunicationServerWeb/ios/checkin

    Y

    Topic

    Set the UID in the Subject DN of the MDM certificate created by using the Apple Push Certificates Portal.

    Y
    Legend:

    Y: Required

  5. Click the Generate button, and then export the configuration profile.

    For the file name, specify mdmprofile.mobileconfig.

  6. Store the configuration profile in the following folder on the communication server:

    JP1/ITDM2 - SDM (Communication Server)-installation-folder\cms\conf

Related Topics

To Page Top

Copyright (C) 2019, Hitachi, Ltd.

Copyright (C) 2019, Hitachi Solutions, Ltd.