2.6.6 Linking with an MDM system

You can manage smart devices in JP1/IT Desktop Management 2 by linking with an MDM system and collecting information about the smart devices it manages. You can then manage the information in JP1/IT Desktop Management 2, and use the features of JP1/IT Desktop Management 2 to control smart devices.

To link with an MDM system in a multi-server configuration, you must link with an MDM system for each management server.

The following table shows the features made possible by linking with an MDM system:

Feature	Description
Collecting information about smart devices	You can collect information about the smart devices managed by an MDM system, and use the information to manage those devices in JP1/IT Desktop Management 2. By collecting information periodically from the MDM system, you can manage the device information, asset information, and security status of individual smart devices.
Control smart devices^#	JP1/IT Desktop Management 2 can lock, wipe, and reset passcodes on smart devices managed by an MDM system.

Note: If Google Workspace is used as MDM System, you cannot manage the security status of collecting information about smart devices. In addition, control smart devices function cannot be used.

#: If Microsoft Intune is used as MDM system, the passcode is cannot be reset. Also, if Microsoft Intune is used as MDM system and the device classification is "PC", the device cannot be locked.

Tip: When using Microsoft Intune as an MDM system, you can manage PCs whose operating system is Windows in addition to smart device.

Tip: When you use Microsoft Intune as a MDM system, you do not consume licensing for device that you manage with Microsoft Intune. However, among devices managed by Microsoft Intune, if the agent is installed on a PC with a Windows OS, the license of the device will be consumed.

Tip: If you use Microsoft Intune as MDM System and manage Windows PCs, you can also deploy Agent in this PC. In this situation, Management Type will be "Agent Management", but you can also manage information from Microsoft Intune. The use of this kind of management in Agent together with the management in Microsoft Intune is called combined management.

Tip: If you use Google Workspace as MDM System, you can manage ChromeOS and ChromeOS Flex devices. In addition, you can manage only devices that have Status provisioned on Google Workspace.

Tip: When you use Google Workspace as a MDM system, you do not consume licensing for device that you manage with Google Workspace.

Related Topics:

Organization of this subsection

(1) Collecting information for smart devices managed by an MDM system

You can collect information about smart devices managed by an MDM system, allowing you to use the features of JP1/IT Desktop Management 2 to manage the device information, asset information, and security status of smart devices. You can keep the information up-to-date by collecting the latest information.

Tip: Like other devices, each smart device managed by JP1/IT Desktop Management 2 uses one product license.

The following figure shows how smart device information is collected from an MDM system.

[Figure]

You can use the following methods to collect information about smart devices managed by an MDM system:

Immediate: JP1/IT Desktop Management 2 connects to the MDM system immediately and collects information about smart devices. Use this option when you first install JP1/IT Desktop Management 2 or when you want changes to the information in the MDM system to be immediately reflected in the JP1/IT Desktop Management 2 database.
Scheduled: Smart device information is collected regularly according to the MDM linkage settings. Discovered devices are automatically made management targets. The schedule is determined by the values in Start At, Repeat Interval (daily, weekly, or monthly), and Repeat in the Settings module. By default, no schedule is set.

Tip: When you delete a smart device from an MDM system, the corresponding information is not deleted from JP1/IT Desktop Management 2. When you remove a smart device from an MDM system, you can remove the device from JP1/IT Desktop Management 2 by deleting its device information.

To Page Top

(2) Device information that can be acquired from MDM systems

The following table lists the device information you can obtain from an MDM system.

System information

Important: If you deploy managed devices with Agent and managed devices are managed by Microsoft Intune, Device inventory is retrieved from Agent instead of Microsoft Intune.

Device information item		Whether device information can be acquired	Corresponding item in the source MDM system				Contents
Device information item		Whether device information can be acquired	In the case of JP1/ITDM2 - SDM^#1	In the case of MobileIron	For Microsoft Intune	For Google Workspace	Contents
Device Type		Si, SA, M, IS	--	--	--	--	Smart Device is set as the device type.
Device Type		IP, G	--	--	--	--	"PC" is set.
Computer Details	Computer Name (Description)	Si, SA, M, IS, IP	One if the following is displayed:^#2 Managed Smart Device List - Name A combination of the following items is displayed. System Information - User System Information - Phone Number Hardware - Model	--	Name	Serial number	The device name^#2, user name, contract phone number, and model name used to identify the device in the MDM system.
	Host Name	Si, M, IS, IP, G		--	Name	Serial number
	Model (Manufacturer)	Model Si, SA, M, IS, IP, G Manufacturer Si^#3, SA, M, IS, IP	A combination of the following items is displayed. Hardware - Model Hardware - Manufacturer Name	--	Displays a combination of the following items. Hardware - Model Hardware - Manufacturer	Devices > Chrome > Devices > "Serial number" > General > Basic Info > Hardware model	The name of the manufacturer of the device, and the model name assigned by the manufacturer.
	UUID	G	--	--	--	Devices > Chrome > Devices > "Serial number" > General > Basic Info > Directory API ID	UUID is retrieved.
	Serial #	Si, SA^#3, M, IS, IP, G	Hardware - Serial #	SerialNumber	Hardware - Serial number	Devices > Chrome > Devices > "Serial number" > General > Basic Info > Serial number	The serial number of the device.
	Memory	SA, M, IS, IP, G	Hardware - RAM	total_ram_size_bytes	Hardware - Total physical memory	Devices > Chrome > Devices > "Serial Number" > Hardware > Memory > Memory usage	The total memory installed in the device.
System Drive-[Logical Drive]	Drive letter	G	--	--	--	mounted/connected volume id	The drive type or mount path is obtained.
	Free	G	--	--	--	free disk space on the mounted/connected volume	The free space on the drive is obtained.
	Capacity	G	--	--	--	total disk space on the mounted/connected volume	Size of Drive is retrieved.
BIOS Details	Serial number	IP, G	--	--	Hardware - Serial number	Devices > Chrome > Devices > "Serial number" > General > Basic Info > Serial number	The serial number of BIOS is obtained.
OS Details	OS	Si, SA, M, IS, IP, G	A combination of the following items is displayed. System Information - OS System Information - OS Version	OS	Displays a combination of the following items. Operating system Operating system version	Displays a combination of the following items. Devices > Chrome > Devices > "Serial number" > General > Basic Info > ChromeOS type Devices > Chrome > Devices > "Serial number" > OS > OS versions	The name and version of the operating system.
Network Details	Network adapter name	IP	--	--	--	--	"Wi-Fi" is set for Wi-Fi and "Ethernet" for Ethernet.
	MAC Address	Si, SA, M, IS, G	Hardware - WiFi MAC Address Hardware - Bluetooth MAC Address	WiFiMAC wifi_mac_addr BluetoothMAC	Hardware - Wi-Fi MAC	Devices > Chrome > Devices > "Serial number" > Network > Network details > MAC address	The MAC address of the device.
	MAC Address	IP	--	--	Hardware - Wi-Fi MAC Hardware - Ethernet MAC	--	MAC addressis obtained. If both "Hardware - Wi-Fi MAC" and "Hardware - Ethernet MAC" are obtained, they are displayed in this order, and "Hardware - Wi-Fi MAC" is MAC address of representation. If only one of the data is available, only that data is displayed.
Smart device information	IMEI	Si, SA, M, IS, IP	Hardware - IMEI	imei	Hardware - IMEI	--	The IMEI that identifies the smart device.
	UDID	Si, M, IS	Hardware - UDID	udid	Hardware - UDID	--	The UDID assigned to Apple smart devices.
	IMSI	Si, SA, M	System Information - SIM Card	imsi registration_imsi current_SIM_module_number	--	--	The IMSI assigned to the SIM card of smart devices that the telecommunications company uses to identify the subscriber.
	ICCID	Si, SA, M, IS, IP	Hardware - ICCID	--	Hardware - ICCID	--	The ICCID number assigned to the SIM card of the smart device.
	Model (Manufacturer)	Model Si, SA, M, IS, IP Manufacturer Si^#3, SA, M, IS, IP	A combination of the following items is displayed. Hardware - Model Hardware - Manufacturer Name	--	Displays a combination of the following items. Hardware - Model Hardware - Manufacturer	--	The name of the manufacturer of the smart device, and the model name assigned by the manufacturer.
	Serial #	SA^#3, Si, M, IS, IP	Hardware - Serial #	SerialNumber	Hardware - Serial number	--	The serial number of the smart device.
	Contract phone number	Si, SA, M, IS, IP	System Information - Phone Number	Number	Hardware - Phone number	--	The telephone number used by the smart device.
	E-mail	Si, SA, M	System Information - E-mail address	--	--	--	The E-mail address used by the smart device.
	Carrier	Si, SA, M, IS, IP	System Information - SIM Card	current_operator_name Operator	Hardware - Subscriber carrier	--	The communications provider of the smart device.
	Passcode or password setting	Si, SA^#3, M	--	PasscodePresent	--	--	Whether a passcode or password is set on the smart device.
	RAM (free)	SA, M, IS^#5, IP^#5	Hardware - RAM	A combination of the following items is displayed. total_ram_size_bytes free_ram_size_bytes	Hardware - Total physical memory	--	RAM The total amount of RAM on the device free The amount of free RAM on the device.
	Internal storage (free)	Si, SA, M, IS, IP	Hardware - Internal storage	A combination of the following items is displayed. total_storage_size_bytes free_storage_size_bytes	Displays a combination of the following items. Hardware - Total storage space Hardware - Free storage space	--	Internal storage The amount of internal storage on the device. free The amount of free internal storage space.
	External storage (free)	SA, M	Hardware - SD Card	A combination of the following items is displayed. total_media_card_size_bytes free_media_card_size_bytes	--	--	External storage The total capacity of the external storage connected to the device. free The amount of free external storage space.
CPU Details	Processor	G	--	--	--	Devices > Chrome > Devices > "Serial number" > Hardware > Processor Model	Name of Processor is retrieved.
Memory Details	Capacity	SA, M, IS, IP, G	Hardware - RAM	total_ram_size_bytes	Hardware - Total physical memory	Devices > Chrome > Devices > "Serial number" > Hardware > Memory > Memory usage	The amount of memory.
Hard Disk Details	Capacity	Si, SA, M, IS, IP, G	Hardware - Internal storage	total_storage_size_bytes	Hardware - Total storage space	Devices > Chrome > Devices > "Serial number" > Hardware > Storage > Storage usage	The space of entire hard disk.
Software Inventory^#4	Software Name	Si, SA, IS, IP	Software - Application name	--	Discovered apps - Application name	--	The software name of the installed software is collected.
	Version	Si, SA, IS, IP	Software - Version	--	Discovered apps - Application version	--	The version of the installed software
	Software Vendor	Si, SA	Software - Manufacturer	--	--	--	The manufacturer of the installed software
Microsoft Intune Information	Device ID	IP	--	--	Identifier for Device	--	The device ID in Microsoft Intune is obtained.
	Last alive confirmation date/time	IP	--	--	Date/time the device last connects to Microsoft Intune	--	Date/time when the device last connected to Microsoft Intune is obtained in the local time of the web browser.
	Last Capture Date/time	IP	--	--	The date and time when device information was last imported from Microsoft Intune to JP1/IT Desktop Management 2	--	The date and time when device information was last obtained from Microsoft Intune to the JP1/IT Desktop Management 2 - Manager is obtained in the local time of the web browser.

Legend:

Si: Can be collected when the system links with JP1/IT Desktop Management 2 - Smart Device Manager, and the OS of the smart device is iOS or iPadOS.

SA: Can be collected when the system links with JP1/IT Desktop Management 2 - Smart Device Manager, and the OS of the smart device is Android.

M: Can be collected when the system links with MobileIron.

IS: Can be acquired when linking with Microsoft Intune and device classification is "smart device".

IP: Can be acquired when linking with Microsoft Intune and the device classification is "PC".

G: Can be acquired when linking with Google Workspace and the OS type is Chrome OS.

--: Regardless of whether the device information can be collected, there is no corresponding item in the source MDM system.

#1: JP1/ITDM2 - SDM: JP1/IT Desktop Management 2 - Smart Device Manager

#2: When JP1/IT Desktop Management 2 - Smart Device Manager is 11-00-03 or a later version, Managed Smart Device List-Name is displayed as the smart device name by default. By changing the SDM_Mapping_Name property in the configuration file (jdn_manager_config.conf), you can display a combination of System Information-User, System Information-Phone Number, and Hardware-Model, with the items separated by colons (:). For details, see the description of how to change the processing settings in the configuration file in the JP1/ITDM2 - Manager Configuration Guide.

#3: This information can be acquired when JP1/IT Desktop Management 2 - Smart Device Manager is version 11-00-04 or later.

#4 : To collect the software information, you need to create the definition file sdm_import.properties, and then store it in JP1/IT-Desktop-Management-2-Manager-installation-folder\mgr\conf. For details about the definition file sdm_import.properties, see (3) Settings for collecting software information from an MDM system. This software information is displayed in the Software List view and Installed Software tab of the Inventory module, or the Managed Software view of the Assets module. Note that, in some cases, thousands of information items are collected, which might adversely affect viewabilty.

Tip

If the Agent is installed on a Managed device and the managed device is also managed by Microsoft Intune (combined management system), you can change the source of software information in the Intune_Import_Software_Source properties of the configuration file (jdn_manager_config.conf).

For more information about Intune_Import_Software_Source properties, see A.5 Lists of properties.

#5: Only the sum of RAM sizes can be acquired. The free space of RAM cannot be acquired.

You can also collect the information in the following table:

Device information item	Description
Management Type	MDM linkage management is set as the management type.
Device Status	Unknown is set if you collect smart device information from an MDM system, or re-register a wiped smart device. Warning is set if the smart device was successfully wiped.
Management Status	Agent not Installed is set.
Last Alive Confirmation Date/Time	The date and time when the smart device connected to the MDM system is set.

See the following for details about device information:

To Page Top

(3) Settings for collecting software information from an MDM system

The following describes how to specify the definition file (sdm_import.properties) required to collect software information for smart devices.

To specify the definition file (sdm_import.properties):

Create a definition file (sdm_import.properties) that is coded in Key=Value format, and then store the file in the following location. Use UTF-8 character encoding to save the file.

JP1/IT-Desktop-Management-2-Manager-installation-folder\mgr\conf

The following table describes the information to be specified in the definition file (sdm_import.properties).

Key	Value details	Description
`sdm.N.name`	The name of the MDM setting that defines information about linkage with the MDM system (JP1/ITDM2 - SD Manager) from which to collect information.	Specify the same value specified in MDM settings name in the MDM Linkage Settings view that opens from General in the Settings module. For `N`, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2.
`sdm.N.dbhost`	The IP address or host name used to connect to the database of the JP1/ITDM2 - SDM^#1 server.	Specify the IP address or host name^#2 of a JP1/ITDM2 - SDM^#1 server that can be connected within the same network segment as the computer on which JP1/IT Desktop Management 2 - Manager is installed. For `N`, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2.
`sdm.N.dbport`	The port number used to connect to the database of the JP1/ITDM2 - SDM^#1 server.	Specify the port number^#3 used to communicate with the database which is set up on the smart device manager of JP1/ITDM2 - SDM^#1 server. For `N`, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2. If omitted, the port number [26066] is used.

Key

Value details

Description

sdm.N.name

The name of the MDM setting that defines information about linkage with the MDM system (JP1/ITDM2 - SD Manager) from which to collect information.

Specify the same value specified in MDM settings name in the MDM Linkage Settings view that opens from General in the Settings module.

For N, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2.

sdm.N.dbhost

The IP address or host name used to connect to the database of the JP1/ITDM2 - SDM^#1 server.

Specify the IP address or host name^#2 of a JP1/ITDM2 - SDM^#1 server that can be connected within the same network segment as the computer on which JP1/IT Desktop Management 2 - Manager is installed.

For N, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2.

sdm.N.dbport

The port number used to connect to the database of the JP1/ITDM2 - SDM^#1 server.

Specify the port number^#3 used to communicate with the database which is set up on the smart device manager of JP1/ITDM2 - SDM^#1 server.

For N, specify a natural number. To specify multiple linkage settings to collect information, you can specify multiple keys, such as 1 and 2.

If omitted, the port number [26066] is used.

#1: JP1/ITDM2 - SDM: JP1/IT Desktop Management 2 - Smart Device Manager

#2: When specifying a host name, note the following:

Use 1 to 32 characters.
Specify the host name that is displayed by executing the hostname command.
Host names are case sensitive.
You cannot specify an alias of the host name.
The specified host name must be registered in the hosts file or DNS and resolved in advance.
To specify the host name in FQDN format, the host name must be defined in FQDN format in advance.

#3: If the smart device manager server of JP1/ITDM2 - SDM^#1 controls the port number by using Windows Firewall, specify firewall settings to enable the designated port (send/receive both directions).

Example of specifying the definition file (sdm_import.properties)

The following shows an example of specifying the definition file when MDM linkage products have been registered with MDM setting names ITDM2 SD Manager 01 and ITDM2 SD Manager 02 .

sdm.1.name=ITDM2 SD Manager 01
sdm.1.dbhost=192.168.50.100
sdm.1.dbport=26066
sdm.2.name=ITDM2 SD Manager 02
sdm.2.dbhost=SDM-Server02
sdm.2.dbport=36066

To Page Top

(4) Notes on MDM linkage

Note the following when linking with an MDM system:

You cannot use underscores (_) in the host name of an MDM server.
The device information that can be collected by the MDM linkage function depends on the OS of the smart device and the MDM system from which the information is being collected. JP1/IT Desktop Management 2 only displays the items it was able to collect.
If you swap the SIM card in a smart device, the IMEI stays the same but the contract phone number changes. As a result, a situation might arise in which the device information does not match the IMEI, causing the device to be recognized as a new smart device.
If smart device information is collected from a MDM server via the proxy server, the connection between the management server and the MDM server may time out depending on the network environment or the number of smart devices. If required, change the timeout period on the proxy server.
When linking with an MDM system, you cannot lock, initialize and reset passcodes of smart devices that their profiles have been deleted. When any of the following operations are performed to smart devices that their profiles have been deleted from JP1/IT Desktop Management 2 - Manager, the operation fails. However, a message of the successful operation is output to the event, message, and audit logs.

[If linking with MobileIron 5.8 or later]

Initializing or resetting the passwords of smart devices that profiles have been deleted.

Do not delete profiles from managed smart devices.
If you use Google Workspace as your MDM system and delete a device enrolled in JP1/IT Desktop Management 2 in Google Workspace, it will not be automatically deleted from JP1/IT Desktop Management 2. If this happens, Change the Asset Status of the corresponding device from the Hardware Assets window of the assets window to Disposed and then delete Hardware Assets Information. For detail of action of Hardware Assets Information, see procedure for changing asset information and the procedure for deleting hardware asset information in the manual JP1/IT Desktop Management 2 Operation Guide.
When Microsoft Intune is used as MDM System, the device is assigned by Host Name of Agent Management device and device name (PC name) of the device imported from Microsoft Intune to identify Agent Management device and the device captured from Microsoft Intune. Set the PC name of the device to be unique.
If you are using MDM System with Microsoft Intune and you are regularly importing device inventory from Microsoft Intune, configure schedule to fetch from Microsoft Intune during nights or other periods when the volume of communication from Agent is relatively low. Depending on the environment, it takes about eight hours to capture 50,000 device inventories. If device inventory capture does not end at night, try to capture it during hours such as holidays.
If you are using MDM System with Google Workspace and you are regularly importing device inventory from Google Workspace, configure schedule to fetch from Google Workspace during nights or other periods when the volume of communication from Agent is relatively low. If device inventory capture does not end at night, try to capture it during hours such as holidays.

To Page Top