×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Client Management 22.4 ... Using Managing mobile devices

Managing configuration profiles for managed mobile devices

Using configuration profiles, you can remotely configure managed Apple and Android mobile devices, though there is an important difference between the two:

  • You can manage Apple devices by using multiple profiles. You must create and install additional profiles (or remove installed profiles) using commands to add new rules or remove existing ones.
  • You can manage Android devices by using a single profile. You can replace the profile with a different profile to modify the way that the devices are managed. The Android profile affects all Android devices that are currently controlled by the profile.

The following BMC Client Management video (3:34 min) provides information about managing profiles for Apple devices:

 https://youtu.be/ptV9DESMhNI

A configuration profile is a group of settings, which are known as payloads. For example, a Wi-Fi payload is a group of settings required to configure a Wi-Fi connection. Similarly, the Mail payload is a group of settings required to configure an email account on a managed mobile device.

In a configuration profile, you can configure multiple payloads including passcode, restrictions, Wi-Fi, and so on. Some payloads can have multiple instances, and others can be configured just once per profile. The Passcode and Restrictions payloads can each have a single instance, while all other payloads can have multiple instances. The user interface indicates whether or not a payload can have multiple instances.

For example, in a configuration profile, you can configure two instances of Wi-Fi to set two separate Wi-Fi connections, but you can only ever have a single Passcode payload.

One payload can be consumed by another payload. For example, the signing certificate configured in the Certificates payload can be used in the Mail payload.

BMC Client Management supports the following payloads:

Payload

Description

Apple

PasscodeConfigure a passcode on device.
RestrictionsConfigure restrictions on device in terms of using applications, mobile device functionality and media content.
Wi-FiConfigure Wi-fi access with necessary authentication information.
MailConfigure mails on device and define settings for POP and IMAP email accounts.
CertificatesConfigure multiple certificates on device.
SCEPConfigure SCEP and define settings to obtain certificates from SCEP servers.
LDAPConfigure LDAP parameters.
Web ClipsConfigure web clips.

Android

System Settings

Configure system settings such as VPN, Global HTTP Proxy, and system update.

Restrictions

Configure restrictions and cross-profile policies.

Passwords

Configure password policies at the device and work levels.

Network Certificates

Configure SSL certificates that can later be used in network configuration payloads.

Network Configuration

Configure Wi-Fi connections.

Applications

Configure application policies such as authorized and forbidden mobile device applications.

Enforcement Rules

Configure the actions to take when the device is not compliant with one or more defined policies.

Personal Usage Policy

Configure additional policies for corporate-owned devices with authorized personal usage.

For Apple devices, you install the configuration profiles using mobile commands. By using different commands, you can install a configuration profile on different target mobile devices. For example, you can create a security configuration profile with restrictions. You can then create and assign two separate mobile commands to install the security configuration profile on the mobile devices used by the development team and by the quality team.

For Android devices, you use a single profile. You replace that profile with a different profile to modify the way that the devices are managed. The Android profile affects all Android devices that are currently controlled by the profile.

The following screenshot shows the list of configuration profiles, payloads, the number of instances of a payload, and configuration parameters for the restriction payload:

To create the configuration profiles and install them on the mobile devices, see the following procedures:


To create and configure a configuration profile

  1. In the left pane, select Mobile Device Management.

  2. Right-click Profiles, and select Create Mobile Profile .

    Tip

    You can create multiple folders under Profiles to organize your mobile profiles.

  3. In the Properties dialog box, choose the platform, Apple or Android.

  4. Specify the following:
    1. For Apple profiles:
      • Profile name
      • Organization
      • Automatic date of removal (optional)
    2. For Android profiles:
      • Profile name
      • Enterprise name
  5. And Click OK.
  6. In the left pane, select the newly created profile.

  7. In the right pane, under the Configuration tab, configure the payloads.
    The number next to a payload indicates the number of instances of that particular payload.

  8. Click Save  in the toolbar to save the profile.
    Next, you can assign the profile to the target mobile devices. For more information, see To install a configuration profile on Apple mobile devices, or To manage configuration profiles on Android mobile devices.

To install a configuration profile on Apple mobile devices

You can assign commands to push a mobile configuration profile to target devices, device groups, users, or user groups.

  1. In the left pane, select Mobile Device Management > Profiles.
  2. Right-click profileName and select Create Mobile Command .
    The Command Wizard is displayed.
  3. In the Command page, enter the details as required and click Next.
    By default, the profile name, command type (Install Configuration profile), and priority (Medium) are populated.
  4. In the Command Options page, click Next.
    The profile name is selected by default.  

  5. In the Command Assignment page, assign the command to either devices, device groups, users, or user groups and click Finish.
    The command is assigned to the target mobile devices. When the command is executed, the configurations are set in the target mobile devices. You can view all the commands created for a profile in the Commands tab. For more information on commands, see Performing remote operations on managed mobile devices.

To manage configuration profiles on Android mobile devices

For Android, when you enroll a device, you enroll it into a profile, and each profile belongs to an enterprise. Changes to the profile, when saved in BMC Client Management, are sent to the Android API, and applied to that device, and all other Android devices that are enrolled in the profile.

If you have configured more than one profile, you can change the profile in which a device or devices are enrolled. However, the profile must be part of the same enterprise.









Was this page helpful? Yes No Submitting... Thank you
Last modified by Duncan Tweed on Nov 25, 2022
payloads mobile_profile mobile_device_management configuration_profiles video using

Comments

Log in or register to comment.

Managing mobile applications for Apple devices
Performing remote operations on managed mobile devices
© Copyright 2013 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.