UEM Guide

From idenprotect Knowledge Base
Jump to: navigation, search


When users get enrolled with the idenprotect Core Platform, there are a number of possible use cases. One of those use cases is to use an idenprotect For Mobile as an authentication delegate for BlackBerry Dynamics. If this is the use case you are planning to use, you will also need to ensure that you have configured one (or more) UEM servers.

The information in this article has been split out and there are links to specific guidance for specific parts of the configuration process.

Please ensure you have an idenprotect Core Platform installed in order to complete this process. If you do not yet have the installation, please Start Here - idenprotect Core Platform

Adding idenprotect to UEM

To add idenprotect to the UEM configuration, see Add idenprotect to UEM

idenprotect as an Authentication Delegate

To set idenprotect as an Authentication Delegate for UEM, see UEM Authentication Delegate Configuration

Assigning idenprotect to UEM users

To allow UEM users to use idenprotect Core Platform as an authentication delegate for BlackBerry dynamics, see Assigning idenprotect to UEM Users

Configuring the UEM connection on idenprotect Core Platform

During device enrollment, the user will be asked for a UEM access key, this process can be simplified by allowing the idenprotect Core Platform to contact the UEM server. In order to do this, you will need to complete the configuration.

If you have not made any configuration changes before, please first see How to make configuration changes

If you are comfortable making configuration changes, please see UEM Configuration

Note that the policy for whether or not an Access Key is requested from the user or directly from the UEM server is configured under User Enrollment Policies, the policy is called Access Key Required?'

UEM Certificates

To configure the UEM to use idenprotect keys and certificates and to configure the UEM Certificate Authority, see UEM Certificates and CA

BlackBerry Certificates

To see how the idenprotect client generates Key Pairs and how they can be injected and used in the BlackBerry runtime, see BlackBerry Certificates and Runtime