- Configuring BlackBerry UEM for the first time
- Changing BlackBerry UEM certificates
- Configuring BlackBerry UEM to send data through a proxy server
- Configuring connections through internal proxy servers
- Connecting to your company directories
- Configuring Microsoft Active Directory authentication in an environment that includes Exchange linked mailboxes
- Connect to a Microsoft Active Directory instance
- Connect to an LDAP directory
- Enable directory-linked groups
- Enabling onboarding
- Synchronize a company directory connection
- Removing a connection to a company directory
- Connecting to an SMTP server to send email notifications
- Configuring database mirroring
- Connecting BlackBerry UEM to Microsoft Azure
- Enable access to the BlackBerry Web Services over the BlackBerry Infrastructure
- Obtaining an APNs certificate to manage iOS and macOS devices
- Configuring BlackBerry UEM for DEP
- Configuring BlackBerry UEM to support Android Enterprise devices
- Simplifying Windows 10 activations
- Migrating users, devices, groups, and other data from a source server
- Prerequisites: Migrating users, devices, groups, and other data from a source server
- Connect to a source server
- Considerations: Migrating IT policies, profiles, and groups from a source server
- Migrate IT policies, profiles, and groups from a source server
- Complete policy and profile migration for BlackBerry Dynamics-activated users
- Considerations: Migrating users from a source server
- Migrate users from a source server
- Considerations: Migrating devices from a source server
- Migrate devices from a source server
- Migrating DEP devices
- Configuring BlackBerry UEM to support BlackBerry Dynamics apps
- Manage BlackBerry Proxy clusters
- Configure Direct Connect using port forwarding
- Configure BlackBerry Dynamics properties
- Configure communication settings for BlackBerry Dynamics apps
- Sending BlackBerry Dynamics app data through an HTTP proxy
- BlackBerry Dynamics connectivity and routing behavior
- Default routing
- Example routing scenarios
- Scenario 1: Route traffic to specific servers or domains through BlackBerry Proxy
- Scenario 2: Route all traffic through the BlackBerry Proxy and then through a web proxy server
- Scenario 3: Route some traffic internally for most apps but configure a proxy server specifically for web browsing using BlackBerry Access
- BlackBerry Dynamics data flow
- Configuring Kerberos for BlackBerry Dynamics apps
- Connect BlackBerry UEM to a BlackBerry Dynamics PKI connector
- Integrating BlackBerry UEM with Cisco ISE
- Requirements: Integrating BlackBerry UEM with Cisco ISE
- Create an administrator account that Cisco ISE can use
- Add the BlackBerry Web Services certificate to the Cisco ISE certificate store
- Connect BlackBerry UEM to Cisco ISE
- Example: Authorization policy rules for BlackBerry UEM
- Managing network access and device controls using Cisco ISE
- BlackBerry Docs
- BlackBerry UEM 12.15
- Installation and configuration
- Configuration
- Connecting BlackBerry UEM to Microsoft Azure
- Configuring Azure Active Directory conditional access
Configuring Azure Active
Directory conditional access
Azure
Active
Directory
conditional accessIf you have configured
Azure AD
conditional access for your organization, you can configure a BlackBerry UEM
tenant as a compliance partner so that iOS
and Android
devices managed by UEM
can connect to your cloud-based apps such as Office
365
. You can configure only one UEM
tenant for each Azure
tenant.Azure AD
conditional access support is currently limited in the following situations:
- BlackBerry UEM Clientdoes not supportAzure ADconditional access policies with the "All cloud apps" option selected under "Cloud apps" or actions". You must instead select the specific apps that you want to include in the policy. For more information, visit support.blackberry.com/community to read article 90010.
- BlackBerry Workdoes not support theAzure ADconditional access compliance feature. For more information, visit support.blackberry.com/community to read article 89668.
To use this feature, users must meet the following requirements:
- Users must exist inAzure AD,
- If you are synchronizing your on-premisesActive DirectorytoAzure AD, users’ on-premisesActive DirectoryUPN must match theirAzure ADUPN. If these values do not match in your environment, please visit support.blackberry.com/community to read article 88208.
- Users must be added toUEMthough synchronization withActive Directory.
- Users must be assigned aBlackBerry Dynamicsprofile that has the "Enable UEM Client to enroll in BlackBerry Dynamics" selected.
- Users must have both theMicrosoftAuthenticator app and theBlackBerry UEM Clientinstalled.
If you configure
Azure AD
conditional access, UEM
notifies Azure AD
when a device is out of compliance and conditions are enforced in the following circumstances:
- If the "Enforcement action for device" setting is set to something other than "Monitor and log,"UEMnotifiesAzure ADafter all user prompts have expired.
- If the "Enforcement action forBlackBerry Dynamicsapps" setting is set to something other than "Monitor and log,"UEMnotifiesAzure ADas soon as the compliance violation is detected.
UEM
Administration content.For more information on
Azure AD
conditional access, see the Microsoft documentation.