- Configuring BlackBerry UEM Cloud for the first time
- Installing the BlackBerry Connectivity Node to connect to resources behind your organization's firewall
- BlackBerry Connectivity Node planning information
- Steps to install and activate the BlackBerry Connectivity Node
- Prerequisites: Installing the BlackBerry Connectivity Node
- Installing or upgrading the BlackBerry Connectivity Node
- Creating server groups
- Troubleshooting BlackBerry Connectivity Node issues
- Configuring the BlackBerry Connectivity Node to use the BlackBerry Router or a TCP proxy server
- Connecting BlackBerry UEM to Microsoft Azure
- Create a Microsoft Azure account
- Configure BlackBerry UEM to synchronize with Azure Active Directory
- Synchronize Microsoft Active Directory with Microsoft Azure
- Create an app registration in Azure
- Configuring Azure Active Directory conditional access
- Configure BlackBerry UEM as a Compliance Partner in Azure
- Configure Azure Active Directory conditional access
- Configure the BlackBerry Dynamics connectivity profile to support the Azure Conditional Access feature
- Assign the Feature - Azure conditional access app to users
- Configure a BlackBerry Dynamics Profile
- Remove devices from Azure Active Directory conditional access
- Linking company directory groups to BlackBerry UEM groups
- Obtaining an APNs certificate to manage iOS and macOS devices
- Configuring BlackBerry UEM for DEP
- Configuring BlackBerry UEM to support Android Enterprise devices
- Configuring BlackBerry UEM to support Android Management devices
- Extending the management of Chrome OS devices to BlackBerry UEM
- Setting up management of Chrome OS devices if you have already configured BlackBerry UEM to use Android Enterprise
- Create a service account that BlackBerry UEM uses to authenticate with your Google Cloud or Google Workspace by Google domain
- Enable additional APIs to allow BlackBerry UEM to sync the Chrome OS data
- Integrate BlackBerry UEM with your Google Cloud or Google Workspace by Google domain so you can use Chrome OS devices
- Synchronize BlackBerry UEM with the Google admin console
- Simplifying Windows 10 activations
- Configuring BlackBerry UEM Cloud to support BlackBerry Dynamics apps
- Manage BlackBerry Proxy clusters
- Configure Direct Connect using port forwarding
- Connecting BlackBerry Proxy to the BlackBerry Dynamics NOC
- Connect BlackBerry UEM to a BlackBerry Dynamics PKI connector
- Overriding global HTTP proxy settings for a BlackBerry Connectivity Node
- Steps to configure email notifications for BlackBerry Work
- Configure email notifications for BlackBerry Work
- Grant application impersonation permission to the service account
- Grant application impersonation permission using Exchange Administration Center
- Grant application impersonation permission using Microsoft Exchange Management Shell
- Enable Microsoft Graph API to allow BEMS Cloud to communicate with Microsoft Office 365
- Obtain an Azure app ID for BEMS with client secret authentication
- Obtain an Azure app ID for BEMS with credential or passive authentication
- Obtain an Azure app ID for BEMS with certificate-based authentication
- Associate a certificate with the Azure app ID for BEMS
- Create a trusted connection between BEMS Cloud and Microsoft Exchange Server
- Replace or delete the trusted connection SSL certificates
- Configure the password expiration warning message
- Add Read permission to the account used to authenticate to the LDAP server
- Configure email notifications for BlackBerry Work
- Configuring BlackBerry Dynamics Launcher
- Configuring BEMS-Docs
- Steps to configure BEMS-Docs
- Enable the BEMS-Docs service
- Configure BEMS-Docs settings
- Create a trusted connection between BEMS-Docs and Microsoft SharePoint
- Managing Repositories
- Configuring repositories
- Admin-defined shares
- Granting user access permissions
- Change access permissions
- Define a repository
- Add users and user groups to repositories
- Edit a repository
- Allow user-defined repositories
- Enable user-defined repository permissions
- Access permissions
- Change user access permissions
- View user repository rights
- Configuring an on-premises BEMS in a BlackBerry UEM Cloud environment
- Steps to configure BlackBerry UEM Cloud to communicate with on-premises BEMS
- Import the certificate to the BEMS Windows keystore
- Import the certificate into the Java keystore on BEMS
- Configure the BlackBerry Dynamics server in BEMS
- Configure BEMS connectivity with BlackBerry Dynamics
- Add an app server hosting the entitlement apps to a BlackBerry Dynamics connectivity profile
- Export the BlackBerry Proxy certificate to the local computer
- Migrating users, devices, groups, and other data from a source server
- Prerequisites: Migrating users, devices, groups, and other data from a source server
- Connect to a source server
- Considerations: Migrating IT policies, profiles, and groups from a source server
- Complete policy and profile migration for BlackBerry Dynamics-activated users
- Migrate IT policies, profiles, and groups from a source server
- Considerations: Migrating users from a source server
- Migrate users from a source server
- Considerations: Migrating devices from a source server
- Migrate devices from a source server
- Device migration quick reference
- BlackBerry Docs
- BlackBerry UEM 12.18
- Installation and configuration
- Cloud Configuration
- Connecting BlackBerry UEM to Microsoft Azure
- Configuring Azure Active Directory conditional access
- Configure Azure Active Directory conditional access
Configure Azure Active
Directory conditional access
Azure
Active
Directory
conditional access- In theBlackBerry UEMmanagement console, clickSettings > External integration > Azure Active Directory Conditional Access.
- In the table, click .
- Type a name for the configuration.
- In theAzure clouddrop-down list, selectGlobal.
- Type yourAzure tenant ID.You can enter either the tenant name, which is in FQDN format, or the unique tenant ID, which is in GUID format.
- In the device mapping override, selectUPNorEmail.By default, UPN is selected. If UPN is used, you should verify that theAzure ADtenant and all mapped directories share the same UPN value for users before you save the connection. After you save the connection, the device mapping override cannot be changed.
- In theAvailable company directorieslist, select one or more directory instances and click .
- ClickSave.
- Select the administrator account that you want to use to log in to yourAzuretenant.The administrator account must be able to grant permissions to the app to access resources in your organization. such as global administrator, cloud application administrator, or application administrator.
- Accept theMicrosoftpermission request.