- Configuring BlackBerry UEM Cloud for the first time
- Installing the BlackBerry Connectivity Node to connect to resources behind your organization's firewall
- BlackBerry Connectivity Node planning information
- Steps to install and activate the BlackBerry Connectivity Node
- Prerequisites: Installing the BlackBerry Connectivity Node
- Installing or upgrading the BlackBerry Connectivity Node
- Creating server groups
- Troubleshooting BlackBerry Connectivity Node issues
- Configuring the BlackBerry Connectivity Node to use the BlackBerry Router or a TCP proxy server
- Connecting BlackBerry UEM to Microsoft Azure
- Create a Microsoft Azure account
- Configure BlackBerry UEM to synchronize with Azure Active Directory
- Synchronize Microsoft Active Directory with Microsoft Azure
- Create an app registration in Azure
- Configuring Azure Active Directory conditional access
- Configure BlackBerry UEM as a Compliance Partner in Azure
- Configure Azure Active Directory conditional access
- Configure the BlackBerry Dynamics connectivity profile to support the Azure Conditional Access feature
- Assign the Feature - Azure conditional access app to users
- Configure a BlackBerry Dynamics Profile
- Remove devices from Azure Active Directory conditional access
- Linking company directory groups to BlackBerry UEM groups
- Obtaining an APNs certificate to manage iOS and macOS devices
- Configuring BlackBerry UEM for DEP
- Configuring BlackBerry UEM to support Android Enterprise devices
- Configuring BlackBerry UEM to support Android Management devices
- Extending the management of Chrome OS devices to BlackBerry UEM
- Setting up management of Chrome OS devices if you have already configured BlackBerry UEM to use Android Enterprise
- Create a service account that BlackBerry UEM uses to authenticate with your Google Cloud or Google Workspace by Google domain
- Enable additional APIs to allow BlackBerry UEM to sync the Chrome OS data
- Integrate BlackBerry UEM with your Google Cloud or Google Workspace by Google domain so you can use Chrome OS devices
- Synchronize BlackBerry UEM with the Google admin console
- Simplifying Windows 10 activations
- Configuring BlackBerry UEM Cloud to support BlackBerry Dynamics apps
- Manage BlackBerry Proxy clusters
- Configure Direct Connect using port forwarding
- Connecting BlackBerry Proxy to the BlackBerry Dynamics NOC
- Connect BlackBerry UEM to a BlackBerry Dynamics PKI connector
- Overriding global HTTP proxy settings for a BlackBerry Connectivity Node
- Steps to configure email notifications for BlackBerry Work
- Configure email notifications for BlackBerry Work
- Grant application impersonation permission to the service account
- Grant application impersonation permission using Exchange Administration Center
- Grant application impersonation permission using Microsoft Exchange Management Shell
- Enable Microsoft Graph API to allow BEMS Cloud to communicate with Microsoft Office 365
- Obtain an Azure app ID for BEMS with client secret authentication
- Obtain an Azure app ID for BEMS with credential or passive authentication
- Obtain an Azure app ID for BEMS with certificate-based authentication
- Associate a certificate with the Azure app ID for BEMS
- Create a trusted connection between BEMS Cloud and Microsoft Exchange Server
- Replace or delete the trusted connection SSL certificates
- Configure the password expiration warning message
- Add Read permission to the account used to authenticate to the LDAP server
- Configure email notifications for BlackBerry Work
- Configuring BlackBerry Dynamics Launcher
- Configuring BEMS-Docs
- Steps to configure BEMS-Docs
- Enable the BEMS-Docs service
- Configure BEMS-Docs settings
- Create a trusted connection between BEMS-Docs and Microsoft SharePoint
- Managing Repositories
- Configuring repositories
- Admin-defined shares
- Granting user access permissions
- Change access permissions
- Define a repository
- Add users and user groups to repositories
- Edit a repository
- Allow user-defined repositories
- Enable user-defined repository permissions
- Access permissions
- Change user access permissions
- View user repository rights
- Configuring an on-premises BEMS in a BlackBerry UEM Cloud environment
- Steps to configure BlackBerry UEM Cloud to communicate with on-premises BEMS
- Import the certificate to the BEMS Windows keystore
- Import the certificate into the Java keystore on BEMS
- Configure the BlackBerry Dynamics server in BEMS
- Configure BEMS connectivity with BlackBerry Dynamics
- Add an app server hosting the entitlement apps to a BlackBerry Dynamics connectivity profile
- Export the BlackBerry Proxy certificate to the local computer
- Migrating users, devices, groups, and other data from a source server
- Prerequisites: Migrating users, devices, groups, and other data from a source server
- Connect to a source server
- Considerations: Migrating IT policies, profiles, and groups from a source server
- Complete policy and profile migration for BlackBerry Dynamics-activated users
- Migrate IT policies, profiles, and groups from a source server
- Considerations: Migrating users from a source server
- Migrate users from a source server
- Considerations: Migrating devices from a source server
- Migrate devices from a source server
- Device migration quick reference
- BlackBerry Docs
- BlackBerry UEM 12.18
- Installation and configuration
- Cloud Configuration
- Configuring BlackBerry UEM Cloud to support BlackBerry Dynamics apps
- Steps to configure email notifications for BlackBerry Work
- Configure email notifications for BlackBerry Work
- Obtain an Azure app ID for BEMS with credential or passive authentication
Obtain an Azure app ID for BEMS with credential or passive authentication
Azure
app ID for BEMS
with credential or passive authentication- Sign in to portal.azure.com.
- In the left column, clickAzure Active Directory.
- ClickApp registrations.
- ClickNew registration.
- In theNamefield, enter a name for the app.
- Select a supported account type.
- In theRedirect URIsection, in the drop-down list, complete one of the following tasks. The Redirect URI is the URL that the user is redirected to after they successfully authenticate to the identity provider (IDP).Important: Make sure that the Redirect URL matches the URL to the dashboard or authentication might not work as expected.
- For credential authentication, selectWeband enterhttps://localhost:8443.
- For passive authentication, selectPublic client/native (mobile & desktop)and enter the URL that you use to access theBEMSDashboard.
- If you access theBEMSDashboard from the computer that hosts the BEMS instance, enterhttps://localhost:8443.
- If you access theBEMSDashboard remotely, enterhttps://.<FQDN of the computer that hosts the BEMS instance>:8443
- ClickRegister. The new registered app appears.
- In theManagesection, clickAPI permissions.
- In theConfigured permissionssection, clickMicrosoft Graph.
- Set the following permissions:
- ForMicrosoft Exchange Web Services: Access mailboxes as the signed-in user via Exchange Web Services (EWS > EWS.AccessAsUser.All)In 2022,Microsoftstarted to deprecate theMicrosoft Exchange Web Services(EWS) forMicrosoft Exchange OnlineAPIs replacing the EWS withMicrosoft Graphand this permission may not be available. For more information, visit techcommunity.microsoft.com and read 'Upcoming API Deprecations in Exchange Web Services for Exchange Online'.
- ForMicrosoft Graph: For Sign in and read user profile (User > User.Read).
- ClickUpdate permissions.
- ClickGrant admin consent. ClickYes.This step requires tenant administrator privileges.
- To allow autodiscovery to function as expected, set the authentication permissions.
- In theManagesection, clickAuthentication.
- Under theAllow public client flowssection, selectYestoEnable the following mobile and desktop flows.
- ClickSave.
- ClickOverview. Copy theApplication (client) ID. The Application (client) ID is displayed in the mainOverviewpage for the specified app. This is used as theClient application IDwhen you enable modern authentication and configureBEMSto communicate withMicrosoft Office 365.