Skip Navigation

Create a gatekeeping configuration

You can create a gatekeeping configuration so that devices that comply with your organization's security policies can connect to the
Microsoft Exchange Server
or
Microsoft 365
.
  1. Do one of the following:
    • If you have
      BlackBerry UEM
      in an on-premises environment, on the menu bar, click
      Settings > External integration > Microsoft Exchange gatekeeping
      .
    • If you have
      BlackBerry UEM Cloud
      , in the
      BlackBerry Connectivity Node
      console (http:/localhost:8088), click
      General settings > BlackBerry Gatekeeping Service
      .
  2. In the
    Microsoft Exchange Server
    list section, click The Add icon.
  3. Perform one of the following tasks:
    Task
    Steps
    Connect to
    Microsoft 365
    using modern authentication
    Before you configure
    BlackBerry UEM
    to use modern authentication, you must generate a certificate that has public and private keys. You can use
    OpenSSL
    or PowerShell to generate the certificate. For more information, refer to Associate a certificate with the Entra app ID for modern authentication.
    1. Select the
      Modern authentication
      check box.
    2. In the
      Exchange Online connection name
      field, type a name for the connection.
    3. Click
      Browse
      and select the certificate to use for authentication.
    4. In the
      Certificate password
      field, type the password for the certificate.
    5. Specify your
      Entra Application ID
      .
    6. Specify your
      Entra organization
      .
    Connect to your
    Microsoft Exchange Server
    or
    Microsoft 365
    using basic authentication
    1. In the
      Server name
      field, type the name of the
      Microsoft Exchange Server
      or
      Microsoft 365
      environment that you want to manage access to.
    2. Type the username and password for the account that you created to manage
      Exchange ActiveSync
      gatekeeping.
    3. In the
      Authentication type
      drop-down list, select the type of authentication that is used for the
      Microsoft Exchange Server
      or
      Microsoft 365
      .
    4. To enable SSL authentication between
      BlackBerry UEM
      and the
      Microsoft Exchange Server
      or
      Microsoft 365
      , select the
      Use SSL
      check box. Optionally, select additional certificate checks.
    5. In the
      Proxy type
      drop-down list, select the type of proxy configuration, if any, that is used between
      BlackBerry UEM
      and the
      Microsoft Exchange Server
      or
      Microsoft 365
      .
    6. If you selected a proxy configuration in the previous step, select the authentication type that is used on the proxy server.
    7. If necessary, select
      Authentication required
      and type the username and password.
  4. Click
    Test Connection
    to verify that the connection is successful.
  5. Click
    Save
    .
  • Create a gatekeeping profile and assign it to user accounts, user groups, or device groups.
  • If you configured a
    BlackBerry Connectivity Node
    server group with one or more active instances of the
    BlackBerry Gatekeeping Service
    , associate the gatekeeping profile with the appropriate server group. Any user that is assigned that gatekeeping profile can use any active instance of the
    BlackBerry Gatekeeping Service
    in that server group.