Get the PDF

Configuring BlackBerry UEM
Changing the certificates that BlackBerry UEM uses for authentication
- Considerations for changing BlackBerry Dynamics certificates
- Change a BlackBerry UEM certificate
Installing the BlackBerry Connectivity Node to connect to resources behind your organization's firewall
- Steps to install and activate the BlackBerry Connectivity Node
- Requirements: BlackBerry Connectivity Node
- Install and configure the BlackBerry Connectivity Node
  - Install the BlackBerry Connectivity Node for UEM Cloud using the command prompt
- Create a server group to manage regional connections
- Troubleshooting: BlackBerry Connectivity Node
Configuring BlackBerry UEM to send data through a proxy server
- Sending data through a TCP proxy server to the BlackBerry Infrastructure
  - Configure BlackBerry UEM to use a transparent TCP proxy server
  - Enable SOCKS v5 on a TCP proxy server
- Install a standalone BlackBerry Router in a UEM Cloud environment
Configure connections through internal proxy servers
Connect to an SMTP server to send email notifications
Connecting to your company directories
- Connect to a Microsoft Active Directory instance
- Connect to an LDAP directory
- Enable directory-linked groups
- Enable and configure onboarding and offboarding
- Synchronize a directory connection
Connect BlackBerry UEM to Entra ID to create directory user accounts
Configuring BlackBerry UEM to manage Microsoft Intune app protection profiles
- Prerequisites to support Intune app protection
- Create an app registration in Entra
- Configure BlackBerry UEM to synchronize with Microsoft Intune
Configuring BlackBerry UEM as an Intune compliance partner in Entra
- Prerequisites to configure Entra ID conditional access
- Configure Entra ID conditional access
Obtaining an APNs certificate to manage iOS and macOS devices
- Request and register an APNs certificate
- Troubleshooting: APNs
Configure BlackBerry UEM for DEP
Configuring BlackBerry UEM to support Android Enterprise devices
- Configure BlackBerry UEM to support Android Enterprise devices
Configuring BlackBerry UEM to support Android Management devices
- Configure Android Management in the Google Cloud console
- Configure Android Management in BlackBerry UEM
Extending the management of Chrome OS devices to BlackBerry UEM
- Create a service account to authenticate with the Google domain
- Enable UEM to synchronize Chrome OS data
- Integrate UEM with the Google domain
Simplifying Windows 10 activations
- Integrate UEM with Entra ID join
  - Configure Windows Autopilot for device activation
Migrating users, devices, groups, and other data from a source server
- Prerequisites: Migrating users, devices, groups, and other data from a source BlackBerry server
- UEM migration best practices and considerations
- Connect to a source server
- Migrate IT policies, profiles, and groups from a source server
- Migrate users from a source server
- Migrate devices from a source server
Configuring network communication and properties for BlackBerry Dynamics apps
- Manage BlackBerry Proxy clusters
- Configure Direct Connect using port forwarding
- Configure BlackBerry Dynamics properties
- Configure communication settings for BlackBerry Dynamics apps
- Sending BlackBerry Dynamics app data through an HTTP proxy
  - Considerations for using a PAC file with BlackBerry Proxy
  - Configure BlackBerry Dynamics app proxy settings
- Methods for routing traffic for BlackBerry Dynamics apps
  - Example routing scenarios for BlackBerry Dynamics traffic
- Configuring Kerberos authentication for BlackBerry Dynamics apps
Encrypt the connection between BlackBerry UEM and Microsoft SQL Server
Integrating BlackBerry UEM with Cisco ISE
- Managing network access and device controls using Cisco ISE
- Requirements: Integrating BlackBerry UEM with Cisco ISE
- Connect BlackBerry UEM to Cisco ISE
Set up VPN using Knox StrongSwan for UEM dark site environments

Configure
BlackBerry UEM
for DEP

You can configure

BlackBerry UEM

to synchronize with the

Apple

Device Enrollment Program (DEP) if you want to use the

UEM

management console to manage the activation of the

iOS

devices that your organization purchased for DEP.

In the management console, navigate to

Settings > External integration > Apple Device Enrollment Program

If you are using

UEM

on-premises, click The add icon

and type a name for the account.

In section

1 of 4: Create an Apple DEP account

, click

Create an Apple DEP account

Complete the fields and follow the prompts to create your account.

In section

2 of 4: Download a public key

, click

Download public key

Save the public key on your local machine.

In section

3 of 4: Generate server token from Apple DEP account

, click

Open the Apple DEP portal

In section

4 of 4: Register the server token with BlackBerry UEM

, click

Browse

Navigate to and select the .p7m server token file. Click

Open

then click

In the enrollment configuration window, type a name for the configuration.

If you want

UEM

to automatically assign the enrollment configuration to devices when you register them with

Apple

DEP, select the

Automatically assign all new devices to this configuration

check box. Do not select this option if you want to use the

UEM

management console to manually assign the enrollment configuration to specific devices.

Optionally, type a department name and support phone number to be displayed on devices during setup.

In the

Device configuration

section, select any of the following options:

Allow pairing

: Users can pair the device with a computer.

Mandatory

: Users can activate devices using their company directory username and password.

Allow removal of MDM profile

: Users can deactivate devices.

Wait until device is configured

: Users cannot cancel the device setup until activation with

UEM

is complete.

In the

Skip during setup

section, select the items that you do not want to include in the device setup:

Option	Impact if selected
Passcode	Users are not prompted to create a device passcode.
Location services	Location services are disabled on the device.
Restore	Users cannot restore data from a backup file.
Move from Android	Data cannot be restored from an Android device.
Apple ID	Users are prevented from signing in to Apple ID and iCloud .
Terms and conditions	Users do not see the iOS terms and conditions.
Siri	Siri is disabled on devices.
Diagnostics	Diagnostic information is not automatically sent from the device during setup.
Biometric	Users cannot set up Touch ID.
Payment	Users cannot set up Apple Pay.
Zoom	Users cannot set up Zoom .
Home button setup	Users cannot adjust the Home button's click.
Screen Time	The option to set up Screen Time is skipped during DEP enrollment.
Software update	Users do not see the mandatory software update screen on the device.
iMessage and FaceTime	Users do not see the iMessage and FaceTime screen on the device.
Display tone	Users do not see the Display tone screen on the device.
Privacy	Users do not see the Privacy screen on the device.
Onboarding	Users do not see the informational onboarding screen on the device.
Watch migration	Users do not see the watch migration screen on the device.
SIM setup	Users do not see the screen to set up a cellular plan on the device.
Device-to-device migration	Users do not see the device-to-device migration screen on the device.

Click

Save

. If you selected

Automatically assign new devices to this configuration

click

Yes

Activate

iOS

devices. For more information about activating devices that are enrolled in DEP, see Activating iOS devices that are enrolled in DEP.

The server token is valid for one year. You must renew the token each year before it expires. To see the status of the token, see the Expiry date in the

Apple

Device Enrollment Program window. To renew the token, in

Settings > External integration > Apple Device Enrollment Program

, click the DEP account and click

Update server token

. Complete both steps to generate a new server token and register it with

UEM

You can remove any DEP connection that you create. If you remove all DEP connections, you cannot activate new

Apple

DEP devices. If you assigned enrollment configurations to devices and the configurations have not been applied,

UEM

removes the enrollment configurations assigned to the devices. Removing the connection does not affect devices that are active on

UEM

Configure BlackBerry UEM for DEP

Configure
BlackBerry UEM
for DEP