Skip Navigation

Configuring
BlackBerry UEM

The following table summarizes the initial configuration tasks that are covered in this guide. Review them to determine which tasks you should complete based on your organization's needs. After you complete the appropriate tasks, you are ready to set up administrators, create and manage users and groups, set up device controls, and activate devices.
When you perform the configuration tasks in this guide, use the administrator account that you created when you installed
UEM
. If you create additional administrator accounts to configure
UEM
, you should assign the Security Administrator role to the accounts to ensure that the proper level of permissions are granted.
Task
On-prem
Cloud
Description
You can replace the default self-signed certificates that
UEM
uses to authenticate communication between components and with devices.
You can install and configure the
BlackBerry Connectivity Node
in a
UEM Cloud
environment to provide access to your organization's on-premises company directory and to enable secure connectivity features.
You can configure
UEM
to send data through a proxy server before it reaches the
BlackBerry Infrastructure
. In
UEM Cloud
environments you can install a standalone
BlackBerry Router
to function as a proxy server.
If your organization uses a proxy server for connections between servers inside your network, you may need to configure server-side proxy settings to allow
UEM
components to communicate with remote instances of the management console.
If you want
UEM
to send activation emails and other notifications to users, you must specify the SMTP server settings that
UEM
can use.
Connect
UEM
to your company directories to create user accounts, enable directory-linked groups, and to configure user onboarding and directory synchronization.
Connect
UEM
to
Entra
to create directory user accounts in
UEM
.
Use
UEM
to create, manage, and assign
Microsoft Intune
app protection profiles to protect data in
Office 365
apps.
Configure
UEM
to support
Entra ID
conditional access.
Obtain and register an APNs certificate if you want to manage and send data to
iOS
and
macOS
devices.
You can use the
UEM
management console to manage
iOS
devices that your organization purchased from
Apple
for DEP.
To support
Android Enterprise
devices, you must configure your
Google Workspace
or
Google Cloud
domain to support third-party mobile device management providers and configure
UEM
to communicate with your
Google Workspace
or
Google Cloud
domain.
To support
Android Management
devices, you configure
Android Management
in the
Google Cloud
console and then add an
Android Management
connection in
UEM
.
You can configure
UEM
to support certain
Chrome OS
management features.
You can simplify the process for activating
Windows 10
devices so that users don't need to specify a server address.
You can migrate users, devices, groups and other data from supported
BlackBerry
servers.
You can configure network communications and other properties for
BlackBerry Dynamics
apps.
You can encrypt the connection between
UEM
and
Microsoft SQL Server
.
You can create a connection with
Cisco ISE
to enable it to retrieve device data from
UEM
and enforce network access control policies.
In a
UEM
dark site environment, you must set up VPN access so that
Samsung Knox
devices can access your internal servers and resources.