Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. BlackBerry AtHoc SDKs and APIs 7.9
  4. SDK Specification
  5. User synchronization
  6. Overview

Overview

BlackBerry AtHoc
 manages configuration profiles for all users; a unique ID, UID, identifies every user. The UID is assigned internally by ENS. The different types of users are:
  • Non registered users (guests or signed-out users)
    : These user profiles are created upon activation of a desktop client configured for manual sign in.
  • Registered users
    : Users who are identified by an authentication scheme. These profiles can roam; once the user is positively authenticated, the correct profile can be fetched. Only registered users can personalize their profile.
BlackBerry AtHoc
 provides its own registration and authentication mechanism (based on username / password).
In many corporate environments where 
BlackBerry AtHoc
 is deployed, this is not a preferred practice because a central user directory and authentication scheme is already implemented. In these environments, there should be a way to map corporate users to 
BlackBerry AtHoc
 profiles and to authenticate users using a central authentication mechanism.
Establishing a mapping between corporate users and 
BlackBerry AtHoc
 profiles is key to further integration with external systems. For example, once such a mapping is achieved, it is possible to:
  • Synchronize user permissions and group membership from external systems (such as LDAP or corporate portals) and 
    BlackBerry AtHoc
    .
  • Post alerts and notifications to specific users.
  • Integrate personalized configuration and data from corporate systems in the 
    BlackBerry AtHoc
     profile.
  • Provide user-level reporting of usage and notification distribution.
The following objectives are addressed by 
BlackBerry AtHoc
 user synchronization:
  • Establish and maintain a common unique identifier per user; the Mapping ID (MID) is used to map the corporate system user identifier and the 
    BlackBerry AtHoc
     UID.
  • Perform sign-on and registration functions in one system only – the corporate system; no need to provide 
    BlackBerry AtHoc
     with sensitive information about users. (There is an option to pass first name, last name and email as part of the user synchronization so that 
    BlackBerry AtHoc
     will be able to send email alerts to end-users. This data is collected by 
    BlackBerry AtHoc
     during user registration, if it is done by 
    BlackBerry AtHoc
    .)
  • Provide a sign-on gateway for 
    BlackBerry AtHoc
    ; sign-on and user authentication continue to take place in the corporate system; only the results with the appropriate MIDs are transferred to 
    BlackBerry AtHoc
    .
  • Optionally enable a common sign-in to the desktop software when a 
    BlackBerry AtHoc
     user signs in to the corporate system.
User synchronization cannot be configured in parallel with Windows user authentication because 
BlackBerry AtHoc
 does not support mixing two methods to authenticate a user. Windows user authentication is a special case of user synchronization and is described at the end of this chapter.