Managing Existing Mobile Devices
You can manage the mobile devices in the DSM Console's Organization view. The Managed Mobile Devices system container is provided for this purpose.
To manage mobile devices, the Manage Mobile Devices right is required.
Ivanti HEAT MDM
By integrating mobile devices with Ivanti HEAT MDM, you can manage these devices to a certain degree directly in the DSM Console. This includes deleting, resetting and locking the devices and also displaying and employing the device properties.
How to manage mobile devices directly in the DSM Console from Ivanti HEAT MDM:
- Open the Organization Tree in the DSM Console.
- Select the system container Managed Mobile Devices in the Organization window.
The MDM organizations and groups plus the contained mobile devices are displayed.
The system displays information from the MDM database on the device type (e.g. Android or iOS) of the individual mobile device and the general and security-relevant compliance.
- Select one of the following tasks to manage one of the displayed mobile devices:
| Commands in the DSMC | Task |
|---|---|
| Delete Group Membership |
Use this command to delete the mobile device's membership from the group that is currently displayed. To delete the mobile device from the DSM database completely, you have to open the device in the MDM organization it belongs to. Then you can select the Delete task. |
| Properties |
Click Properties to display the mobile device's DSM object properties. The Static Groups tab shows the MDM groups the mobile device belongs to (among other properties). To change group memberships, the Manage group memberships right is required for devices and users, and the Manage group members right is required for groups. |
| MDM > Wipe Mobile Device | Use this command to wipe the mobile device, i.e. to reset the mobile device to factory settings and to delete all personal and company-specific data. |
| MDM > Wipe Mobile Device (Enterprise Wipe) |
Performs an 'Enterprise Wipe' to remove company-specific data from the mobile device. Private data are not affected. |
| MDM > Wipe KNOX Container (Enterprise Wipe) |
Performs an 'Enterprise Wipe' to remove company-specific data which are stored in a KNOX container from the mobile device. Private data are not affected. This only works if the mobile device has a KNOX container (Samsung Android devices only - for more information, refer to Lock KNOX container). |
| MDM > Flag Device As Stolen | Flags a mobile devices as stolen. As a result, the mobile device is also wiped automatically. |
| MDM > Lock Mobile Device | Locks the mobile device. |
| MDM > Lock KNOX Container |
Locks a mobile device's KNOX container, if available. Background information from the vendor Samsung: |
| MDM > Unlock KNOX Container | Unlocks the KNOX container on the mobile device, if such a container exists. |
The Properties tab contains a mobile device's properties that are applied from the MDM database. These are, for example, the MAC address or the MDM compliance status.
You can use these properties in DSM for filtering, for example. It is also possible to define schema extensions, user-defined variables and tasks for mobile devices with the usual DSM procedures.
When you delete or change group memberships in DSM, this action may be undone automatically during a current synchronization because the changes have not yet been applied to the MDM database.
These actions are applied to the MDM database later and considered during the next synchronization.
Third-party MDM Solution
If you are using a third-party MDM solution, you cannot manage mobile devices individually in DSM (unlike with Ivanti HEAT MDM). Instead, you can manage the mobile devices from the DSM Console directly in the MDM user interface.
If you want to create mobile devices as objects in DSM and want to link them to the MDM solution, refer to Adding Mobile Devices for more information.