Management and Security
Setting up notification services
To manage mobile devices, you must set up notification services.
•Legacy Android devices use Google's Firebase Cloud Messaging (FCM) (previously GCM), which requires you to have a Gmail account, project number, and server API key. If you already had GCM set up, you do not need to do anything to update to FCM.
•Apple devices use the Apple Push Notification Service (APNS), which requires you to have an APNS certificate.
•Windows 10 devices use Windows Push Notification Services (WNS), which requires you to have a Windows developer account.
NOTE: We do what we can to make this easier, but Ivanti cannot provide, submit, or obtain these credentials for or on behalf of your organization.
1.In a web browser, navigate to https://console.firebase.google.com.
2.Click Add project.
3.Enter a name for the project.
4.(Optional) Set up Google Analytics for your project.
5.Click Create project.
6.Once the project is created, click Continue.
7.Navigate to Project Settings.
8.On the Cloud Messaging tab, locate the Server Key and Sender ID.
9.In the Endpoint Manager console, click Configure > MDM configurations > Mobility.
10.In the Android Notification Settings section, copy the Sender ID value into the Project Number text box.
11.Copy the Server Key into the Server API Key text box.
12.Click OK to save your configuration.
13.Click OK to restart the MDM service.
You can now enroll Android devices.
To enable APNS, you must obtain an APNS certificate from Apple, convert the certificate to PKCS #12 format, and import it into the Endpoint Manager console. Before you begin, make sure you know the activation credentials for your core and the credentials for a company Apple account. You must also select a signing preference under MDM Configurations > Apple Profile Signing before importing the certificate into Endpoint Manager.
For a video tutorial about setting up APNS for Apple mobile device management, see the following video:
To obtain an APNS certificate
1.Navigate to the Landesk Push Certificate Portal.
2.Enter the same credentials you used to activate your core.
3. Click Start.
4.Enter your company's common name in the text box.
5.Click Download. A csr.inf file is downloaded.
6. Open the Start Menu and run the Command Prompt application as an administrator.
7.Type certreq -new and press Enter.
8.Select the csr.inf file.
9.Save the generated .req file.
10. Return to the Landesk Push Certificate Portal and click Next.
11. Browse to your .req file and click Upload.
12.Download the request.plist file when prompted.
13.Click the Apple Push Certificate Portal link to open the site in a new tab.
14. Enter your Apple ID and password to sign in.
15. Click Create a certificate.
16. From the Create a New Push Certificate page, browse to and upload your request.plist file.
17. Click Download.
The MDM_ LANDESK Software, Inc_Certificate.pem certificate downloads.
To convert the certificate to PKCS #12 format
1.Open Internet Information Services (IIS) Manager.
2.Select your core server.
3.Double click Server Certificates and select Complete Certificate Request.
4.Select the .pem file you received from Apple, enter a friendly name for the certificate, then click OK.
5.Select the certificate in the Server Certificates list, and click Export.
6.Select an export location for the certificate.
7.Enter a new password for the certificate private key.
The certificate is exported in PKCS #12 (.pfx) format.
To import the certificate into Endpoint Manager
1. From the Endpoint Manager console, click Configure > MDM configurations > Mobility.
2.In the Apple Notification Settings section, click Browse and select the certificate file.
3.Enter the password in the certificate in the Certificate Password text box.
4.Select your CSA from the CSA Settings drop-down menu.
5.Click OK to save your configuration.
IMPORTANT: The APNS certificate expires after a year. You must replace the certificate before it expires, or else you will be required to re-enroll iOS devices.
1.Make sure you have a Windows Developer account. There is a one-time cost associated with creating an account.
2.Sign in to the Microsoft Partner Center using your developer account.
3.Click on the Overview tab.
4.Click Create a new app.
5.You will be creating a placeholder app here, so set the app name to any value then click Reserve product name. The process of creating this app is to establish WNS settings. The app itself will not be built or shipped.
6.Ensure that your new application is selected under the Products section of the menu.
7.Navigate to App management > App identity.
8.Copy and paste the Package Family Name (PFN) and Package SID fields into a text document. These values will be used in the Endpoint Manager console.
9.Navigate to App management > WNS/MPNS.
10.In the Windows Push Notification Services (WNS) and Microsoft Azure Mobile Apps section, click on the Live Services Site link. This brings you to the Application Registration Portal.
11.Copy and paste the Application Secret into your text document.
12.From the Endpoint Manager console, navigate to Configure > MDM configurations > Mobility.
13.Under the Windows Notification Service (WNS) for Windows 10 section, paste the values from the text document you created before into the appropriate fields.
You can now enroll Windows 10 PCs.
Was this article useful?