Management and Security powered by Landesk
Set up notification services
To manage Android and iOS devices, you must set up notification services.
•Android devices use Google Firebase Cloud Messaging (FCM), which requires you to have a Gmail account, project ID, and API key.
•iOS devices use the Apple Push Notification Service (APNS), which requires you to have a APNS certificate.
•Windows 10 devices use Windows Push Notification Services (WNS), which requires you to have a Windows developer account.
We do what we can to make this easier, but Ivanti cannot provide, submit, or obtain these credentials for or on behalf of your organization. Once you have created the credentials, enter them in the console.
IMPORTANT: The APNS certificate expires after a year. You must replace the certificate before it expires, or else you will be required to re-enroll iOS devices.
1.Follow the steps in this Ivanti community document: https://community.ivanti.com/docs/DOC-42281.
1.Make sure you have an Apple ID to create the certficate with.
2.Navigate to apnsportal.landesk.com.
3. Click Start.
4. Perform the steps indicated to create a private key and certificate.
5. Click Next.
6. Perform the steps indicated to upload the certificate and download an Ivanti-signed certificate.
7. Open another browser tab and navigate to https://identity.apple.com/pushcert
8. Enter your Apple ID and password to sign in.
9. Select Create a certificate.
10. From the Create a New Push Certificate page, browse and upload your signed certificate file.
The Apple Push Certificates Portal appears with the status confirmation.
11. Click Continue.
12. Click Download.
The MDM_ LANDESK Software, Inc_Certificate.pem certificate downloads.
13. From the apnsportal.wavelink.com browser tab, click Next.
14. Perform the steps indicated to export the signed certificate to PKCS #12 format.
15. From the Endpoint Manager console, click Configure > Device Discovery > Mobility.
16.In the iOS Notification Settings section, click Browse and browse to the certificate file.
17.Provide the password to the certificate in the Certificate Password text box.
18.Make sure that the Mobility CSA option is set to the correct CSA.
1.Make sure you have a Windows Developer account. If you don't, there is a one-time cost of $15 associated with creating an account.
2.Sign in to your account and click on the Dashboard link.
3.Click Create a new app. This launches a page for reserving a product name. You'll be creating a dummy app here, so set an app name of any value. The process of creating this app is to establish WNS settings. The app itself will not be built or shipped. Once the app is successfully created, you are navigated to the app overview page.
4.Click Services > Push Notification > WNS/MPNS.
5.In the Windows Push Notification Services (WNS) and Microsoft Azure Mobile Apps section, click on the Live Services Site link. This navigates you to the Application Registration Portal. This shoould show the name of the application you created previously.
6.Copy and paste the Application Secrets field into a word processor document. Under the Platforms section, also copy the Package SID and Application Identity fields. These values will be used in the console to set up Windows Notification Services for Windows 10 mobile devices.
7.Click Save to retain your WNS settings.
8.From the Ivanti® Endpoint Manager powered by Landesk console, navigate to Configure > Device Discovery > Mobility.
9.Under the Windows Notification Service (WNS) for Windows 10 Mobiles, paste the values from the text document you created before. The Application Identity should be input for the PFN, the Package SID to the Package SID field, and the Application Secret to the Client Secret field.
10.Click Configure Domain Mappings.
11.Enter your corporate domain and click Add. The domain to enter here is found in the core_mapping.json file.
12.To check this, launch Internet Information Services (IIS) Manager. In the Connections pane, navigate to Sites > Default Web Site > EnrollmentServer. Open the core_mapping.json file. Copy and paste the domain contained in the quotes to the MDM Domain Mappings dialog.
13.Ensure that a certificate exists for WNS. This must be signed from any certificate authority. Wildcard certificates are allowed. The certificate created during the initial Ivanti® Endpoint Manager powered by Landesk install does not allow enrollment, so you must create a separate one. Add it to the server with the corporate domain name.
14.Once the certificate is added to IIS, right-click Default Web Site and select Edit Bindings.
15.Double-click on the site binding for port 443. For the SSL certificate field, select the certificate you'll use for WNS enrollment.
Was this article useful?
The topic was:
Not what I expected
Copyright © 2018, Ivanti. All rights reserved.