Getting started with Mobility Manager

Endpoint Manager MDM gives you access to additional management options for your mobile devices, such as settings and configurations, software distribution, and console actions. Some MDM enrolled devices can also be managed using the Ivanti Agent, enabling hybrid management that combines the capabilities of MDM and traditional agent-based management.

For OS specific getting started guides, see the following sections:

Getting started with Android mobile device management

Getting started with Apple mobile device management

Getting started with Windows mobile device management

Configuring Endpoint Manager for mobile device management

1.Configure your CSA in the console. The Ivanti Cloud Services Appliance (CSA) provides secure communication and functionality over the internet. The CSA acts as a meeting place where internet or internal devices, MDM or agent-managed, can communicate with the Endpoint Manager core server. To configure your CSA, see Configuring the Ivanti Cloud Services Appliance (Management Gateway).

2.Set up credentials for using notification services. Endpoint Manager uses notification services to communicate with mobile devices. The notification service used depends on the OS of the devices being managed. For information about enabling notification services, see Setting up notification services.

3.Connect your core to your LDAP server. In addition to querying the core database, Endpoint Manager also provides the directory tool that lets you locate, access, and manage devices in other directories via LDAP. In most deployments, the LDAP configuration points to an Active Directory server. For information about configuring the connection to your LDAP server, see LDAP queries.

4.(Android) Create an Android Enterprise account. An enterprise account connects Endpoint Manager and Google, enabling Android Enterprise device management and giving you access to an enterprise managed Play Store. For information about creating an enterprise account, see Creating an Android Enterprise account.

5.(Recommended for iOS) Get a certificate from a certificate authority for signing iOS profiles. If you don't sign the profiles with a certificate from a certificate authority, the user is warned that the profile is not trusted when he attempts to enroll his device. For information on setting up a certificate to sign iOS profiles, see Setting up Apple profile certificates.

6.(Recommended for iOS) Add DNS TXT records to allow iOS devices to resolve the address of the CSA. We recommend that you add DNS TXT records to allow iOS devices to resolve the address of the CSA. This makes the enrollment process much easier for users and removes the possibility for errors. For more information, see Adding DNS TXT records.

Enrolling devices

Enrolling Android Enterprise devices

Enrolling Chromebooks

Enrolling iOS devices

Enrolling Mac devices

Enrolling Windows 10 PCs

Managing devices

Create agent settings to configure devices. Agent settings for mobile devices allow you to configure device settings and restrictions from the Endpoint Manager console. For more information about the available settings, see MDM agent settings.

Create software packages for devices. Create packages to distribute software to managed mobile devices. For information on creating and distributing software packages, see Distributing content to MDM managed devices.

Perform actions from the console. After a device is enrolled, it appears in the inventory, and you can perform actions such as wiping or locating the device. Most of these actions are performed by right-clicking on the device in the inventory. For information about available actions, see Managing Devices.