Standalone Sentry setup for real-time push notifications
The following sections provide the authentication to the Exchange and EWS service and the supported Standalone Sentry setup.
| • | Exchange, real-time push notifications, and Standalone Sentry setup |
| • | EWS service and Standalone Sentry setup |
Exchange, real-time push notifications, and Standalone Sentry setup
The following table shows the Standalone Sentry setup based on the required authentication and whether you are deploying real-time push notifications.
|
What is the authentication to Exchange? |
Do you want real-time push notification? |
Supported Standalone Sentry setup |
|
Basic, NTLM |
No |
Enable ActiveSync on Standalone Sentry. |
|
Basic |
Yes |
Enable ActiveSync and AppTunnel on Standalone Sentry.
Device user experience:
|
|
Basic |
Yes |
Enable AppTunnel on Standalone Sentry.:
Device user experience:
|
|
Basic |
Yes |
Set up per app VPN with Tunnel.: Email+ must be an MDM managed app so that it can use Tunnel. Device user experience:
|
|
Certificate |
No |
Enable ActiveSync on Standalone Sentry. |
|
Certificate, NTLM, Modern Auth |
Yes |
Setup per app VPN with Tunnel.
•the certificate chain (root and intermediate) must be trusted by the Exchange server. •The certificate can be issued per user by a third-party CA or ADCS on Exchange. •The certificate is configured as a key-value pair in the Email+ configuration in the UEM.
Modern auth uses ADFS that is exposed to the internet. The AppTunnel Sentry rules should be set to <ANY> for adfs.company.com on ports 443 and 49443. Device user experience:
|
EWS service and Standalone Sentry setup
The following table provides the supported authentication methods to the EWS service.
|
Setup |
Basic Auth |
Certificate Auth |
NTLM Auth |
Modern Auth |
|---|---|---|---|---|
|
ActiveSync + AppTunnel |
Yes Uses AppTunnel for EWS |
No |
No |
No |
|
AppTunnel only |
Yes Uses AppTunnel for EWS and EAS. |
No |
No |
No |
|
Tunnel |
Yes |
Yes |
Yes |
Yes |
|
No Sentry |
Yes |
Yes |
Yes |
Yes |