Configuring Authenticator Only on Ivanti EPMM

An Authenticator Only deployment requires an Ivanti Access deployment with UEM, as well as additional configurations for Zero Sign-on in Ivanti Access and in the UEM. The configurations for Authenticator Only are done in UEM. The following steps provide an overview of the configuration steps for deploying Authenticator Only and pointers to the relevant content in the Getting Started with Ivanti EPMM guide.

Before you begin 

Procedure: Overview of steps

  1. Create an LDAP group for Authenticator Only deployment and configure the group in Ivanti EPMM.
    See "Managing LDAP users" in the Getting Started with Ivanti EPMM guide.

    Alternately, you can add local users.

    See "Adding local users" in the Getting Started with Ivanti EPMM guide.

  2. Assign the Enable Authenticator Only Role user role to the Authenticator Only LDAP group or local user in Ivanti EPMM.

    When you assign the Enable Authenticator Only Role to a user, the Retire Device and Register Device User Portal roles are selected by default. The Retire Device and Register Device roles are the only User Portal roles available for Authenticator Only users. All other User Portal roles are grayed out.

    See "Assigning and removing device user roles" in the Getting Started with Ivanti EPMM guide.

    If a user is assigned the Enable Authenticator Only Role, then the user can register their device in Authenticator Only mode. This does not impact any devices that the user has already registered.

    Figure 1. enable authenticator only role on ivanti epmm

  3. Sync with Ivanti Access.

  4. Download and register Mobile@Work.

    In-app registration is supported. Users will need to use their enterprise credentials and know the Ivanti EPMM server address to register. Device users download Mobile@Work to their device directly from the Apple App Store or from Google Play. See "In-app registration for iOS and Android" in the Ivanti EPMM Device Management Guide

n from the UEM.

Procedure 

  1. In Ivanti Access, navigate to the UEM tab.
  2. Select the Ivanti EPMM UEM and click the Sync UEM icon.
  3. Enter the UEM administrator credentials and click Verify.
  4. Click Done.

Next steps 

See Registration workflow for Authenticator Only devices