In-app registration for iOS and Android

You can ask Android users to download Mobile@Work from Google Play and register by themselves.

Procedure

  1. Make sure that the user has a user record (local or LDAP) available in MobileIron. See “Managing Users” in Getting Started with MobileIron Core.
  2. Instruct the user on downloading the app and registering. The user will need the following information:
    • user name
    • password and/or Registration PIN
    • server (and the port number, if you did not use the default port number for TLS)

See Registration methods for points to consider before using this registration method.

What the user sees

NOTE: For iOS 12.2 through the most recently released version as supported by MobileIron, when doing the iReg and in-app registration of the MDM profile, the device user experiences a different registration process.

After downloading and installing Mobile@Work, the device user must register with MobileIron Core by entering their user name, password, and server details.

NOTE: In iOS 13, the option to "Allow Always" was removed from the iOS Settings app. Instead, a dialog box displays requesting device users to enable tracking when the Mobile@Work app is running. Mobile@Work opens iOS Settings where device users can choose "Ask Next Time" or "Never". MobileIron recommends device users to enable tracking. This change applies to all versions of iOS 13 through the latest version as supported by MobileIron. Mobile@Work for iOS does not track device users' location without consent.

If a customized terms of service agreement has been defined on MobileIron Core, users will need to accept the agreement before registering with Core.

Auto-populating the MobileIron Core server name during registration

Auto-populating the MobileIron Core server name streamlines the registration process and eliminates the need for the user to type it. You can auto-populate the Core server address based on the device phone number or the email address.

NOTE: This feature is not supported for devices with Android v6.0 and above.

Auto-populating the MobileIron Core server name based on email address

To auto-populate the server name based on the device user’s email address, you only need to register your MobileIron Core with MobileIron. Additional configuration on Core is not required.

Users must enter their full email address when prompted to enter their user name in the registration screen. MobileIron matches the email domain to the appropriate MobileIron Core and populates the registration screen with the correct server name.

Registering your MobileIron Core with MobileIron

To register your MobileIron Core, open a ticket on the MobileIron Support portal and provide the following information:

  • your company name (e.g. MobileIron)
  • your email domain (e.g. mobileiron.com)
  • your MobileIron Core hostname for on-premise Core, or m.mobileiron.net:<appropriate port number> for Connected Cloud.

Auto-populating the MobileIron Core server name based on the phone number

You can also auto-populate the MobileIron Core server name based on the device’s phone number. The following setup is required:

  • Core access to the MobileIron Gateway. Configure the required ports. See the “Changing Firewall Rules” section in the Installation Guide for details.
  • Enable server name look up in the Admin Portal on the Settings > System Settings > Users & Devices > Device Registration page.

To enable server name lookup:

  1. In the Admin Portal, go to Settings > System Settings > Users & Devices > Device Registration.
  2. Select Enable Server Name Lookup.
  3. Click Save.

Note The Following:

  • Because this feature relies on a mobile number, it does not apply to iOS devices.
  • The mobile number must also be present on the SIM in order for the Enable Server Name Lookup option to work.
  • Registering MobileIron Core with MobileIron is not required.

Registering an Android device with Mobile@Work

After the Mobile@Work app is installed on your device, complete registration as a corporate user.

Procedure

  1. Tap the Mobile@Work app icon.

    A permissions notice page is displayed to tell the user that they are about to be asked for permission to allow access to their device if you are installing Mobile@Work on Android 6.0 through the most recently released version as supported by MobileIron for the first time.

  2. Select OK.
  3. The next page asks to Allow MobileIron to make and manage phone calls from the device. This is mandatory for registration. If you click Deny, then you will be sent to TURN ON screen to Open Settings.
  4. Click Allow to display the Settings screen of the Android device.
  5. Click Permissions.
  6. Enable Phone permissions.
  7. If you visited the Setting screen, use the Android Back key to go back to the Mobile@Work registration page.
  8. Click Next.
  9. After the device admin mode is activated at a later stage, a Samsung device automatically enables all the listed permissions automatically (Contacts, Location, SMS and Phone).
  10. Enter your corporate email address or server URL.
  11. Click Next.
  12. Read the Privacy Statement and click Continue.
  13. Enter your username and password for your corporate account.

  14. Click Sign In.

    If you are using a non-Samsung device you will be asked to proceed with Permissions if you did not enable Location permission.

  15. Click Continue.

  16. Allow MobileIron to access this device's location (optional for non-Samsung devices). If you do not grant location permission, the administrator cannot perform location related operations for the device.

    Click Allow.

Requiring device identifiers for enrollment

You have the option to make the collection of a device’s hardware identifiers such as the IMEI number and the phone number optional before the device is enrolled. If you disable Require device identifiers for enrollment, the enrollment will still proceed, but the client will not collect the device identifier data. The device would be a "PDA" device such as a tablet.

Procedure

  1. In Admin Portal, go to Settings > System Settings > Users & Devices > Registration.
  2. Select Require device identifiers for enrollment.
    This is supported on devices using Android 6.0 through the most recently released version as supported by MobileIron.
  3. Click Save.
NOTE: Phone number lookup is supported on devices in Device Owner mode and using Android prior to Android 6.0.