Creating and Configuring a Mobile Device Server Profile
A mobile device server profile allows you to configure logging, device connections, secondary server support, updates, and other settings for the mobile device server. A mobile device server profile can have its status set to enabled or disabled. The profile must be enabled before you can apply it. The home location for the profile is the location you have selected when you create the profile.
Mobile device server profiles are exclusive. With exclusive profiles, only the highest priority profile of that type is applied at any given folder. With inherited profiles, it is possible to have two profiles with the same priority number applied at a folder; in this situation, the profile that is applied at (or nearest to) the selected folder takes priority.
To create a mobile device server profile
1.From the Profiles tab, click New Profile.
The New Profile dialog box appears.
2.Click Mobile device server.
3.Type the name of the profile in the Name text box and configure the profile settings.
A mobile device server profile has the following configuration options:
General Configuration
The general settings for a mobile device server profile include security, terminal IDs, logging, licenses, secondary servers, and settings for how the server handles mobile device information.
Server Security
Avalanche supports encryption and authentication methods to prevent unauthorized mobile devices from accessing your network.
Transport Encryption |
Matches the level of encryption with the capacity of the mobile device. Communication between the mobile device server and mobile devices will be encrypted to the degree possible. |
Strict Transport Encryption |
Uses AES encryption for information. Only Enablers that support AES encryption (Enabler 5.0 or newer) will be able to connect to the server when strict transport encryption is enabled. |
Server Authentication |
Forces mobile devices to communicate with a single known server. Mobile devices must first connect to the network through a serial connection (RS232) to receive information about the server with which they are allowed to communicate. When you enable this option, the mobile device will challenge any mobile device server attempting contact for a password. If the mobile device server does not have the correct password, the mobile device will not allow a TCP/IP connection. |
Mobile Device Authentication |
Requires mobile devices to initially connect to the server through a serial connection (RS232) and receive an authentication key. When you enable this option, the mobile device server will challenge any device attempting to connect to the server for a password. If the mobile device does not have the correct password, the mobile device server will not allow a TCP/IP connection. If an environment involves mobile devices roaming from one server to another, it is strongly recommended that you do NOT activate mobile device authentication. |
Server Resources
A mobile device server profile allows you to configure the following aspects of server resources:
Serial Ports reserved for management |
Configures a mobile device server to automatically listen for mobile devices using the serial ports on a remote system. Only one application on a host system can maintain ownership of a serial port. If the mobile device server controls the serial ports on the host system, then no other application will be able to use them. Likewise, if another application on the host system (for example, Microsoft ActiveSync) has control of the serial ports, then the mobile device server will not be able to use them. If you list more than one port, separate them with semicolons. For example: COM1;COM2 Serial connections are required to implement Mobile Device and Server Authentication methods. |
Restrict number of concurrent devices |
Allows only the specified number of devices to update simultaneously. |
License Return
A mobile device server profile has the following licensing options:
Release after _ days of inactivity |
Sets how long the mobile device server will wait before it returns a license for an inactive device to the pool of unused licenses. |
Enable Fast-Expiration |
Allows the server to terminate the license lease after the specified time period without contacting the device. If this option is disabled, the server will attempt to contact any devices that have not communicated with the server in the configured time period. If the device does not respond, the license lease will be terminated. |
Secondary Server
You can configure the following connection settings:
Enable Secondary Server Support |
Authorizes the mobile device to attempt to connect a secondary mobile device server if the primary server is not available. You can click on the Secondary Servers button to configure the list of secondary servers and their addresses/hostnames. |
Override Connection Timeout Settings |
The mobile device server profile settings will override any connection settings configured on the mobile device. |
Server Connection Timeout |
Configures the number of seconds the mobile device will wait between attempts to connect to the current mobile device server. |
Server Advance Delay |
Configures the number of seconds before the device advances to the next server. Ensure the Server Advance Delay setting is a multiple of the Server Connect Timeout setting. For example, if you have your Server Connect Timeout set to 10 seconds and the Server Advance Delay set to 60 seconds, the mobile device will attempt to contact the server six times (every 10 seconds for 60 seconds). |
Device Folder Assignment
A mobile device server profile allows you to dynamically assign mobile devices to specific folders based on the selection criteria of the device and change their folder assignment automatically if device properties change:
Dynamic by selection criteria |
Allows devices to be dynamically reassigned to a folder with matching selection criteria each time the device checks in with Avalanche. The mobile device server assigns devices to specific groups and folders based on selection criteria. The properties of a device determine its folder placement on Avalanche, and thus the payloads it receives. By selecting this option, each time a mobile device checks in, it is assigned to a folder with selection criteria matching the device's properties. If the device properties haven't changed, it stays in the same folder. If they have changed, the device is reassigned to a folder with the new selection criteria and receives the payloads associated with that location. If this option isn't selected, when a device is assigned to a group and folder, it remains in that location even if the device's properties are altered to match another folder's selection criteria. |
Terminal ID
A mobile device server profile allows you to configure how terminal IDs are determined:
Terminal ID Range |
The mobile device server assigns each device a terminal ID the first time that the device communicates with the mobile device server. The number the mobile device server selects is the lowest number available in a range of numbers you can configure. You also have the option to use a C‑style format to create a template for the terminal ID range. For example, Seattle‑%d would generate IDs such as Seattle‑4, and Seattle‑%05d would generate IDs such as Seattle‑00004. To change a terminal ID that has already been assigned to a device, click Edit Terminal ID on the Properties tab of the Mobile Device Details dialog box. |
Server Logging
A mobile device server profile has the following logging settings:
Logging |
The current Avalanche log file is saved as Avalanche.log to the <Avalanche Installation Directory>\Service directory. Once the current log file reaches the maximum size, it is saved as Avalanche.log.<num> (where <num> is a number between 000 and 999), and a new Avalanche.log file is created. The following logging options are available on a mobile device server: Critical. Writes the least information to the log file, reporting only critical errors that have caused the mobile device server to crash. Error. Writes errors that are caused by configuration and/or communication problems and critical messages to the log file. Warning. Writes critical messages, error messages, and indicates possible operational problems in the log file. Info. The recommended logging level. This logging level documents the flow of operation and writes enough information to the log file to diagnose most problems. Debug. Writes large amounts of information to the log file that can be used to diagnose problems. Max Log Size. Specifies the maximum size (in KB) of the log file before beginning a new file. |
Device Statistics
You can configure settings from the mobile device server profile that affect how the mobile device interacts with the mobile device server. These settings include:
Device Chat Timeout |
Sets the time in minutes that both the device and the server will wait before dropping a chat session. |
Device Comeback Delay |
Sets the time in minutes that the mobile device will wait before trying to connect to the mobile device server after a connect rejection. (For example, if the device tried to connect during an exclusion window.) |
Enable Device Caching |
Enables mobile devices to download software package files from other mobile devices on the same subnet instead of from the mobile device server. Device caching reduces the demands on the mobile device server during software package deployment. For information about implementing device caching, contact Ivanti Customer Support. |
Enable Persistent Connection |
Causes each device to create a persistent TCP connection with the mobile device server. This ensures communication in an environment where UDP packets cannot reliably be transmitted. |
Enable SMS Notification |
Allows the mobile device server to use SMS notification if a device cannot be reached by UDP packets. This option is only available for devices with a phone and must be configured on the device and at the Enterprise Server. For more information on enabling SMS notification, contact Ivanti Customer Support. |
Suppress GPS Data Collection |
Causes the mobile device server to discard GPS data collected from the devices without sending it to the Enterprise Server. |
Suppress Radio Statistics Collection |
Causes the mobile device server to discard radio statistics data collected from the devices without sending it to the Enterprise Server. |
Suppress Realtime Properties Data Collection |
Causes the mobile device server to discard realtime properties data collected from the devices without sending it to the Enterprise Server. |
Suppress Software Inventory Collection |
Causes the mobile device server to discard software profile data collected from the devices without sending it to the Enterprise Server. |
Device Specific File Transfers
You can specify the path for uploading files to and downloading files from the mobile device server.
Directory for files uploaded from device |
When a package’s .PPF file specifies that files are to be uploaded to Home, this option provides the path to Home on the machine local to the mobile device server. If no path is specified, Home is defined as the mobile device server installation directory. |
Directory for files downloaded to device |
When a package’s .PPF file specifies files that are to be downloaded from Home, this option provides the path to Home on the machine local to the mobile device server. If no path is specified, Home is defined as the mobile device server installation directory. |
Server Communication Restrictions
To allow you more control over bandwidth usage, Avalanche uses blackout windows and update restrictions in the mobile device server profile. During a server-to-server blackout, the mobile device server is not allowed to communicate with the Enterprise Server. During a device-to-server restriction, the mobile device server is not allowed to communicate with mobile devices.
To create a blackout/exclusion window
1.From the Profiles tab, click on the mobile device server profile from the Available Profile panel.
The Mobile Device Server Profile Details page appears.
2.Click Edit.
3.If you want to create a server-to-server blackout window, click the New button in the Server-to-Server Communications Restrictions panel.
- Or -
If you want to create a device-to-server exclusion window, click the New button in the Device-to-Server Communication Restrictions panel.
4.The New Blackout/Exclusion Window dialog box appears. Type the start and end time of the blackout window. Enable the boxes for the days you want the blackout to apply and click Save.
Blackout windows are scheduled using a 24-hour clock. If you create a window where the start time is later than the end time, the window will continue to the end time on the following day. For example, if you scheduled a window for 20:00 to 10:00 on Saturday, it would run from Saturday 20:00 until Sunday 10:00.
Device Update Schedules
From the mobile device server profile, you can schedule profile-specific updates for your mobile devices. When you configure a mobile device server update, you have the following options:
Event type |
Select a one-time event, a recurring event, or a post‑synchronization event. A post-synchronization event will take place after each deployment between the Enterprise Server and the mobile device server. This ensures that each time the Server is updated, the devices are as well. |
Time Constraints |
Set the start time and, if desired, the end time for the event. |
Allow the mobile device user to override the update |
Creates a prompt when the update is scheduled to occur that allows the mobile device user to override the update. |
Delete orphaned packages during the update |
Causes packages that have been orphaned to be removed from the device. A package is considered orphaned if it has been deleted from the Avalanche Console, if the software profile it belongs to has been disabled, or if the package has been disabled. |
Force package synchronization during the update |
Causes the mobile device server to verify the existence and state of each file of each package individually rather than consulting the meta-file. |
To schedule a profile-specific device update
1.From the Profiles tab, click on the mobile device server profile from the Available Profile panel.
The Mobile Device Server Profile Details page appears.
2.Click Edit.
3.In the Device Update Schedule panel, click New.
The New Device Server Update dialog box appears.
4.Select the event type. If you select Recurring Event, determine whether the update occurs on either a daily or weekly basis. If you select Weekly from this list, you must also select the day on which the update occurs.
5.Set the start date and time.
If you chose a post-synchronization event, the start and stop time options do not apply.
6.If desired, enable the Stop if not completed by option. Set the stop date and time. Selecting an end time is not required.
7.Enable the other update options as desired.
8.Click Save.
The update appears in the Device Update Schedule panel.
Many mobile devices incorporate a sleep function to preserve battery life. If a device is asleep, you must “wake” it before it can receive a server-initiated update from Avalanche. Wake-up capability is dependent on the type of wireless infrastructure you are using and the mobile device type. Contact your hardware and/or wireless provider for details.