|Configuring directory services||
Watch the Video!
AirWatch has extensive capabilities to help corporations easily integrate the AirWatch solution with existing enterprise systems. AirWatch’s Enterprise Integration allows users to authenticate using enterprise directory service credentials and provides even deeper integration with enterprise systems by allowing the administrator to leverage AD/LDAP user groups in AirWatch. Furthermore, integration with device management APIs , which can be integrated into third party or internal applications, provides a high level of both management and security.
The Directory Services page enables the integration of the AirWatch server with a corporate directory services server to provide directory based account access and to enable the administrator to leverage LDAP/AD groups in AirWatch.
This example will walk through configuring LDAP or AD integration, and assumes that the ACC is already configured or that the AirWatch console can communicate directly to the directory server.
Navigate to Accounts / Users / Settings / Directory Services / change Current Setting to Override / select Configure
- Select No to using SAML for authentication and then Next
- Choose No to configuring the Cloud Connecter and Next
- Fill out the Server information. The fields are as follows:
- Directory Type – Select LDAP for any type of server other than Active Directory.
- Server – Enter the address of the directory services server.
- Bind Username & Bind Password - Enter the credentials to authenticate with the directory server. This account allows read access permission on your directory server and binds the connection when authenticating the users.
- Click Next and allow AirWatch to auto-detect the remaining directory settings.
- Update directory fields if necessary and click Next when done.
- Review the final questions regarding how you would like AirWatch to reflect changes in your directory. Select Next when done.
- Select Yes to enable Directory Services as a method of authentication for enrollment. Click Finish to save these changes.
|Configuring directory enrollment||
Watch the Video!
The Enrollment page enables the usage of the Directory Service integration for the enrollment of devices into AirWatch. Enabling directory enrollment for users can be done as part of the directory services setup wizard, or by following the steps shown below:
- Navigate to Accounts / Users / Settings / Enrollment
- Select Override for Current Settings. Fill out the fields are as follows:
- Authentication Mode(s): Check Directory to activate Directory Enrollment
- Device Enrollment Mode: Select Open Enrollment if you want to allow open access to all your directory users. Selecting Registered Devices Only will require an administrator to add the Directory users prior to their enrolling into AirWatch.
- Require Agent Enrollment For iOS: Requires that iOS users download the AirWatch Agent prior to enrollment if checked.
- Require Agent Enrollment For OSX: Requires that OSX users download the AirWatch Agent prior to enrollment if checked.