The following tasks must be completed before you begin to configure Exchange.

Similar documents
INSTALLATION AND SETUP VMware Workspace ONE

Integrating a directory server

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP. For VMware AirWatch

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

VMware AirWatch Certificate Authentication for EAS with ADCS

Certificate Management

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

Conditional Access Policies

Workspace ONE UEM Certificate Authority Integration with JCCH. VMware Workspace ONE UEM 1810

AirWatch Mobile Device Management

NotifyMDM Device Application User Guide Installation and Configuration for Android

Knox Mobile Enrollment

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

VMware AirWatch Integration with SecureAuth PKI Guide

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

Intune Policies Guide

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

Password Reset Utility. Configuration

VMware AirWatch Integration with RSA PKI Guide

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Samsung Knox Mobile Enrollment. VMware Workspace ONE UEM 1902

Implementing Infoblox Data Connector 2.0

Integrating AirWatch and VMware Identity Manager

Table of Contents. VMware AirWatch: Technology Partner Integration

VMware AirWatch: Directory and Certificate Authority

Verizon MDM UEM Unified Endpoint Management

The following device commands are used most frequently: Lock/Unlock device O - O O. Reset screen password O - O - Factory reset + Initialize SD Card

Setting up Certificate Authentication for SonicWall SRA / SMA 100 Series

Cloud connector. The system architecture of SCC to integrate with your LDAP is as follows:

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

VMware AirWatch - Workspace ONE, Single Sign-on and VMware Identity Manager

HCP Anywhere. By Storage & Cloud Services. Quick Start Guide Nov 2017 HCP ANYWHERE

Pulse Secure Mobile Android

Table of Contents HOL-1757-MBL-6

Workspace ONE UEM Certificate Authority Integration with Microsoft ADCS Using DCOM. VMware Workspace ONE UEM 1811

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Storage Made Easy Cloud Appliance installation Guide

Microsoft Exchange Server 2013 and 2016 Deployment

McAfee MVISION Mobile Threat Detection Android App Product Guide

VMware AirWatch Integration with Microsoft ADCS via DCOM

EMS DESKTOP CLIENT Installation Guide

Implementing Cross-Domain Kerberos Constrained Delegation Authentication An AirWatch How-To Guide

ZENworks Configuration Management 2017

INTACTPHONE USER GUIDE

IT Admin User Guide. Knox Developers App (KDA) User Guide v1.0

Installing and Configuring vcloud Connector

Centrify for Dropbox Deployment Guide

Texas Division How to Login and Register for My IT Support and ServiceNow

Sophos Mobile Control Administrator guide. Product version: 5.1

Quo vadis? System Center Configuration Manager Full managed desktop. Mobile device management Light managed device policies, inventory,

Kerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1810

Introduction to application management

Device commands. Device Command. Compliance

Setting Up Resources in VMware Identity Manager

AirWatch for Android Devices for AirWatch InBox

McAfee MVISION Mobile Microsoft Intune Integration Guide

Sophos Mobile. server deployment guide. product version: 9

Enhancing Exchange Mobile Device Security with the F5 BIG-IP Platform

Splashtop Enterprise for IoT Devices - Quick Start Guide v1.0

PULSE CONNECT SECURE APPCONNECT

VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

Status Web Evaluator s Guide Software Pursuits, Inc.

Kerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1811

MyRackspace Customer Portal Permissions Guide

Office 365 Administration and Troubleshooting

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

Set up a Customer Site

Veritas Exam ST0-202 Symantec Mobile Management Suite (CMS/ITMS) 2013 Version: 7.0 [ Total Questions: 139 ]

Configuration Guide. BlackBerry UEM. Version 12.9

Strengths of Knox Manage Kiosk

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

Installing and Configuring vcloud Connector

Getting Started New User. To begin, open the Multi-Factor Authentication Service in your inbox.

Account Set Up Guide

Security 3. NiFi Authentication. Date of Publish:

Active Directory Integration and Interaction with Connect ONSITE

Cloud Secure Integration with ADFS. Deployment Guide

2. New Smart Phone Registration in Afaria

NotifySCM Workspace Administration Guide

TouchDown for Android Installation and Configuration Guide

Secure External Phone Services Configuration Example

Barracuda Networks Android Mobile Application

ENTRUST CONNECTOR Installation and Configuration Guide Version April 21, 2017

App Gateway Deployment Guide

Pulse Workspace Appliance. Administration Guide

Setting up Microsoft Exchange Server 2016 with Avi

Mobile Admin GETTING STARTED GUIDE. Version 8.2. Last Updated: Thursday, May 25, 2017

Tenable.io for Thycotic

Office 365 Mobile Instructions. Setup on Apple (iphone, ipad) devices

Microsoft Administering System Center Configuration Manager...

Release Notes. Dell SonicWALL SRA Release Notes

Pulse Secure Mobile Android

RECOMMENDED DEPLOYMENT PRACTICES. The F5 and Okta Solution for High Security SSO

20532D - Version: 1. Developing Microsoft Azure Solutions

Proofpoint Threat Response

Sophos Mobile. server deployment guide. product version: 8.6

SafeConsole On-Prem Install Guide

Load Balancing VMware Workspace Portal/Identity Manager

Transcription:

Setting Exchange Mail servers, such as Microsoft Exchange Server, can be integrated and used through Knox Manage on the user's device. This Guide describes the method of connecting to Microsoft Exchange Server by authenticating user information in Active Directory based on a certificate issued by a Certificate Authority (CA). Preparations The following tasks must be completed before you begin to configure Exchange. Active Directory service A certificate authority (CA) server - The client certificate must be issued for authentication. Microsoft Exchange server. - For more information about configuring certificate based authentication, see Configuring Exchange server and https://technet.microsoft.com/en- US/library/mt791265(v=exchg.160).aspx. Sign in the Knox Manage Admin Portal and register a user and organization. Install the Cloud Connector Client - To establish a secure channel with the Cloud Connector when connecting to the Directory server and the CA server, you must install the Cloud Connector Client on the customer site. For more information, see Installing the SCC client. Configuring Exchange server To authenticate the user on the device with Exchange ActiveSync, follow the steps set out below. Certificate Authentication settings 1. Open IIS Manager on the Exchange server. An easy way to launch IIS Manager is to go to Start > Run, and enter inetmgr, and select Internet Information Service (IIS) Manager. 2. Select the server in the left Connection area, and double-click Authentication in the right IIS section. 3. Select Active Directory Client Certificate Authentication on the Authentication page. 396

4. Click Enable in the Actions. SSL settings 1. Select Microsoft-Server-ActiveSync under the Default Web Site in the left area, and double-click SSL Settings in the right section. 2. Confirm Require SSL is checked, and select Require in Client certificate on SSL Settings. 3. Click Apply in the Actions. Client certificate mapping settings 1. Select Microsoft-Server-ActiveSync under the Default Web Site in the left area, and double-click Configuration Editor in the right section. 397

2. Navigate to system.webserver/security/authentication in the Section drop-down menu. 3. Select True on the enabled, and click Apply in the Actions. Setting Exchange profile with ADCS and AD The process for setting up an Exchange server is as follows: 1. Add a directory server for user information. 2. Add a directory connector for searching users. When you use the email from registered users information of Knox Manage, skip step1 and 2, and select User information in User information input method of the profile settings. When copying the certificate from the CA to the directory, you can register the certificate directory service. For the procedure with the certificate directory service, see Setting Exchange profile with certificate registered in AD. 3. Add the CA to authenticate the users. 4. Add the certificate templates. 5. Add Exchange setting in the profile. 6. Deploy the device management profile to user device. From steps 1 and 3, you can set the cloud connector for a secure channel between directory / CA servers and Knox Manage server. For more information about setting cloud connector, see Cloud connector. 398

How to set Email server with CA To set the Exchange server with Certificate template, complete the steps below. This guide only mentions what to watch out for, so see the SAMSUNG Knox Manage Administrator Guide for detailed information about whole item: Adding directory server Aside from user synchronization, which is required to enter user and organization information in Knox Manage, you need to add a Device Management Directory service. 1. Go to Settings > System Integration > Directory Integration. 2. Click and enter directory server information. Click Save. For more information, see Integrating a directory server. User ID is the administrator's information specified on the directory server. You may enter a {Domain}\{Admin ID}, {Admin ID}@{Domain}, or use several other formats, including CN={Admin ID},CN={Users},DC={Domain},DC=com. If you want to use cloud connector between the directory server and the Knox Manage server, select TRUE in Cloud Connector. Adding directory connector Set fields that you wish to include in user information in the Pool, which is the Directory server that has been added. You can select this connector when you set up a profile only if a connection has been established through a connection test. 3. Go to Settings > System Integration > Directory Connectors. 4. Click and enter directory service information. Click Save. Select the Pool name registered in Adding directory server. 399

Select Profile Configuration (User) in Directory Type. In the Output Field Settings field, the User ID and Email attributes are automatically filled out, and you may choose to use them as-is. This connector is used if you have selected Connector interworking as the User information input method in Exchange settings. Adding CA Add a certificate authority that issues a certificate that will be used for user authentication. In this example, we are using ADCS. 5. Go to Certificates > Certificate Authority (CA). 6. Click and enter CA information and click Save. Once a connection test is completed, the target CA that issues and manages the relevant certificate is displayed. 400

Adding certificate template This certificate template will be installed in the user device, and it is used for communication with the Exchange server and the device. 7. Go to Certificates > Certificate Templates. 8. Click and enter the certificate template for Exchange. Click Save. Select CA registered in Adding CA from the drop-down CA list. Select a reference item as Subject Name, Email is most commonly used. Select Exchange in Certificate Usage. Select Email Address in SAN Type, and click items. and select Email in reference 401

Adding settings with CA in Profiles Create a Device Management Profile in Profiles, and then configure the Exchange settings. 9. Go to Profiles > Device Management Profile. 10. Click and New Registration. 11. Enter Profile Name and Profile Description, and click Next. 12. Click Settings for the platform you want to add settings to. 13. Select Exchange in Category and enter the information required for the Exchange settings. For more information about each item, see Exchange settings for Android. 14. Select Connector interworking in User information input method, and select the directory connector registered in Adding directory connector. When you use the email from registered user information of Knox Manage, and select User information in User information input method. 15. Select Issuing external CA in User certificate input method, and select the certificate template registered in Adding certificate template. EMM Management Certificate is an option that allows you to use a certificate added in External Certificates when a single account is used. Connector interworking is an option that allows you to integrate the connector that you have added in Adding directory connector by selecting Profile Configuration (Certificate) in Directory Type, provided that you have copied the certificate to the Directory. Select Use in SSL to set SSL between the device and Exchange server. 402

16. Click Apply to deploy the device management profile to the user device. Using Exchange on the device 17. Go to Download Configuration from the Knox Manage application. Tap Install to download the Exchange configuration. The user certificate for exchange is installed in the device. 18. Tap the notification for setting up the new email account. 19. Accept the privacy policy and activate device administrator. 20. You can see that your email account is added to the Samsung email application. 403

To install the exchange configuration, The User ID in the Knox Manage application should be the same as the User ID of Active Directory. The user's email in the Admin Portal is used as the email account for Exchange server. 404

Setting Exchange profile with certificate registered in AD To set the Exchange server with Certificate directory, complete the steps below: 1. Add a directory server for user information. See Adding directory server. 2. Add a directory connector for searching users. See Adding directory connector. When you use the email from registered users information of Knox Manage, skip step1 and 2, and select User information in User information input method of the profile settings. 3. Add a directory connector for authenticate the users when copying the certificate from the CA to the directorythe CA to authenticate the users. See Adding certificate connectors. 4. Add Exchange setting in the profile. See Adding settings with certificate connector in Profiles. 5. Deploy the device management profile to user device. See Using Exchange on the device. From steps 1, you can set the cloud connector for a secure channel between directory server and Knox Manage server. For more information about setting cloud connector, see Cloud connector. Adding certificate connectors 1. Go to Settings > System Integration > Directory Connector. 2. Click and enter directory service information. Click Save. Select the Pool name registered in Adding directory server. Select Profile Configuration (Certificate ( Certificate) in Directory Type. The Cert File* and Cert. Name attributes are automatically selected in the Output Field Setting. Select each Source Name and click Loading Attribute button, and set the property title as below image. (certificatetemplates:cert File*, usercertificate:cert. Name) This connector is used if you have selected Connector interworking as the User certificate input method in Exchange settings. 405

Adding settings with certificate connector in Profiles 1. Go to Profiles > Device Management Profile. 2. Click and New Registration. 3. Enter Profile Name and Profile Description, and click Next. 4. Click Settings for the platform you want to add settings to. 5. Select Exchange in Category and enter the information required for the Exchange settings. For more information about each item, see Exchange settings for Android. 6. Select Connector interworking in User information input method, and select the directory connector registered in Adding directory connector. When you use the email from registered user information of Knox Manage, and select User information in User information input method. 7. Select Connector interworking in User certificate input method, and select the certificate template registered in Adding certificate connectors. Select Use in SSL to set SSL between the device and Exchange server. 8. Click Apply to deploy the device management profile to the user device. 406

407

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback