Versions Compared

Old Version 2

changes.mady.by.user Ylva Andersson

Saved on

compared with

New Version 3

changes.mady.by.user Ylva Andersson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updates in the intro and added Prerequisites section.

This article describes how to set properties regarding environment variables for MobileIron connector in the smartid.env file. MobileIron is a Mobile Device Management (MDM) solution. The connector is used to provision certificates to a mobile device via the MDM. The MDM is addressed using a SCIM export.

Info
title<SMARTIDHOME>

In this article, <SMARTIDHOME> refers to /home/nexus, but this can be different depending on the setup.

Prerequisites

Expand
titlePrerequisites
  • The Smart ID version must include SCIM export (applicable for versions from 22.04.x and later).

Step-by-step instruction

Expand
titleSet up MobileIron

Certificate provisioning:

  1. Got to the MobileIron application and open the admin panel.
  2. Navigate to Policies & Configs and click the Add New ->Certificate Enrollment ->User-Provided button.

Users in MobileIron:

  1. After configuring the LDAP connection in MobileIron, you need re-sync of the existing user. There is no entry from LDAP to MobileIron automatically imported. 


Expand
titleSet up MobileIron properties
  1. Open the environment file <SMARTIDHOME>/compose/smartid.env for editing. 
  2. Set the properties for the following three variables to fit your deployment:

    MOBILEIRON_REST_URL=<your URL>
    MOBILEIRON_REST_USERNAME=<your username>
    MOBILEIRON_REST_PASSWORD=<your password>

    Optionally:
  3. If you run Identity Manager without docker, use the following properties in mdm-connection.properties  to set up the MobileIron properties:

    mdmContext.mobileiron.rest.url=<your URL>
    mdmContext.mobileiron.rest.username=<your username>
    mdmContext.mobileiron.rest.password=<your password>



Expand
titleExport data to MobileIron

The actual data export to the Mobileron connector will be configured via SCIM export in Smart ID Identity Manager.

For provisioning of certificates, you need to use a SCIM export. For each "container" in MobileIron there needs to be one export.

  1. Log in to Identity Manager Admin and open Export Definitions. There is already pre-defined export definition for MobileIron, but if not, you can create a new one. For more information, see Set up data export to external data source from Identity Manager


Expand
titleOption: Override the default properties

The default properties for the MobileIron connector, set in smartid.env, can optionally be overridden by setting three extra variables in the process map, prior to the SCIM export. This allows to access multiple MobileIron instances, by sending the connection parameters dynamically via the BPMN process configuration.

  • scimServerUrl - specifies the MobileIron instance that the connector will connect to
  • scimServerUsername - the username for the MobileIron server
  • scimServerPassword - the password for the MobileIron server
This article is valid for Smart ID 22.04.1 and later.