Kenny

LDAP Server - Enrolling WIndows Modern Devices.

Description

When creating an agent its says we need to use an LDAP Group.   Of course in the tutorial  videos these are already set up.    My pull downs are empty.  What do I do now?  ,   I assume this has to be set up on the PC that is running SOTI.   I am running Soti on a window 7 machine that is on a separate wireless network.   I have an agent that was created to run on Window 8.  Can I use that agent?  Sorry to be so clueless any help would be appreciated.   I need a SOTI for dummies book    

...Readmore

1 answer 0 upvote 19 views 3 days ago SOTI MobiControl - Windows


1 Answer


Raymond, Chan | posted this 3 days ago

If you need AD/LDAP for enrolling devices of any supported platform,  then

1. Have a running AD/LDAP server with required AD/LDAP user and group entries configured

2. Add an LDAP/AD connection with proper address/FQDN/port, domain, authen. mode, etc. (see https://www.soti.net/mc/help/v14.0/en/console/system/ldap/ldap.html, which is basically accurate also for v12.x or v13.x of Mobicontrol).  You don't need to configure any field in various attributes group if you connect to an Microsoft AD server.  Otherwise, you might need time and expertise to configure the various attribute filter settings for MobiControl to correctly extract proper information from your LDAP server.

3. Choose AD/LDAP mode for authentication in your Add-Devices rule, and map each required AD/LDAP group to a target Mobicontrol target device-group. If your step 2 has been done properly, you can select available AD/LDAP group(s) in the web-console while you are  editing related fields in your Add-Devices rule.

 

There are always security issues (permissions, firewall exception, etc.) you need to consider to make sure the AD/LDAP is reasonably safe and can be queried by your Mobicontrol server.  I think MobiControl Windows Modern only supports  Windows 8/8.1 Phone  and some editions of  Windows 10 Desktop/Phone devices, and has the MDM device agent built in without any need for you to generate one with MobiControl.   On the contrary, Windows XP, Vista, .., up to Windows 7/8 devices require agent from Mobicontrol, and are only supported in the Windows Classic platform, and not in the Windows Modern platform in MobiControl.  Also, please be reminded that some Windows 10 editions support MDM enrollment  without requiring AD/LDAP.

  • 1
  • 0
Close