Change MobiControl deployment and web URL?

Change MobiControl deployment and web URL?

I need to start thinking about changing my MobiControl URL as I need it to reflect the domain name of our parent company since we were purchased.  Is there a process for going about that considering I have 625 devices registered and communicating to the current system?


The server itself will not be changing.  I just need for the public facing URL to change from mobi.oldDomain.com to mobi.newDomain.com.  Could it be as easy as adding a CNAME record for mobi.olddomain.com to resolve to mobi.newdomain.com and then change the deployment, web, etc... URLs in the system?  All new devices would register to mobi.newdomain.com and the older devices would not know the difference?

 

Obviously I need to figure out the least intrusive way to do this without bringing down all of our systems live in the field. 

 

 

Thanks!

  • 07 May 2018
  • SOTI MobiControl
  • 2 Answers
  • 0 Upvote
  • 1 Follower
  • 2.6K Views
    • 2 Answers
    • 0 Upvote
    • 1 Follower

2 Answers

Order By:   Standard | Newest | Votes
Raymond Chan | posted this 08 May 2018

The feasibility and complexity depend at least on the following:

- What OS platform(s)  is/are involved for your 625 devices and the modes (e.g. is it DEP devices for iOS? Android Enterprise for Android?  Windows 10 for Windows? etc.)

- What is used for your device management address and other connection settings for your MobiControl servers?

- Whether you have used self-signed or third-party SSL certificate for your old domain

etc.

 

For a "properly" installed secure enterprise-grade implementation using an FQDN and paid SSL certificate from reputable CA,  I think migration of domain name without device recall/re-enrollment is basically not possible, primarily because  unique FQDN form the basis of most enterprise" MDM/EMM architecture  designed by all major platform owners (Google/Apple/Microsoft).  If it is so easy to perform such migration or change of server ID/FQDN,  device/data security can easily be compromised by redirecting a device to be controlled by a fake MDM/EMM server located at another FQDN. 

 

For some cases with less secure implementation, device end-users may be warned about possible fake server with such changes and prompted for approval to migrate. 

 

 I might be wrong.   Please consult Soti support/professional service team on your requirements and feasibility of such migration.  

 

  • 0
  • 0
Chris R. | posted this 08 May 2018

Thanks for the response.

 

The devices we have in the field are Android Samsung TabE tablets and Windows Mobile Zebra MC67 handhelds.  Around 65% are the Android tablets.

We use 1 address for all of the settings (deployment server, primary agent address, device management address, and management service address):  mobi.oldDomain.com


The public facing management address is secured behind our wildcard SSL (https://mobi.oldDomain.com/MobiControl) which has all of our domain names packaged in as subject alternative names (SAN) so in our case the certificate will not change, just the address.

  • 0
  • 0

Give us your feedback
Give us your feedback
Feedback