Questions / Problems after upgrate to new MobiControl version

Questions / Problems after upgrate to new MobiControl version

Hi guys,

 

do you know if the version 15.1.2 is running on Windows Server 2019? In the documentation only Windows Server 2016 is mentioned. I wasn't able to get a test installation on a Windows Server 2019, but I'll do that in the future. But maybe someone of you already tried that.

The more important part:

We encountered some problems after the upgrade from version 14.4.9 to 15.1.0. I hope you have some ideas.

The first one isn't that bad, but I find it quite interesting. And maybe the second problem does have the same issue.

After the upgrade, the login with the local admin account wasn't possible anymore. I loged in with my AD admin account, the local admin account wasn't locked or inactive. We fixed the issue by resetting the password, after that, login was fine. Did you encounter the same problems after an upgrade?

The second issue is with the Android Enterprise bindings. 

After the upgrade we enrolled one device as Work Managed device with Zero Touch.

We used Zebra TC56 and TC57 as testing devices.

After connection the device to a WLAN, Zero Touch started. The Soti Enterprise agent got installed, but the device didn't get enrolled automatically. After opening the agent, we had to enter the Enrollment ID manually. After doing that, the device connected to our server, the device got created and is visible in the web console. 

The problem is the device agent is stuck in the step to get a Google Account.

On the server we got the error message: Error message received from device (Managed Google Play Account Status:'EMPTY_TOKEN Got response but there was no token!')

In the verbose logs there is this:

verbose logs

But the Enterprise binding is present on the server:

bindings

In our add device rules we are using the BMW Group binding.

My first test was to create a new binding, the BMW MDMI and use this binding in a new add device rule to get a new Enrollment ID.

So we enrolled a second device and entered the new Enrollment ID manually and the whole process was running without the binding error. 

Did you encounter some of these problems too after the upgrade or do you have an idea what happend there?

 

Thanks a lot for your help and best regards

 

Stefan

4 Answers

Order By:   Standard | Newest | Votes
DDMOD@SOTI | posted this 02 July 2020

Hi Stefan,

 

Thanks for posting your concerns.

MobiControl v15.1.2 can only be installed on Windows Server 2016. 

Can you ensure that these ports are open on the device and server network as they are needed for Android Enterprise enrollment:  
 

Destination Host Ports Purpose
play.google.com
android.com
android.clients.google.com
TCP/443
TCP,UDP/5228-5230
These endpoints are used to handle APKs in the Managed Play Store, and as such access to them should not be blocked as the Play Store would not work appropriately.  
google-analytics.com TCP/443
TCP,UDP/5228-5230
This endpoint is used to collect / display analytics information about the applications on the Managed Play Store. Blocking this endpoint will result in a degraded experience when using the Managed Play Store.
googleusercontent.com
gstatic.com
TCP/443
TCP,UDP/5228-5230
These endpoints are required to handle images on the Managed Play Store. Blocking them will result in a degraded experience when using the Play Store, including some services not working correctly.
*.gvt1.com
*.ggpht.com
dl.google.com
TCP/443
TCP,UDP/5228-5230
These endpoints are required so that applications can be downloaded and updates appropriately from the Play Store / Managed Play Store. We heavily discourage blocking updates by blocking these endpoints (e.g. if a vulnerability were to be discovered on an app, we would immediately patch and deliver the update through these endpoints).
*.googleapis.com TCP/443 These endpoints are required for EMM APIs, Google APIs and Play Store APIs to function correctly.
accounts.google.com TCP/443 These endpoints are used to handle Authentication requests, and generally any Identity related request.
gcm-http.googleapis.com
gcm-xmpp.googleapis.com
android.googleapis.com
TCP/443,5228-5230,5235,5236 Google Cloud Messaging. These endpoints are used to push app configurations.
fcm.googleapis.com
fcm-xmpp.googleapis.com
TCP/443,5228-5230 Firebase Cloud Messaging (e.g. Find My Device). These endpoints are used to push app configurations, and to use services such as “Find my device”).
pki.google.com
clients1.google.com
TCP/443 These endpoints are primarily used for certificate handling / revocation.
clients[2...6].google.com TCP/443 These endpoints are used by various Google backend services such as crash reporting, Chrome Bookmark Sync, time sync (tlsdate), and many others.

 

Regards,

Technical Support | SOTI Inc. |1.905.624.9828 | support@soti.net | www.soti.net |

  • 1
  • 0
Stefan Devernon | posted this 06 July 2020

Hi and thanks for your answer.

Do you know if there will be a new version that can be used on Windows Server 2019?

 

On the device we are using the cellular network so we don't have a firewall here.

On the MobiControl server, I'm pretty sure the ports are working because with the newly created Enterprise binding, it's working fine. If the ports are blocked, it shouldn't work with the new binding either.

Unfortunately the colleague who is able to look at the firewall rules is on holiday for the next few weeks.

 

Best regards

Stefan

  • 0
  • 0
Stefan Devernon | posted this 2 weeks ago

Hi guys,

 

I opened a ticket to Support.

The problem was in the Soti backend. Our registration code hasn't been successfully updatet for the Enterprise Binding.

Support and backend team managed to change our registration code. 

Enrollment is running smoothly now.

 

Best regards

 

Stefan

  • 0
  • 0
DDMOD@SOTI | posted this 2 weeks ago

Hi Stefan,

 

Thank you for sharing the solution on the described issue. Much appreciated!

 

Regards,

Technical Support | SOTI Inc. |1.905.624.9828 | support@soti.net | www.soti.net |

  • 0
  • 0

Give us your feedback
Give us your feedback
Feedback