Resources for IT Professionals >
Mobility Forums
>
System Center Mobile Device Manager
>
Device Access Connection Method - Wi-Fi direct connection
Device Access Connection Method - Wi-Fi direct connection
- From http://technet.microsoft.com/en-us/library/cc135604(TechNet.10).aspx
.gif)
For this topology, the managed Windows Mobile device connects directly to the Mobile Device Manager (MDM) Device Management Server without the use of the MDM Gateway Server.
http://technet.microsoft.com/en-us/library/cc664626(TechNet.10).aspx
On the MDM Device Management Server, or any other server with MDM Administrator Tools installed, you run the following MDM Shell cmdlet to disable the Mobile VPN client on all devices:
Set-EnrollmentConfig -ActivateVPN:$false
Question:
If I use Wi-Fi direct connection method, whether I can simultaneously use the connections through MDM Gateway Server ?
If i run "Set-EnrollmentConfig -ActivateVPN:$false" - i disable use MDM Gateway Server?
Answers
- Mikhail Aleksandrov said:
Question:
If I use Wi-Fi direct connection method, whether I can simultaneously use the connections through MDM Gateway Server ?
If i run "Set-EnrollmentConfig -ActivateVPN:$false" - i disable use MDM Gateway Server?
This cmdlet specifies the configuration that is provided to the device upon enrollment. So if you want to have both connections through the gateway and directly to the MDM server you would need to enroll a device with VPN activated, then run "Set-EnrollmentConfig ...", enroll a new device. Obviously this would not work for a production scenario, so you can't really combine the two and have some users connecting through VPN and some users connecting directly.
Running "Set-EnrollmentConfig -ActivateVPN:$false" essentially disables the Gateway Server. Which also disables the possibility of using an instant remote wipe.- Marked As Answer byMikhail Aleksandrov Friday, June 20, 2008 9:22 AM
- Proposed As Answer byAndreas Helland Friday, June 20, 2008 7:56 AM
- As stated on the bottom of http://technet.microsoft.com/en-us/library/cc664626(TechNet.10).aspx, the features that you loose by not using a Gateway server are around the Alerter Service.
"The Alerter service on MDM Gateway Server receives alerts from MDM Device Management Server for urgent commands, such as a managed device wipe. The Alerter service verifies that the managed device is connected to the network. Without an MDM Gateway Server you cannot use the Alerter service and will lose the ability to perform a Wipe Now request on a managed device. You will still be able to initiate a wipe immediately upon the next connection."
So the wipe now functionality will not work, but the device will recevie the wipe during it's next sync.
Marco..- Marked As Answer byRiley, MarkAnswererFriday, June 20, 2008 6:27 PM
All Replies
- Mikhail Aleksandrov said:
Question:
If I use Wi-Fi direct connection method, whether I can simultaneously use the connections through MDM Gateway Server ?
If i run "Set-EnrollmentConfig -ActivateVPN:$false" - i disable use MDM Gateway Server?
This cmdlet specifies the configuration that is provided to the device upon enrollment. So if you want to have both connections through the gateway and directly to the MDM server you would need to enroll a device with VPN activated, then run "Set-EnrollmentConfig ...", enroll a new device. Obviously this would not work for a production scenario, so you can't really combine the two and have some users connecting through VPN and some users connecting directly.
Running "Set-EnrollmentConfig -ActivateVPN:$false" essentially disables the Gateway Server. Which also disables the possibility of using an instant remote wipe.- Marked As Answer byMikhail Aleksandrov Friday, June 20, 2008 9:22 AM
- Proposed As Answer byAndreas Helland Friday, June 20, 2008 7:56 AM
I know that if you do not use the Gateway Server, that some MDM functionality is lost or disabled.
Does somone know the exact features that are lost in this scenerio ?
Thanks- As stated on the bottom of http://technet.microsoft.com/en-us/library/cc664626(TechNet.10).aspx, the features that you loose by not using a Gateway server are around the Alerter Service.
"The Alerter service on MDM Gateway Server receives alerts from MDM Device Management Server for urgent commands, such as a managed device wipe. The Alerter service verifies that the managed device is connected to the network. Without an MDM Gateway Server you cannot use the Alerter service and will lose the ability to perform a Wipe Now request on a managed device. You will still be able to initiate a wipe immediately upon the next connection."
So the wipe now functionality will not work, but the device will recevie the wipe during it's next sync.
Marco..- Marked As Answer byRiley, MarkAnswererFriday, June 20, 2008 6:27 PM
- Marco is spot on, wipe-now will be wipe on next connect
all other features are intact
