Unified Reporting with IBM Endpoint Manager and MaaS360

IBM has released a new extender for IBM Endpoint Manager (IEM) to MaaS360.  The extender (or connector) allows MaaS360 mobile device information to be accessible within IEM alongside PC, Mac and Server endpoints.  Hence the Unified Reporting capability.

The setup is relatively straightforward and the development team have created some excellent documentation here.   With some information provided by Fiberlink which is specific to your MaaS360 account, you’re ready to get started.

You start by activating the MaaS360 site and deploying the Management Extender for MaaS360.   I decided to use a dedicated virtual machine which was already an IEM relay in my test environment.

The only issue I came across was the information I received wasn’t correct for my MaaS360 account.   I was provided a Platform ID of 3, and the extender didn’t function after I configured it.  After re-confirming this with ops@fiberlink.com, they provided a Platform ID of 5 for my account.   The extender was then configured correctly, and a list of mobile devices from my MaaS360 account was displayed!

I’ve included a bunch of screen captures from the setting up the extender, to the list of devices, and drilling down to an iOS device and obtaining inventory information and sending commands to a device.

This capability allows clients to view a mixture of endpoint types from a single console.   I expect more integration will be progressively released over time.




Apple iOS 7 Mobile Device Management (MDM) feature list


Apple’s latest and greatest mobile operating system iOS 7, is now available.  From all reports, over 30% of all iOS devices were updated in just 16 hours!   I’m still making the adjustment to doing things a little differently than before.  I found it ironic that I needed to call on Google to find the answers I needed.  For example, like how do I search in iOS 7 or kill running apps.  Overall, I do like the new look and feel.

For organisations,  Apple has released a range of new Mobile Device Management (MDM) features too.  MaaS360 and IBM Endpoint Manager provided same day support for iOS 7 as per previous iOS releases.  Since IEM leverages a cloud service to distribute updates for Windows, Mac, Linux and Unix, it can update the product itself to leverage these new services immediately.

There has been a lot of great coverage on iOS 7 MDM from experts such as Jack Madden who has explained the key features and benefits.  I noticed that Apple has just updated it’s iPhone in Business web page to reflect iOS 7 too.

The key MDM features of iOS 7 are:

  • Open In management – Protect corporate data by controlling which apps and accounts are used to open documents and attachments
  • Per app VPN – Configure apps to connect to a VPN when launched
  • App Store License management – Companies can assign apps to their users while keeping full ownership and control over app licenses
  • New MDM configuration options – see below
  • Streamlined MDM enrolment – Devices can be automatically enrolled in MDM during activation
  • Enterprise Single Sign-on – Authentication can be done once to a number of applications

I haven’t yet found the ‘definitive list’ of iOS 7 MDM features, so I decided to put one together like I had for Samsung SAFE.  So companies and their staff then clearly know what features can be configured and controlled with iOS 7.  So here it is, if you have any omissions or corrections please let me know.

There are five new Apple iOS 7 configuration profiles:

  • AirPlay – Add Airplay devices and their passwords
  • AirPrint – Add Airprint printers
  • Font – adding Fonts.  Maybe if you have corporate Fonts on devices?
  • Single Sign-On Account – Define the SSO account and Kerberos rhelm name
  • Web Content Filter – Enable AutoFilter, whitelist bookmarks and blacklist web sites.  This article provided more details.

Then there is a range of detailed configuration items listed here:

  • Allow fingerprint to unlock device
  • Allow Account Modification (Supervised Only)
  • Allow Cellular data usage for Apps (Supervised Only)
  • Allow Host Pairing (Supervised Only)
  • Allow Wifi and Airplane Mode on Locked Screen
  • Allow Open Documents from managed to unmanaged apps
  • Allow Open Documents from unmanaged to managed apps
  • Allow over the air PKI Updates
  • Allow Airdrop (Supervised Only)
  • Allow Find My Friends (Supervised Only)
  • Limit ad tracking (Supervised Only)
  • Allow apps to autonomously enter Single App Mode (Supervised Only)
  • Allow Find my Friends (Supervised Only)
  • Allow Cloud Keychain Sync
  • Additional AppLock configuration settings
  • Lock Screen
    • Allow Access to Control Center
    • Allow Notification View in Notification Center
    • Allow Today View in Notification Center

As I do more testing with iOS 7, I’ll share my experiences and other applicable news on this blog.


Apple Wi-Fi Sync (iOS5) at home with VMware vSphere 5.0 (ESXi)

There’s a bunch of features I’ve really liked in iOS5, particuarly Wi-Fi Sync.     Since I wanted to centralise my music to my home server running VMware vSphere 5 (and a bunch of VMs),  I thought I’d also run iTunes inside my File Server VM (running Win2K8 R2).   My File Server VM could then tick away with iTunes running and download the latest podcasts each day.. nice !

My File Server VM automatically logs on when it starts.  I decided to do this for iTunes, but also apps such as Dropbox (which worked ok for a service for a while until it needed an update) and also FingerPrint.

OK, so I plugged in my iPhone into one of my home server’s USB 2.0 ports.  Within vCenter, I configured my VM and added a USB controller and then a USB device.  vSphere automatically detected the iPhone!  Yay!

With the latest iTunes installed, on the Summary tab scroll down and select the following:

I then ran a Sync on iTunes and when it’s completed,  I downloaded another bunch of podcasts on iTunes (something new for it to download).  I then plugged  iPhone and plugged it into another power source at home.   My iPhone then talked back to my iTunes (running on a VM on vSphere) and started sync’ing, just as I wanted!   See here:

My iPhone is now completely cable free, and the latest iOS 5.0.1 update (also cable free) worked flawlessly for me as well.   It will be interesting to see what the iTunes Match feature is like too, which doesn’t seem too far away.


To allow iTunes to automatically start without an error due “No Audio Device”    I needed to complete the following within my Win2K8 R2 File server VM, thanks to the following website:

1) Firstly run tsconfig.msc, click RD Session Host Configuration.

2) Under “connections” right click RDP-Tcp, under Properties choose “Client settings” tab  and uncheck “Audio and video playback”.

Then, I followed the instructions here about connecting to the VM with Audio remapped from my Remote Desktop Connection app and installed Virtual Audio Cable.   iTunes would then start without error.