Open topic with navigation

Kony Management Windows Install Guide: Windows Server setup > Kony Windows Mobile 6.x Group Policy service installation

Kony Windows Mobile 6.x Group Policy service installation

As mentioned in http://technet.microsoft.com/en-us/library/dd261866.aspx a machine that supports GPMC has to be in the domain in which SCMDM 2008 server is installed. To support Windows Mobile 6.x devices on EMM, Group Policy service must be installed.

Important: This service has to be installed on the machine that supports group policy management. This machine should be accessible to SCMDM 2008 machine. It need not have a public IP and can remain with in the corporate domain.

The Installation file can be downloaded from the developer portal.

  1. Enable PowerShell scripts to run on Group policy machine. For more information visit the page.

  2. Install InstallerGPMCMDM.msi on the machine as per below section:

    Service Configuration: This section defines the parameters for GP service with which it will be started.

    1. (URL):  Address on which service will listen to the requests.
    2. User Name and Password : Valid credentials are required to install the MDM service.

      Kony Server Configuration:

      This section defines the credentials of Kony Server User that is used to generate the HashKey to validate the requests.

      • Once Install button is pressed, installer will install the GPMC service along with its Config.xml file. Install it in the machine and start the service.
      • Once the service is started, it will serve the request on URL configured during installation.
      • To validate the request, once the request reaches to the GPMC service, service uses the Kony Server User credentials defined in config.xml and generate the hash key at its end. Once hash key is generated by MDM service, it matches it with hash key received in request. That is the process of authentication under the hood
  3. Go to the installation directory on the machine on which GP Server 2008 was installed. A "Config.xml" file is found with a layout similar to:-

    <Config>
    <UserName>KonyServerUser</UserName>
    <Password>Password</Password>
    <ServiceUserName>KH1446</ServiceUserName>
    <ServicePassword>Password#123</ServicePassword>
    <QueueSize>200</QueueSize>
    <Logging>true</Logging>
    <MDMInstance>mdm1</MDMInstance>
    <MDMServerUrl>https://*:8878/</MDMServerUrl>
    <PolicyServerUrl>http://gpmc.pftest.local:8883/</PolicyServerUrl>
    <PolicyServerCallbackUrl>http://winmdm.pftest.local:8585/</PolicyServerCallbackUrl>
    </Config>

    Explanation for the configuration parameters values:

    • UserName and Password:  These parameters get configured with the value provided during installation. Refer Step number 4 for more information.
    • ServiceUserName and ServicePassword: These parameters are configured with the value provided during installation. Refer Step number 4 for more information.
    • Queue Size: This is the size of the queue maintained by this service for asynchronous processing. Enter a convenient value. If the queue gets full, the service is denied to the clients.
    • Logging: Make it true if windows event logging is needed, else false.
    • MDMInstance: During the MDM Server installation, a MDM Instance name is given. Give that instance name here.
    • MDMServerUrl: Enter the server DNS or IP here along with port on which this service is supposed to listen. If https is used, refer to the step number 5 for binding SSL port with a certificate.
    • PolicyServerCallbackUrl: This is the same machine as MDMServerUrl except that it must listen on a different port. Choose a different port.
    • PolicyServerUrl: This is the DNS/IP of the machine on which group policy execution is enabled. Give the DNS/IP and Port on which the group policy will be launched.

    Open the windows logs and check for any errors. If no errors, the service will start listening incoming connections on PolicyServerUrl. If any error is found, the service will not work as desired. It may even stop.

    Note: Ensure that the port given is proper and also the DNS/IP is accessible in the domain.

    Important: If Config.xml needs to be changed for any reason, before making the changes, stop the service using stopService.ps1. Make the changes and use restartService.ps1 to restart the service.

  4. The Kony MDM Console requires the PolicyServerUrl as mentioned in the Config.xml files in installation path. Note this URL and use it in Kony MDM Console.

  5. To bind a port with a SSL certificate for secure communication (https):

    1. For windows 2003 download "Windows 2003 SP1 Support Tools" from this page.

      These tools contain a tool called "httpcfg.exe" which allows to bind a port with a SSL Certificate. Information about this tool is mentioned on this page.

      For newer OS "httpcfg.exe" is obsolete and replaced with "netsh.exe" as given on this page.

    2. For newer OSes (2008, Vista) powershell command can be used to bind a port with SSL Certificate. More information is given on this page.
Copyright © 2018 Kony, Inc. All rights reserved.

Open topic with navigation