Add MDM Integration to GroundControl

In this section, you will access both the Workspace ONE UEM console and the GroundControl console to create an API Integration.  You'll leverage this API integration to create a workflow that will automatically enroll and unenroll the device into Workspace ONE UEM.

1. Access Workspace ONE UEM Settings

From the workstation where you are taking the Hands-on Lab, return to the Workspace ONE UEM console in Google Chrome:

  1. Click Groups & Settings
  2. Click Settings

2. Access Automated Enrollment Settings

  1. Expand Devices & Users
  2. Expand Apple
  3. Click Automated Enrollment
  4. Click Override

3. Save Automated Enrollment Settings

Scroll down to find the additional Automated Enrollment settings.

  1. Click Enabled
  2. Click Apple iOS
  3. Click Single User Device
  4. Select Default Staging User (Default Staging User)
  5. Click Save

4. Export Automated Enrollment Profile

  1. Scroll down to the bottom of the Automated Enrollment Settings page
  2. Click Export

NOTE:   If you are performing these steps on a Mac, macOS may attempt to install the MDM profile.   Ensure you click Cancel if prompted to install the MDM profile as this step is not intending to enroll macOS.

5. Access Rest API Settings

  1. Expand System
  2. Expand Advanced
  3. Expand API
  4. Click REST API
  5. Ensure you view the General tab
  6. Note the REST API URL - you will need this in a later step.
  7. Find the API Key for the AirWatchAPI service. Double-click the API Key value to select it, then right-click.
  8. Click Copy.
  9. Click Close.

6. Add MDM Integration in GroundControl

Return to the GroundControl Console:

  1. Click ADMIN
  2. Click MDMs
  3. Click +Add
  4. Select VMware AirWatch

7. Add MDM Details

  1. Change the MDM Name to HOL
  2. Click Upload
  3. Click Downloads
  4. Select the Automated Enrollment Profile (e.g. AirWatch-<YourVLPEMailAddress>.mobileconfig)
  5. Click Open

8. Enable API Integration

  1. Click the Slider to turn API Integration ON
  2. Enter the Host (not the full URL) from the Workspace ONE UEM REST API settings page, which is as350.awmdm.com.
  3. Enter your VLP Email Address as the API User.  This is the same email address you used to login to the Workspace ONE UEM and GroundControl consoles.
  4. Enter VMware1! as the API Password.
  5. Paste the API KEY you copied from the Workspace ONE UEM Rest API settings page
  6. Click Test
  7. Ensure you receive Test Connection: OK status from the test
  8. Click Save

For simplicity, this lab uses your HOL Administrator credentials to authenticate the API integration.  In a typical test/production scenario, UEM/GroundControl administrators are highly encouraged to create a dedicated API user with appropriate role-based  permissions.  

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.