No Matches Found!
Try with a different search term
No Matches Found!
Try with a different search term
There's a new home for Articles. Find Articles on Our Product Support Page.
Since there is absolutely no documentation on this I thought I’d share this with everyone. Log into Azure AD and create a group and add a user Enterprise Applications – New Application Search for and add MobiControl Go to the MobiControl application – Users and Groups Add the group you just created Go back to the Azure portal – App registrations Select MobiControl – if you can’t find it, check under «All applications» Certificate & Secrets New client secret Copy «Value» - this is the client secret and will only be shown once API permissions – add the following – note the difference between Application and Delegated ReadWrite.All > ApplicationDirectory.ReadWrite.All > ApplicationDirectory.Read.All > ApplicationGroup.Read.All > DelegatedUser.Read.All > DelegatedDirectory.ReadWrite.All > Delegated Click on «Grant admin consent for…» Go to MobiControl – Global Settings – Services – Directory Select + on Azure Directories Name – can be anything Microsoft Graph API Address – https://graph.microsoft.com Select + on Azure Tenant ID Name – can be anything Azure Tenant Name – this is the primary domain you see in the Azure AD Overview Azure Tenant ID – Tenant ID in the Azure AD Overview Metadata Endpoint Address – you’ll find this under App Registrations – Endpoints – Federation metadata document Select + on Application Name Application name – can be anything Client ID – you’ll find this under Enterprise Applications – MobiControl – Application ID Client secret – the value you copied on step 9 a Save To test, do the following: In MobiControl – Users and Permissions - Groups - + Search for the group you added earlier – if you find it, it works Search for additional groups in Azure to verify connection Troubleshooting: To troubleshoot, check MS log and search for the Client ID. There will most likely be an understandable error message.
I'm looking for a way to view, whether it be through the device name or in the details pane/overview table, what user logs into a modern Windows device. Our users authenticate through Azure AD and we do not utilize an LDAP, so I can't assign users to these devices. We also don't use shared devices, each user is assigned a device for their sole use. Other users are still capable of logging into any of our Windows devices, but the only time that ever occurs is if I need to log in to run and admin task. I also looked into available variables for device name/hostname, but there didn't appear to be a variable available to get the user information I need. Does anyone have any suggestions for how I can best view which O365 user has logged into/is using a modern Windows device?
Hello MobiControl: 15.5.1 iOS: 15.5 2. attempt at creating a post since it is not possible to edit after posting. iOS device has been enrolled as unsupervised, device enrolment with user authentication. App policy installs Outlook and other necessary apps, Conditional Access authorizes access. Customer has trouble synchronising contacts between Outlook on Windows, Outlook on their iPhone and their personal contacts in the Contacts-app. When they go to the Contacts-app on the phone, they only see contacts created on their phone, not contacts from Office 365 or contacts they have created in Outlook on their computer. They want everything to synchronise between each other, like it did before they enrolled their iPhone. I contacted SOTI Support, they had no idea how to fix this. Which is strange since it should be a pretty widespread problem. I have tried with Outlook Managed App Config. I manage to get everything working, except the keys in bold. I have tried different formats like true/ and true, but no success. Like always, little or no documentation is available from SOTI. I have also thought about Exchange Active Sync. Maybe this could synchronise contacts only, while Outlook takes care of emails and calendars. <dict><key>com.microsoft.outlook.EmailProfile.EmailAccountName</key><string>Office 365</string><key>com.microsoft.outlook.EmailProfile.EmailAddress</key><string>%ENROLLEDUSER_EMAIL%</string><key>com.microsoft.outlook.EmailProfile.EmailUPN</key><string>%ENROLLEDUSER_USERNAME%</string><key>com.microsoft.outlook.EmailProfile.ServerAuthentication</key><string>Username and Password</string><key>com.microsoft.outlook.EmailProfile.AccountDomain</key><string>%DOMAIN%</string><key>com.microsoft.outlook.EmailProfile.ServerHostName</key><string>outlook.office365.com</string><key>com.microsoft.outlook.EmailProfile.AccountType</key><string>ModernAuth</string><key>IntuneMAMAllowedAccountsOnly</key><string>Disabled</string><key>IntuneMAMUPN</key><string>%ENROLLEDUSER_USERNAME%</string><key>com.microsoft.outlook.Contacts.LocalSyncEnabled</key><true/><key>com.microsoft.outlook.Contacts.LocalSyncEnabled.UserChangeAllowed</key><true/></dict>
I have been testing a new EDA52 I have and have noticed when enrolling on my 15.2.2.1080 Mobicontrol server I have no Remote/View icons available. The list of supported APIs is also not shown on the device dashboard. No combination of plugins/agent versions or scripts have worked ie . _resetfailedrcdetectionflag restartagent retryrcdetection I have enrolled this same device as a test on to my 15.5.1.1010 server and sure enough Remote control works on this one! As far as I can see I'm using the same agent version/plugins on both servers Agent version 15.2.0.1025 Plugin version 1.19.2.118 The supported APIs shown on the new server are below but as I said this section is missing on the older server. Supported APIs RC Virtual Display, Work Managed Device, Advanced Android Plus 1.18, 1402, 1500 Does anyone have any ideas or have come across this before? Many thanks
Since the initial launch of Soti Discussion forum some 3 years ago, newest posts are always ordered in chronological order in the main pane, allowing anyone to check the latest posts easily with virtually no effort. It is a misfortune the UI has been redesigned such that the posts are based on the initial date of the discussion thread rather. Any number of followed up posts will be hidden under the thread. Hence, a follow-up post sent today on a thread started 2 years ago will be hidden under the discussion thread entry hundreds of row down. Who on earth has the time to go down to each past disccussion thread to see if there is/are any follow-up post(s)? None of the ten Soti Moderators responds to my brought-up concern posted twice in the last two plus weeks. Should I mail directly to the CEO to tell him about this nonsense UI design and inaction of his staff?
Assuming Managed Google play has already been assigned to MC and some applications from the wider public google play are present in an app policy. In the case where we have private applications, does anyone have an opinions/best practise/know of difference/limitations between deploying these applications via Enterprise App deployment vs Adding them as a Private application to Managed google play. Thanks in advance Adam
Title Basically, we are trying to enroll some Galaxy Tab As into SoTI MobiControl using Samsung Knox Mobile Enrollment profile but when the tablets come back up and attempt to enroll in SoTI it does not seem to be passing through the Enrollment ID and if the ID is typed in manually we get an enrollment failed error. This works fine when we include a WiFi network to connect to but does not work over mobile data. Hoping to see if someone else ran into a similar issue and knows a possible solution or a way to troubleshoot the tablet as it is being enrolled.
We deploy all our Android applications using Android Enterprise Managed Google Play Accounts. We've authorised Juice SSH to be installed via the play store, however we want to purchase the Pro Version and deploy this. Speaking with the Juice SSH themselves they've advised it needs to be linked to a Google account which I'm unsure exactly how to do this?? Please could someone help.
I am using SOTI to manage TC52+ devices on Android 10 and need to lock the screen orientation when using SOTIsurf. When i send the scrip (lockdownorientation portrait) to lock orientation the lockdown screen locks but not the Sotisurf.
Hello, I've recently managed to make my devices communicate with my local MobiControl server (On Premise) by configuring my firewall to allow the ports 444 (the one I use for the deployment server, my WebConsole is listening on port 443) and port 5494. Now I want to enroll my devices from the Internet and when I try to enroll from my local network, the device is enrolled sucessfully but when I do it from the Internet, the enrollment fails. The step where it fails is right after the SafetyNet step. In the logs of the Deployment Server Extensions, I get an error saying that a certain parameter "s" can't be null (System.IO.StringReader..ctor(String s)). Is there a way to fix this problem? The MobiControl product version I work on is 15.5.
We are currently trying to setup an test whit Windows 10 (Tablet Mode) and Windows Modern in MobiControl but are having different issues, the goal is to have a more locked down user tablet whit Web applications. After enrollment we set an profile whit "Configurations" and a simple edit: We choose "Allowed Applications", in this case we are testing whit MS Edge on a Windows 10 Pro (21H1) device: Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge As for "Start Menu" we just set an URL, when log in om the KIOSK user just created we get the shortcuts but Edge for example does not show any picture og icon. If we add "Calculator", this shows up whit icon and shortcut also works, pressing the Edge shortcut then nothing happens, seems that shortcut does not find Edge as anly application on the information in "Pre-defined Applications". Looking at the AUMID both in MobiControl and on the device is seems to correct, also tried install Edge again form MS Store but no luck. Anyone have an idea on why shortcut does not show up or this type of configuration? MobiControl Version - 15.4.1.4828
Hi, Customer has TC26 devices on Android 11. Enrolling via Zero Touch into Mobicontrol 15.5 Enrollment is fine and Mobicontrol works well, however, when I send a wipe command to the device, I expect it should wipe, start back up and re-enroll with Zero Touch. However, the behaviour seems to be that the device thinks it's already managed by Mobicontrol but still goes through the Zero Touch setup screens. This then fails and asks be to restart the device. So alternatively, I tested factory resetting the device with Zebra Factory reset file and script. This however leads the device to not follow Zero Touch at all until the device is at the Anroid Homescreen, at which point the device gets the normal Zero Touch message about being managed and needing to factory reset in 1 hour to get the device under managment. In Summary, wiping an enrolled TC26 on Android 11 does not show a desired or expected behaviour. Has anyone else experienced this who could advise what I should be doing differently? Happy to provide more info where required. Cheers
Hello Guys, We are planning to upgrade our SOTI Mobicontrol from 15.4.3 to 15.5.1. We have On-pre server and last time we upgraded 15.5.0 and faced lots of problem then rolled back. Kindly suggest what are the things need to be consider before upgrading Mobicontrol 15.5.1. Do we need to re-enroll devices. We have maximum Android zebra devices TC51, TC52, TC52x and TC57. Thanks in advance.
wo wird die Berechtigung für Konfiguration -> Profile anzeigen gesetzt
Hi, I'd like to be able to limit certain users/roles/groups to accessing the saved script list. Some scripts that are saved should be admin level only or are specific for certain roles or customers. I was looking around in the general permissions for roles/groups & users and didn't see anything, but I was curious if there were any security permissions around saved scripts? I found the permission where users can't manage the scripts like add new ones or delete them, but nothing for limited user access to the saved scripts. The user would still need to be able to send ad-hoc basic scripts. I wasn't sure if there was a workaround for this or if anyone had other thoughts on the topic?
Top-tier experts who are delivering outstanding content. Should have more than 7000 points.
Experts who are consistent with great content. Should have more than 1000 points.
Highly experienced members with valuable inputs. Should have more than 700 points.
Beginners taking the initiative. Should have more than 500 points.
New contributors starting their journey. Should have more than 250 points.
