Migration of SOTI MobiControl Instance Between SOTI Identity Tenants

Customers with access to multiple SOTI Identity tenants may find it necessary to transfer their SOTI MobiControl instance from one tenant to another. While this is possible, they should proceed with caution to prevent loss of access during the transition.

Note: Fresh local user and group creation will be required in the new tenant. Any IDP configuration that was added in previous tenant will also need to be created.

Ensure the existing assignments and user groups have been recorded if they are needed on the new SOTI Identity Tenant. You can find more information in the following help documents: Application Management (soti.net), Remove an Application (soti.net)

The customer needs to be a SOTI Identity administrator in both the old and the new SOTI Identity tenant. The customer should also be an administrator on the SOTI MobiControl instance.

1. Access the SOTI MobiControl instance and create a local administrator account. You can find more information in the following help document: Creating Users (soti.net).

2. Using the main menu, navigate to Global Settings (soti.net) > Console Settings > Authentication Options (soti.net). Select MobiControl for the Authentication Type and select Save.

Note: If you lose your local account credentials, you will lose access to SOTI MobiControl following this change due to an automatic logout. In such cases, please reach out to SOTI Support who can assist you in regaining access.

3. When prompted, login using the local admin account.

Note: Remove any reference to SOTI Identity prior to moving to next step. This includes SOTI Identity user assignment, enrollment policy, filters, etc. Finally, there is no reference to SOTI Identity in SOTI MobiControl configurations.

4. Using the main menu in SOTI MobiControl, select Global settings > SOTI ONE > SOTI Identity. Turn off the Enable SOTI Identity toggle and select Save.

Note: If there is an error while disabling SOTI Identity from SOTI MobiControl, there are still some dependencies of SOTI Identity in SOTI MobiControl instance. Contact SOTI Support for assistance.

5. In a new tab, access the original SOTI Identity tenant on identity.soti.net.

6. Using the main menu, select Applications. Delete the current SOTI MobiControl application.

Note: User and group assignments in the old SOTI Identity tenant will be removed in this step. Assignments and user groups (if does not exist) will need to be recreated on the new SOTI Identity tenant.

7. Log in to the new SOTI Identity Tenant.

8. In the Applications section, create a New application and select SOTI MobiControl. You can find more information in the following help document: Add a SOTI MobiControl Instance.

9. Give the SOTI MobiControl instance a name and select Add and generate credentials.

Note: A new dialog with the URL, client ID, and secret appears on the screen. Save these credentials in an editor to use later.

10. Using the main menu on SOTI MobiControl, select Global Settings > SOTI ONE > SOTI Identity and turn on the Enable SOTI Identity toggle and enter the client ID and secret copied earlier. Select Save.

11. In SOTI Identity, assign the newly created SOTI MobiControl application to users or user groups who would need access to the SOTI MobiControl instance. You can find more information in the following help document: Assign Applications to Users (soti.net)

Disclaimer: If there is an error when trying to assign users or groups, please contact SOTI Support for further assistance. Proceeding to the next step without completing user/group assignments may block access to SOTI MobiControl.

12. Using the hamburger menu on SOTI MobiControl, select Global settings > Console Settings > Authentication options. Select SOTI Identity for the Authentication Type and select Save.

Note: You or any logged-in users will be logged out after saving the change and redirected to SOTI Identity for login.

13. Log in to the new SOTI Identity tenant and verify that SOTI MobiControl is accessible.

Confirm that assigned users from the new SOTI Identity tenant can access the SOTI MobiControl instance.