In part 3 of this series, we will continue with configuring company’s directory sync with Blackberry UEM cloud.
- Part 1 – Introduction, Prerequisites, and Setup
- Part 2 – Install and Configure Blackberry Connectivity Node
- Part 3 – Configure AD sync with Blackberry Connectivity Node (you are here!)
- Part 4 – Configure Push Notification with BlackBerry Enterprise Mobility Server (BEMS)
Just to reiterate, the Blackberry Cloud Connector within the Blackberry Connectivity Node provides the following function (taken from Architecture and Data Flows Reference Guide
For your reference, here’s the link I follow beginning with step 13. I will show you the steps related to Microsoft Active Directory.
Before proceeding further, be sure to choose a directory account with read permissions that the BlackBerry Cloud Connector can use to access the company directory.
On the Blackberry Connectivity Node, navigate to http://localhost:8088. For some reason, however, I’m not able to access this link remotely. Instead, I receive the error below.
Under Directory type, click on the drop-down arrow and select Microsoft Active Directory. Then click Configure
Fill in the info as shown. In most cases, you can leave the others as the default values. Then click Save.
If you receive the prompt below, re-check the information you entered and try again. It could be incorrect user credential or domain.
Otherwise, you should see the green check marks under the applicable field(s).
To confirm the connection is successful, log onto your Blackberry Cloud tenant. Then, browse to Settings -> External integration -> Company directory. You should see your instance of Blackberry Connectivity Node there.
You may notice that the instance name is the same as the friendly name you entered previously during initial configuration. This is by design and will always reflect the friendly name of the first connectivity node you set up. If you have more two or more connectivity nodes and the first connectivity node becomes offline for whatever reason (i.e. scheduled maintenance, site outage, etc.), this instance name will still remain the same. Rest assure Blackberry NOC will connect to another connectivity node within your organization and continue to perform the company directory sync. Once connectivity is restored with the first node, UEM cloud will resume syncing against the first node.
What good is this connection setup without knowing that it does work? To find out, let’s first create a group or two in Microsoft Active Directory that we wish to sync with Blackberry UEM cloud. Then, follow the steps outlined in this link. For clarification, I will share the steps in detail below.
First, go to Settings -> External integration -> Company directory. Then, click on your company directory under Directory connection.
The remaining choices really depend on your need. At the very least, I recommend checking off Enable onboarding under Sync settings to streamline the enrollment process.
Don’t forget to add a synchronization schedule as well while you are at it.
Instead of waiting for the scheduled sync, let’s perform a sync manually. Afterward, you can click on the Last report to review the result.
Similar to on-premise setup, only the users within the directory-linked group are added to UEM cloud. However, the directory-linked group itself is not added. You have to take extra steps to add the directory-linked group to UEM cloud.
Go to Groups and follow the screenshots below.
Members of the group will still not show correctly after it’s added. You will need to perform another manual sync or wait for the scheduled sync to complete.
In part 4 of this series, we will continue configuring push notification with BlackBerry Enterprise Mobility Server (BEMS) within Blackberry UEM cloud.