This article describes how to set properties regarding environment variables for MobileIron connector in the smartid.env file. MobileIron is a Mobile Device Management (MDM) solution. The connector is used to provision certificates to a mobile device via the MDM. The MDM is addressed using a SCIM export.
In this article, <SMARTIDHOME> refers to /home/nexus, but this can be different depending on the setup.
- The Smart ID version must include SCIM export (applicable for versions from 22.04.x and later).
- Got to the MobileIron application and open the admin panel.
- Navigate to Policies & Configs and click the Add New ->Certificate Enrollment ->User-Provided button.
Users in MobileIron:
- After configuring the LDAP connection in MobileIron, you need re-sync of the existing user. There is no entry from LDAP to MobileIron automatically imported.
- Open the environment file <SMARTIDHOME>/compose/smartid.env for editing.
- Set the properties for the following three variables to fit your deployment:
- If you run Identity Manager without docker, use the following properties in mdm-connection.properties to set up the MobileIron properties:
The actual data export to the Mobileron connector will be configured via SCIM export in Smart ID Identity Manager.
For provisioning of certificates, you need to use a SCIM export. For each "container" in MobileIron there needs to be one export.
- Log in to Identity Manager Admin and open Export Definitions. There is already pre-defined export definition for MobileIron, but if not, you can create a new one. For more information, see Set up data export to external data source from Identity Manager.
The default properties for the MobileIron connector, set in smartid.env, can optionally be overridden by setting three extra variables in the process map, prior to the SCIM export. This allows to access multiple MobileIron instances, by sending the connection parameters dynamically via the BPMN process configuration.
- scimServerUrl - specifies the MobileIron instance that the connector will connect to
- scimServerUsername - the username for the MobileIron server
- scimServerPassword - the password for the MobileIron server