Thanks Bin.
Have been playing with this and the setup on the Extreme side seems pretty simple, in that I just needed to enable the MDM module in connect, put in the credentials to talk to the API and leave everything else as default.
Just created three rules in NAC ass follows:
MDM Business -> End-System (Managed Mobile Devices Business) -> Allow Profile
MDM Personal -> End-System (Managed Mobile Devices Personal) -> Allow Profile
MDM Decommissioned -> (Managed Mobile Devices Decommissioned) -> Deny Profile
Also followed the instruction in the 'Install Guide Extreme Connect 2016' for setting up web registration for custom 'Register with MobileIron' button.
The problem I seem to be experiencing at the moment is what looks to be a rights issue on MobileIron. To validate that I used the 'Postman' addin in Chrome and simulated connecting to the MobileIron API.
To do that if you go to the link below inside Postman:
https://MDMSERVER/api/v1/dm/devices/
Set the Authorisation to type 'Basic Auth' and enter the username and password configured on MobileIron. Then go to the 'Headers' tab and enter the following:
"Accept" : "application/xml"
Once done, update request and send.
The problem I am then getting is the following:
Some screenshots below. Have set the account in MobileIron to be able to use API. The MobileIron version is 9.4.
The Debug messages when enabled on the MDM module show the following error:
2017-10-06 11:34:46,816 ERROR [com.enterasys.fusion.modules.MobileIronHandler] org.xml.sax.SAXParseException; lineNumber: 10670; columnNumber: 31; An invalid XML character (Unicode: 0x17) was found in the element content of the document.
So if anyone is familiar with this issue, or has a step by step guide in how to setup API user rights / access for MobileIron v9.4 that might help?
If I finally get it working in the meantime I'll post the steps.
Thanks
Have been playing with this and the setup on the Extreme side seems pretty simple, in that I just needed to enable the MDM module in connect, put in the credentials to talk to the API and leave everything else as default.
Just created three rules in NAC ass follows:
MDM Business -> End-System (Managed Mobile Devices Business) -> Allow Profile
MDM Personal -> End-System (Managed Mobile Devices Personal) -> Allow Profile
MDM Decommissioned -> (Managed Mobile Devices Decommissioned) -> Deny Profile
Also followed the instruction in the 'Install Guide Extreme Connect 2016' for setting up web registration for custom 'Register with MobileIron' button.
The problem I seem to be experiencing at the moment is what looks to be a rights issue on MobileIron. To validate that I used the 'Postman' addin in Chrome and simulated connecting to the MobileIron API.
To do that if you go to the link below inside Postman:
https://MDMSERVER/api/v1/dm/devices/
Set the Authorisation to type 'Basic Auth' and enter the username and password configured on MobileIron. Then go to the 'Headers' tab and enter the following:
"Accept" : "application/xml"
Once done, update request and send.
The problem I am then getting is the following:
HTTP Status 403 - Access is denied
You are unauthorized to access this page.
Some screenshots below. Have set the account in MobileIron to be able to use API. The MobileIron version is 9.4.
The Debug messages when enabled on the MDM module show the following error:
2017-10-06 11:34:46,816 ERROR [com.enterasys.fusion.modules.MobileIronHandler] org.xml.sax.SAXParseException; lineNumber: 10670; columnNumber: 31; An invalid XML character (Unicode: 0x17) was found in the element content of the document.
So if anyone is familiar with this issue, or has a step by step guide in how to setup API user rights / access for MobileIron v9.4 that might help?
If I finally get it working in the meantime I'll post the steps.
Thanks
