Configuring MobileIron

Configure MobileIron integration with the Connections Mobile app.

Before you begin

(Android only) Download the latest MobileIron-enabled version of IBM® Connections from the MobileIron download Connections for Android website and then upload the app to your MobileIron enterprise app store.

IBM Connections supports MobileIron VSP version 5.7 and higher. For more information about configuring MobileIron, see your MobileIron administration guide.

This task must be completed by your MobileIron administrator.

About this task

When a mobile device is managed by a mobile device management (MDM) product such as MobileIron, you can erase the data from the device if it is lost or stolen.
Tip: To erase Connections data only, follow the instructions in the Wiping app data from a device topic. To erase all data on a device and return it to its factory state, follow the instructions in your MobileIron product documentation.

If you plan to deploy the IBM Connections mobile app in an environment that is managed by MobileIron, you must specify the MobileIron App Configuration and the Container Policy.

If you deploy the Connections mobile app in an environment that is already managed by MobileIron, the Connections app automatically runs in a secure mode that is managed by MobileIron.

(Android only) Provide the following instructions to your users:
  1. Download and install the MobileIron Mobile@Work app from Google Play.
  2. Start the Mobile@Work app.
  3. From the Mobile@Work app, download and install the IBM Connections app.
(iOS only) If the Connections app was deployed before the MobileIron Mobile@Work app was installed on users' mobile devices, you must force Connections to switch from unmanaged to managed mode. To force this switch, set up your MobileIron App Configuration and Container Policy, and then provide the following instructions to your users:
  1. Download and install the Mobile@Work app on your device.
  2. If the Connections app is running, close it. If necessary, force the app to close. The app must be closed when you change the MDM state. The new MDM state is applied when the app is restarted.
  3. Open the Settings app on your device and open the entry for IBM Connections.
  4. Toggle Reset MDM State.
  5. Start the Connections app. When Connections is restarted, it detects MobileIron and runs in managed mode.
  6. Restart your device. The updated MDM policy is applied to the device.

To enable MobileIron integration with Connections, complete the following steps:

Procedure

  • Create an AppConnect App Configuration:
    1. Log in to the MobileIron VSP console and click POLICIES & CONFIGS.
    2. Click Add New > AppConnect > Configuration.
    3. Enter a Name and Description for this configuration.
    4. Identify the Connections app:
      • (Android only) Select IBM Connections from the Application identifier list.
      • (iOS only) Enter the following Application identifier for Connections: com.ibm.lotus.connections.
    5. In the AppTunnel section, enter the URL Wildcard and Port of the gateway in the DMZ that points to your Connections server.
      Notes:
      • The DMZ refers to a firewall configuration for securing the local area network where your Connections app server is located. Users can access the server only by first passing through the MobileIron Sentry URL.
      • The Port value refers to the port number of the gateway, not the Connections server. If you are not using a gateway, do not specify a port number.
      • You can specify either the URL of the Connections server, such as www.connections.example.com, or a wildcard URL, such as *.connections.example.com or www.connections.example.com*.
    6. Select the URL of your MobileIron Sentry.
    7. Specify the service type in the Service field:
      • (Android) Enter TCP_ANY.
      • (iOS) Enter ANY.
      Notes:
      • Android requires advanced tunneling, so you must enter TCP_ANY in the Service field.
      • If you already specified a wildcard URL, you must specify ANY or CIFS_ANY in this field.
    8. Select an Identity Certificate.
    9. Click Save.
    Note: You do not have to specify an App-specific Configuration for Connections.
  • Create an AppConnect Container Policy:
    Note: Your MobileIron configuration overrides the settings for the AllowCopyandPaste, AllowPrint, and AllowExport properties in the mobile-config.xml file.
    1. Log in to the MobileIron VSP console and click POLICIES & CONFIGS.
    2. Click Add New > AppConnect > Container Policy.
    3. Enter a Name and Description for this configuration.
    4. Identify the Connections app:
      • (Android only) Select IBM Connections from the Application identifier list.
      • (iOS only) Enter the following Application identifier for Connections: com.ibm.lotus.connections.
    5. Set policies for Print, Copy/Paste To, Open In, and Screen Capture. When you select the Open In policy, you can specify a list of allowed apps.
      Note: The policies that you can configure depend on the mobile operating system.
    6. Click Save.
  • Verify your settings:
    The Connections Mobile app is now in a managed state, provided that the following conditions are true:
    • The MobileIron VSP has both a Container Policy and an App Configuration.
    • The mobile device is registered.
    • The MobileIron and Connections apps were installed on the devices in the correct sequence (first MobileIron, then Connections).
    You can verify that Connections is managed by MobileIron by opening Help & Support under My Account. When Connections is managed by MobileIron, the MobileIron library version is displayed.

What to do next

For more information about MobileIron, go to the MobileIron website.