Export (0) Print
Expand All

Overview of MDM Management Console

2/9/2009

Mobile Device Manager Console is a Microsoft Management Console (MMC 3.0) snap-in. The console provides a familiar graphical user interface for controlling managed Windows Mobile devices, and for managing MDM Gateway Server.

MDM Console enables you to perform the following administrative tasks:

  • Create pre-enrollment requests
  • View pending enrollments
  • View managed device information
  • Wipe managed devices
  • Block managed devices from connecting to MDM Gateway Server 
  • Manage MDM Gateway Server 

MDM Console translates the tasks that you specify into MDM Shell cmdlets. When you specify a task from MDM Console, the console generates a PowerShell script to implement that task by using cmdlets. You can use MDM Shell to call cmdlets directly, or use cmdlets in PowerShell scripts to automate complex or repetitive administrative tasks. For more information about MDM Shell and cmdlets, see MDM Shell.

MDM Console is installed with MDM Administrator Tools. You can install and run MDM Console on MDM Device Management Server, MDM Enrollment Server, or any workstation that is in the same Active Directory forest as the MDM server components.

The user interface (UI) for MDM Console consists of a three-pane window.

The navigation pane is the leftmost pane. It displays a hierarchical view of MDM components that you can manage from MDM Console. The major nodes in the navigation pane, in Mobile Device Manager, are Device Management for managed devices, Servers for installed servers, and Gateway Management for MDM Gateway Server. Sub-nodes, if present, expose information about the individual components and the actions that you can perform on these components.

The details pane is the center pane. It displays a list of objects associated with the node selected in the navigation pane and provides information about these objects.

The actions pane is the rightmost pane. It displays the list of actions that are currently available to you, based on the items selected in the navigation pane and in the details pane. These actions are also available by right-clicking the item in the details pane.

Dd261807.note(en-us,TechNet.10).gifNote:
You can also perform commands that are available in the Actions pane if you right-click the selected item in the details pane.

Creating Filtered Lists in the Details Pane

You can filter the data in the details pane to create a selected list based on criteria that you specify.

To filter data in the details pane in MDM Console
  1. Select the component from the navigation pane that you want to display, and then in the details pane, select Create Filter. A query builder appears.

  2. Select the term that you want to filter from the leftmost list, and then select the operator from the center list of the query builder. Type the filtering expression in the box on the rightmost side.

  3. If you want to make the filter more restrictive, select the Add Expression link. A second group of fields appears. You can enter a total of 10 expressions.

  4. Choose Apply Filter to attach the filter to your query. It will appear every time that you return to the component in which you created the filter.

  5. To delete the filter, choose Remove.

Device Management

In the navigation pane, expand Device Management to view managed device information, perform device wipes, block and unblock devices, view pending enrollments, and create enrollment requests.

All Managed Devices

In the navigation pane, select All Managed Devices to view a list of all managed devices. The list appears in the details pane. In the Actions pane, choose Refresh to update the list. Or, right-click All Managed Devices and then select Refresh. In the details pane, choose Create Filter to filter the list of managed devices. For more information, see Creating Filtered Lists in the Details Pane.

You can view details for a specific managed device by selecting the device from the list. Information for the selected managed device, such as application settings, proxy settings, and installed certificates, appear on tabs in the lower half of the details pane.

Dd261807.note(en-us,TechNet.10).gifNote:
This may include personally identifiable information. Take appropriate precautions against unauthorized access to this information.

The following table shows actions that you can perform when you select a managed device in the All Managed Devices list.

Action Description

Block/Unblock Device Connections

On the Device Status tab, if Blocked is set to No, selecting this action will block the device. That is, it prevents the device from establishing a connection through MDM Gateway Server.

If the status of the managed device is blocked, that is Blocked is set to Yes, selecting this action will unblock the device.

Update Device Details

Obtains updated managed device information that appears on tabs in the details pane.

Wipe Now/Cancel Wipe

On the Device Status tab, if Wipe Status indicates Not Found or Expired, MDM will allow the submission of a device wipe request. A successful wipe will reformat the device memory and removable storage card, if one is present on the managed device, and then revoke the device enrollment.

On the Device Status tab, if Wipe Status indicates Pending or Retrying, MDM will allow the wipe request to be canceled.

Display Recovery Password

An administrator can retrieve a one-time recovery password to enable a user, who has forgotten his or her device password, to access the device and reset the device password.

Blocked Devices

In the navigation pane, select Blocked Devices to view the list of managed devices that are currently blocked. In the details pane, you can choose Create Filter to filter the list of blocked devices. For more information, see Creating Filtered Lists in the Details Pane.

The following table shows the action that you can perform on a managed device that you select from the Blocked Devices list.

Action Description

Unblock

Enables a managed device that has been blocked to reestablish a connection through MDM Gateway Server.

Pending Enrollments

In the navigation pane, select Pending Enrollments to view the list of pre-enrolled devices. You must pre-enroll a managed device before it can connect to MDM Enrollment Server. In the details pane, you can choose Create Filter to filter the list of pending enrollments. For more information, see Creating Filtered Lists in the Details Pane.

Dd261807.note(en-us,TechNet.10).gifNote:
A device is not fully enrolled until the device owner finishes the enrollment process on the device. After the device fully enrolls, it will appear in All Managed Devices instead of Pending Enrollments.

During pre-enrollment, you create an enrollment request. This process generates a unique password for each device. You can specify that the password be e-mailed to the device owner, if the owner has an e-mail address on file.

You can pre-enroll a new device from MDM Console. To pre-enroll a device, in the actions pane, select Create Pre-Enrollment. This will start the Pre-Enrollment Wizard.

The following shows the action that you can perform on a device selected from the Pending Enrollments list.

Action Description

Cancel Enrollment

Removes the enrollment request for the device from the Pending Enrollments list in the database.

Recent Wipes

In the navigation pane, select Recent Wipes to view the list of device wipe requests and their status. In the details pane, you can choose Create Filter to filter the list of recent wipes. For more information, see Creating Filtered Lists in the Details Pane.

The following table shows actions that you can perform on a device selected from the Recent Wipes list.

Action Description

Cancel Wipe

Attempts to cancel a scheduled device wipe by removing the wipe request from a list stored in a database on MDM Device Management Server.

By default, you can cancel a wipe request if the status of the wipe request is Pending or Retrying.

You cannot cancel a wipe request that has already been sent to the managed device.

You cannot cancel a wipe request if the status of the wipe request is Expired, Failed or Succeeded.

Wipe Device

Starts a device wipe request. This action only applies to managed devices on this list that have a wipe status value of Failed or Expired.

The Wipe Status values are Expired, Failed, Pending, Retrying, and Succeeded.

The following describes the wipe request status conditions.

Wipe Status Description

Expired

The wipe request has expired because the managed device did not connect in a pre-determined time.

Failed

The managed device reports that the wipe try has failed. That is, the request was sent to the managed device but the wipe failed.

Pending

This is this state from the time that the request is initiated until the managed device reports success or failure, or the request expires.

Retrying

Resending the request after the managed device reports that the previous wipe request failed.

Succeeded

The device was successfully wiped.

Servers

In the navigation pane, expand Servers to view a list of installed MDM server roles. You can view the server name and version numbers.

Dd261807.note(en-us,TechNet.10).gifNote:
You can perform configuration changes to server roles by using cmdlets. For more information, see MDM Shell.

Gateway Management

In the navigation pane, expand Gateway Management to view the MDM Gateway Server list. In the details pane, you can choose Create Filter to filter the list. For more information, see "Creating Filtered Lists in the Details Pane" in this document.

The status for each computer that is running MDM Gateway Server appears in the details pane under Sync State. The following lists the possible status conditions.

State Description

Initializing

A new MDM Gateway Server was added but the Mobile Device Manager Gateway Central Management has not contacted it.

Up to date

MDM GCM successfully updated MDM Gateway Server.

Error

MDM Gateway Server could not submit one or more messages.

Unreachable

MDM GCM could not contact MDM Gateway Server. The cause may be from a networking problem between MDM GCM and MDM Gateway Server.

To add MDM Gateway Server to the MDM system, in the Actions pane, select Add MDM Gateway Wizard. For more information, see Adding MDM Gateway Server.

For more information about MDM Gateway Server, see MDM Gateway Server Help.

The following shows the actions that you can perform on a computer that is running MDM Gateway Server that you select from the MDM Gateway Server list.

Action Description

Properties

Displays settings for the specified MDM component.

Remove Gateway

Removes MDM Gateway Server from MDM.

Start

Starts the virtual private network (VPN) service on the specified computer that is running MDM Gateway Server.

Stop

Stops the VPN service on the specified computer that is running MDM Gateway Server and then closes all VPN connections.

Other Resources


Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft