I am implementing an MDM solution for windows phone 8. I am refering to the Enterprise Device
The management protocol said that windows phone 8 provided some configuration service provider called CSP,but i could not find any API about this in MSDN, so anybody knows where can i get the detailed usage about the CSP API in MSDN or other material?
Windows phone 8 enroll device through the process: System setting -> company apps -> add account -> input email address and password, and then enrolled. Can i avoid this process and develop the agent myself without going through the company apps to enroll the device?
Can anybody provide some material about how to develop mdm agent on windows phone 7?
thanks.
MDM solution for WP8 is no small feat.
A good start for understanding CSP is the PDF document "Windows Phone 8 Enterprise Device Management Protocol" available at http://www.microsoft.com/en-us/download/details.aspx?id=36831
The phone enrollment needs to be initiated by the user through Settings -> Company Apps. The phone goes through discovery process (SOAP) and then check-ins at regular intervals (SyncML). A regular WP8 app does not have access to any API to manage the phone like this; you cannot make a new/different client agent.
There is no MDM on the older WP7. I think you can do some basic stuff using ActiveSync (when the user configures an Exchange account) like require passwords with certain complexity, but I don't have any personal experience with that.
Related
As the title says, I would like to deploy my application on multiple phones, without developer unlocking them.
The said application is private, thus it can't be distributed through the store. I've heard of Company app distribution, however it's not clear for me whether it requires a developer unlocked phone or not.
Can you tell me how can I get custom apps on WP8.1 phones, without dev unlock?
The link you have shared describes steps to distribute app internally.
For deployment of company apps developer unlocked phone is not required. Once company app is ready for deployment, you need to install .aetx file which is generated form the code signing certificate. .aetx file can be shared to users through mail which can be accessed through phone to install. Once this is installed you can deploy xap by just clicking on the shared xap file. sharing can be through mail, dropbox, or any secure website.
Let me know if more doubt.
I have developed Windows Phone Silverlight application (support 8.0 and 8.1) for my client request. The client is goint to publish the application in WP app store, but first he must check on his phone if everything is OK with the application.
The application was developed with Visual Studio 2013, I've got developer account and own phone assigned to this account on which I have tested the application.
The question is, how can my client install the application on his own phone skipping windows app store? I have sent him builded *.xap file but he had a some problems with installation (Cannot install company application)?
You can submit your app to Windows Phone Store BETA. Your app will by certified quickly, and your client will be able to download it just like any other app from Store. The difference is that it will be visible and possible only for him.
Log in to you DevCenter account, click Submit App. Then, in App info section expand More options and select Beta. Then you can provide your client's mail.
I'm not sure, but I think that the name of the app should not be the same as the final version. So you can name it "My App Beta" to avoid future name conflict with the final version.
One more thing. When your app pass certification process, you have to send the link to the app to your client, because he won't get any notification.
What I want
I want to allow in app SSO between the Live Connect SDK and a single Mobile Services instance that I'll use as the backend for 2 applications, WP8 & W8.1. I want to do this without affecting existing users of the WP8 app that is already in the Windows Phone Store. Both apps will use the Live SDK for OneDrive access.
Existing Situation
I have a Windows Phone 8 application that uses Azure Mobile Services and the Live Connect SDK and I have set up SSO by
Registering the app in the Live Connect Developer Center
Setting the redirect URL in the Developer Center to the Mobile Services URL (used in the Live Connect authentication token)
Copying the Client ID into my app and passing it to the Live Connect SDK methods when I log in
Retrieving the Live Connect authentication token after login and passing it to the Mobile services login
Issues
This is fine but now I want to start building a companion Windows 8.1 app that uses the same Mobile Services instance and SSO but I'm running into a difficulty as below:
The Live Connect Developer Center app associated with the Windows 8.1 app needs to have the Package SID and the only way I can find to do this is to use the 'associate my app with the Windows Store' tool within Visual Studio. This creates a new app in the Live Connect Developer Center with the Windows 8.1 Package SID. I can't find any way to add this Package SID to my existing Live Connect app (i.e. the one used for the WP8 app).
I believe I need to use a single, shared Live Connect Developer Center app, and associated Client ID, for both my WP8 and W8.1 apps as the authentication token from Live Connect (documentation here) seems to include the 'user identifier - uid' that is 'An identifier for the user, which is unique to the app'. To me this also implies that if I change the client ID (i.e. effectively a new app from Live Connect's point of view) then it will appear to mobile services as if a new user is signing in and all their old data will no longer be accessible to them.
I have researched other people doing SSO across both platforms and they seem to be using a single app in the Live Connect Developer Center but in all cases that I have seen so far they use the Windows 8.1 app, because this has the Package SID, and set it to 'Mobile or desktop client app'. I have started from the other direction with the phone app first and I can't find any information about this. I'm also trying to avoid testing this all out in a live app in case it does cause issues.
I have posted in both the Mobile Services and Live Connect forums about these issues but without a reply. (I can only provide 2 links, check my profile in the Mobile Services forum for my other post).
My Question
How can I add Azure Mobile Services SSO to my new Window 8.1 app without breaking my existing WP8 app?
Thanks.
It looks like this question may have already been covered here:
Live Connect Authentication Token for use on Azure Mobile Services (REST)
Hope that helps!
This question has been answered by Matthew Henderson in the Azure Mobile Services forum
The simplified version is you need to use one Live Connect app in the Developer Center (i.e. the same Client ID used by both the W8.1 & WP8 apps)
To do this you either need to either:
a) Start with the Windows 8.1 app which will register the SID with the Live Connect app (this is the documented and easiest path) and then re-use this Client ID in the Windows Phone 8 app
OR
b) If you already have a Windows Phone 8 app as I did then you can change the automatically created SID association in the Live Connect Developer Center to allow the Windows 8.1 app to use the existing Windows Phone 8 Client ID. This is a less well documented feature.
One of our customers likes to test our application while still in Beta and before we are able to deliver the finished app to the store.
Is this possible? The only way I can think of is to unlock a customer device from our developer account. But as you can only register up to 3 devices this is not an option.
Can the customer set up (if willing to) a developer account on his own, register the device as developer device and then install our application. Has someone already done this? Or are the app locked to the developer account which has build the app?
Or can the customer install the windows phone SDK and at least deploy the app to the emulator to have a look at the app?
Regards
You should take advantage of the Beta testing functionality:
Go to the Windows Phone dev center and on the App info page, under More Options, click Beta.
Associate your customers Microsoft accounts (using Live ID)
Upload the XAP
It will generate a link that will allow your customers to test the app.
Only users added in step 2 will be able to download the app.
You can submit a beta app to the store. When submitting the app, you have to specify the live ids of the users participating the beta. Only those users will be able to download the app, and they don't need to have an unlocked device.
Also, to answer your other questions, yes the customer can deploy your XAP in the emulator if he installs the emulator, and no the XAP isn't locked to the developer account which has built the app.
If I create an Application Enrollment Token, I will get an aet and aetx file. The aetx file can be send to the phone via mail or can be opened in the web browser and will be installed then. However, I'm unable to uninstall the certificate. There is no option in the phone's settings or during the installation of an aetx.
Is there any way to uninstall a manually installed AET, except resetting the phone to factory settings?
AFAIK there is also no way to see or get extended information like the validation dates of the AET, except you've installed it via a MDM solution. So did any of you succeeded in deletion of the AET manually?
This cannot be done manually! Microsoft says:
After a user enrolls a phone for company app distribution manually by tapping an AET.aetx file on their phone, the phone is automatically enrolled for as long as the certificate is valid (one year). After enrolling for company app distribution by this process, users cannot unenroll their phone by using the phone UI.
Source: http://msdn.microsoft.com/en-us/library/windowsphone/develop/jj206943%28v=vs.105%29.aspx
However if you use the MDM Api to enroll a Phone (like Intune does), and unenroll that phone (either remote or manually) the aet is removed, too.