Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 5 subscribers
  • Views 26878 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

username variable on activesync profile does not work

WSBD

I recently installed version 3.5.0.4 for the windows 8 support, and I have problems with deploying activesync profiles on both Android and IOS. The username variable doesn't work.  I use the variable %_USERNAME_% and %_EMAILADDRESS_% on both the username and email address field.

In customer configuration I have set up an external directory. (ActiveDirectory LDAP) I am using the following LDAP fields : fo rr username : samAccountName

and emailaddress : mail

After installation I see on the device the email address is correctly translated but the username field stays blank. Also you are unable to change the settings on the device since the field is grayed out.


Before I used version 3.0.2 and had no problems with the username variable. Any ideas, maybe it's a bug?

:42632


This thread was automatically locked due to age.
  • 0

    Hi WSBD,

    that is strange. In general, the LDAP variables are still working in SMC 3.5.

    Is there maybe a typo in the profile where you defined the variable?

    Have  you linked the device to an LDAP user?

    Best regards

    Stefan

    :42684
  • 0

    Hi Stefan,

    I think there are no typos in the profile, see screenshot of my current activesync profile settings:activesync profile

    Email address works fine, but username doesn't get resolved on IOS or on Android it doesn't work aswell.

    User can login through Self Service portal and connect a device to Sophos MDM. So LDAP connection is okay. If I lookup internal properties of a device is see these 2 fields:

    LDAP Field Email Addressmail
    LDAP Field Username

    samaccountname

    :42742
  • 0

    Hi WSBD,

    thanks for your provided information.
    It seems as if you have entered the samaccount name manually when configuring the LDAP connection for the customer in questions. Unfortunately, this is case sensitive. The field 'samaccountname'.does not exist in the LDAP directory while the field 'sAMAccountName' does. I don't know right now, why the login at the SSP works without any problems.

    To solve this, I would like to ask you to log in as a super administrator in your SMC console.

    Edit the customer in question and press the 'Configure external directroy' button.

    During the step 'Search fields' make sure to choose the 'sAMAccountName' from the drop down box.

    Finish the directory configuration and try the deployment of the profile with the variable again.
    This time the profile should be deployed correctly.

    I will verify with our development team why this issue occurs and why the login at the SSP just works fine.

    Best regards

    Stefan

    :42756
  • 0

    Thanks.

    There is no dropdown list in search fields. So I typed it exactly the way you described and going to give it another shot.

    See screenshot:

    :42770
  • 0

    On IOS it works, but on Android i can't even get the profile in the HTC One phone.


    On profile details it says: Not supported on the activesync part.


    Can activesync profiles only be loaded on samsung devices???

     

    :42784
  • 0

    Hi WSBD,

    deploying an Exchange Profile to a non-Samsung device is not possible.
    For Samsung we support the Samsung SAFE API which allows us to configure additional settings like the Exchange account.

    That's why there is a 'SAFEv2+' label next to the Exchange ActiveSync configuration in the Android profiles.


    If you are using a HTC One you have to configure the Exchange account manually.

    Right now, there is no way to add it automatically.

    Best regards

    Stefan

    :43919
  • 0

    It can not be right that you do not soon find a solution to this problem.

    A free program that 3CX can figure it out. If you dont, you force us to find another solution.

    http://www.mobiledevicemanager.com/android-management/android-exchange-account/



    Regards
    Asger

    :48476
  • 0

    Hi Asger,

    thank you for pointing out a little fault I made.

    I missed the information, that you can configure the Touchdown mail client on every Android device which is supported by Touchdown. As of Sophos Mobile Control 3.6 the configuration of touchdown is supported.

    Therefore, my information I provided before is not 100% correct anymore.

    Looking at the link you have provided, you also require a special application installed on the device which is called "Aquamail". This seems to be the same behavior as for Sophos Mobile Control regarding the Touchdown client.
    There is no general API available to configure specific operating system settings like the email account in the "Accounts" settings. However, some email application provider provide an interface to "remotely" configure the app. This is what "Nitrodesk" does with Touchdown and which was implemented in SMC 3.6. Support for further email applications might follow with upcoming releases of SMC, but as of now you can only configure email accounts on Samsung SAFE devices or devices having the Touchdown client installed.


    Best regards

    Stefan

    :48492
  • 0

    hi Stefan

    then vi have to buy touchdown. that cant be right.

    Asger

    :50234
Unfiltered HTML