Android Enrolment on VMware AirWatch

Android Enrolment on VMware AirWatch

So I am going to be honest as many of you know I use Apple devices most the time just down to their simplicity and integrations but recently I have had the chance to use the latest version of AirWatch and a newer based Android Device.

The enrolment process is not quite as slick as iOS where it forces the user to enrol with your companies deployment but it can be as simple as a few taps (7 plus a few more) and a scan of a QR code. You may find as an IT department you still enrol users devices anyway so this won’t bother you that users may try and skip this step. At a guess I am sure some vendors will catch up and have a portal similar to Apple DEP before long.

The actual term for this in the Android world is called “Work Managed” but you will need to ensure you have your Google for Work set up before you do this or you won’t be able to push any applications to the device. This can also negate the need for the Google Play store on the device and your users needing separate accounts or everyone sharing a department account. I will do a separate post on the Android at Work as this also offers some great features.

But back to the enrolment, its as simple as open the box, pop the SIM in the phone, power it on. From here tap ‘Welcome’ 7 times and this will then take you to a hidden screen. Join the WiFi to save data if you wish and then this will download a QR reader. You will need to generate your own code using this guide from here and I found leaving the username password as it was caused the agent to get confused then ask me for that users credentials so I didn’t have to create unique codes. I used this website to generate my QR code

I used my top level group ID as when the user authenticates this should override this if they are in other smart groups. You can easily find this by going to the top of your organisation and then hovering over the name for a moment and this box will appear

Once you have added a user if you have your profiles and apps set up they should start streaming down to the device. I do certainly like the fact Boxer can be setup to auto configure from the user who enrolled and all they then need to put in is their password to start getting their emails. This is also quite nice if you wish to offer a BYOD or let user have their personal account on their phone as the in built client can then provided segregation.

The hidden power of doing it this way is when the user leaves despite being a good or bad leaver if the device is reset you can get back into it as the device is managed by the organisation. I have seen many devices been handed back into IT that have personal Google account on of which we can then not reactivate the device easily without the leavers details.

If you want to learn more about AirWatch I am going to be doing a series of posts or head over here for more information

Office 365:- An error occurred executing configure aad sync task element ‘ma-run-data’ was not found

Office 365:- An error occurred executing configure aad sync task element ‘ma-run-data’ was not found

So this week I have been performing an Office 365 migration and part way through federating my domains and getting ADFS up and running I came across this error below

First thing I did was go have a quick look at what was going on within the Event log and there was a rather odd error. This can be down to your service account losing its groups or the DCOM components losing their permissions too but mine seemed to be ok

Scheduler::SchedulerThreadMain : An error occured and scheduler run failed to perform all operation.

System.Management.Automation.CmdletInvocationException: Run profile ‘Full Import’ does not have run steps. —> System.InvalidOperationException: Run profile ‘Full Import’ does not have run steps.

at Microsoft.DirectoryServices.MetadirectoryServices.UI.WebServices.MMSWebService.InvokeRunProfile(String connectorName, String runProfileName)

Firstly do try a repair of the install and ensure you are at the latest version, as I said before this may be permissions related but if not after much head scratching for some very very odd reason all my rules had been dropped in the Synchronization Service Manager. To be honest I never got to the bottom of quite why they vanished during switching over the federation but to get things working again launch the application and goto the connectors tab

You should see you main AD and any others you wanted to sync in your forest. select your local AD Domain Services and then select configure run profiles on the right hand side

Within this window it will probably now look rather bare and this is what the cryptic error is going on about. It basically doesn’t know what to do!

Repopulate all the option including the export which is pretty much simply select the matching type to the profile and ensuring your base DN/partition is correct

Do make sure your Export one is populated as I found my password sync stopped working and had to do this and then use the Wizard to remove ADFS and flip back to password hash and then re-integrate. If you don’t do this you will see errors in the 365 Portal stating Password sync hasn’t occurred and get this error in your event log despite things now looking like they are syncing

Scheduler::SchedulerThreadMain : An error occured and scheduler run failed to perform all operation.

System.Management.Automation.CmdletInvocationException: Run profile ‘Export’ does not have run steps. —> System.InvalidOperationException: Run profile ‘Export’ does not have run steps.

at Microsoft.DirectoryServices.MetadirectoryServices.UI.WebServices.MMSWebService.InvokeRunProfile(String connectorName, String runProfileName)

at Microsoft.IdentityManagement.PowerShell.Cmdlet.InvokeADSyncRunProfileCmdlet.ProcessRecord()

— End of inner exception stack trace —

at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)

at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)

The final thing to do now is run the sync by right clicking the AD connector, selecting run and then the relevant task. I did select full first just to make things are working.

Hopefully you will now see nice informal messages in your event log like below and your 365 portal should update within the hour to say its all back in sync

I have to say these two resources helped point me in the correct direction https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-configure-filtering#update-the-run-profiles

https://social.msdn.microsoft.com/Forums/azure/en-US/3398333e-9e79-4261-bd8c-966fd18fd105/configure-aad-sync-element-marundata-was-not-found?forum=WindowsAzureAD

 

 

 

VRDCEX – VR Datacenter Game

VRDCEX – VR Datacenter Game

So early this week as I made aware of a new addition to VRDCEX and its a gameification update, and Oh boy is it fun! I took some time to get something up as well my first attempt nearly involved in a light fixture being removed! I think this is mainly down to the way the depth perception happens with the Mixed reality headsets

So just as a major tip for anyone with an Oculus there is a tiny ‘hack’ that allows for better 3D awareness. Put one sensor directly in front of you and one behind. Restart the calibration in the Oculus setup and it will say they should be at 45 degree angles but just hit proceed. When you have to align the PC just do this to the front sensor. Ideally you should have a 3rd sensor but I have found this seems to work OK for this and a few other games. I found that before I did this, during the gameplay the headset would spin rapidly. This obviously make its harder and I ended up dropping VMs or throwing them in the wrong place.

So you can this game version from here https://github.com/vmware/vr-dc-ex/releases/tag/Game

So my highest score so far is 298 and a shame as I dropped one of the last few VMs and would have broke the 300 mark. I tried again a few times even with the setup above and I just couldnt do it! I must have peaked on my 3rd attempt but did average around the 260 mark.

You can see my high score here!

 

 

Podcasting with WordPress

Podcasting with WordPress

So I have been working on parts of this post for a while but I though I should really break this what was a massive post into some smaller chunks and relevant areas as a few people have asked me about this but in this post I am going to cover how to post your Podcast with WordPress but have this on the Apple Podcast channel. I will cover off recording & editing, video types and also submitting to other stores in other posts.

Also skip to the end for once if you are integrating with a current blog as this can ensure media is not picked up by accident.

Before you start go sign up here as sometime Apple require the address to be approved with of course a subsequent approval after. https://podcastsconnect.apple.com/

Firstly head over to your WordPress admin page and select add new plugin

From the plugin screen search for BluBrry and install and active the plugin

Hit the setting button to be taken to the main screen for the plugin. Fill in your Podcast name, the subtitle and any other required fields. I also suggest doing the image at this point but it must be 3000×3000 or you will get an error later

On your WordPress menu select PowerPress and then Audio Player, Select the player that best suits your style

Perform the same for Video by selecting the PowerPress Menu and then Video Player

We now need to collect a few details from the advanced tab so that we can submit this to Apple for approval

Within here select iTunes and scroll down to find your feed info and make a note of this for later

Head back to and select the + icon at the top

Enter the feed address you noted previously

Press validate and then assuming there are no errors below press submit. The most common is the artwork is the wrong size or format

You will now get the below screen and you have to wait for the approval email from Apple, at this point if you have one recorded lets get your first podcast there ready for go live

First add a new post just like usual

The above text is embed in the Podcast description and title but scroll down and you will see this windows for the podcast episode, I host mine on my server but this can be a content server or AWS or Azure just as long as its served by HTTP/HTTPS. If this is a video Podcast I usually upload a low-res (sub 480p) version here and then upload a high res version to YouTube as you don’t want to send over 1GB file to the users phone or device.

Finally submit and publish the post

Now hopefully if you have been approved in the time you have been getting all this ready go back to https://podcastsconnect.apple.com/ and click on your podcast picture

On this screen select refresh feed to pull through any new episodes, it does do this every 24 hours if you are happy to wait.

Now sit back and wait for it to appear in the Apple Podcast app, if all has worked you should see the below

Integrating with a current blog

If you already have a blog and wish to integrate this I suggest turning on category podcasting and when you select the category follow the steps as if you were creating a main podcast just don’t set this at the top level or it may miss interpret media from your normal post, just remember to tag them when you publish. This can be enabled in the advanced menu at the bottom of the main screen by selecting category podcasting and pressing save

This then enabled the menu on the left so select this

Finally select your category such as podcast and then add podcast settings to category feed, you will see I had already added one and this is where you get your feed URL from. Some people also find its best to tick the Podcast only feeds to keep things even more clear.