How to Use Kerberos or NTLM with UEM MDM VPN Tunnel
When your mobile apps are connecting to servers over an EMM tunnel they sometimes require certificates to complete the connection. There are also times where mobile apps have to authenticate to servers with Kerberos authentication over the EMM tunnel. This knowledge base article provides step-by-step instructions for how to use Kerberos or NTLM with UEM MDM VPN tunnel and add BlackBerry EMM Authenticated Tunnel to any Android and iOS app.
We hope you find this knowledge base useful and enjoy using Appdome!
How to Use Kerberos or NTLM with UEM MDM VPN Tunnel
Appdome is a no-code mobile app security platform designed to add security features in mobile apps.
Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps without coding. When a user clicks “Build My App,” Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.
Using Appdome, there are no development or coding prerequisites to build secured apps. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds the relevant standards, frameworks, stores, and logic to the app automatically, with no manual development work at all. Users merely upload a mobile app, select the relevant Blackberry implementation option, and click “Build My App.” The Appdome technology automatically adds Blackberry (formerly Good) Dynamics SDK and relevant standards, frameworks and more to the app, with no manual development work at all. Using Appdome, mobile apps will use BlackBerry’s Authenticated Tunnel to securely tunnel app data as if BlackBerry Authenticated tunneling schemes were natively coded to the app.
Prerequisites for using Appdome for EMM Authenticated Tunnel
- Appdome account – IDEAL or Higher.
- Mobile App (.ipa for iOS, or .apk or .aab for Android)
- BlackBerry Dynamics UEM server
- Signing Credentials (e.g., signing certificates and provisioning profile)
- Kerberos and/or Certificates for tunneled traffic
4 Easy Steps to Use Kerberos or NTLM with UEM MDM VPN Tunnel
Follow these step-by-step instructions to add EMM Authenticated Tunnel to Any Mobile App:
Upload a Mobile App to Your Account
Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.
From the “Build” tab, Add EMM Authenticated Tunnel
Select the Build Tab. Note: a blue underline will appear showing the step is active.
Beneath the Build Tab, select Management. Note: a blue highlight will appear showing the category is active.
- Under Enterprise Mobility Management, enable the EMM Services
- Select the BlackBerry Dynamics SDK from the drop-down list
- Next, click to open Appdome Mobility Suite and enable for EMM Authenticated Tunnel if you’ve set up your app to use Kerberos
- Click on Build My App
The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add EMM Authenticated Tunneling to the mobile app in seconds. For example, the technology of Authenticating Tunnel Connections, work that ordinarily, a developer would need to do.
Congratulations! When Appdome has completed your implementation (usually about 30 seconds), you’ll see the notice below. You now have a mobile app, fully integrated with Appdome’s EMM Authenticated Tunnel.
After Adding EMM Authenticated Tunnel to a Mobile App on Appdome
After you have added EMM Authenticated Tunnel to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.
For more information on Kerberos authentication please view this resource.
Add Context™ to the Appdome-Built App
Appdome is a full-featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.
If you’d like to add private server certificates, CAs, and/or server public certificate files you can add these here under Private Server Certificates and Authorities in App Set-Up.
Sign the BlackBerry Dynamics enabled Appdome-Built App (Required)
In order to deploy an Appdome-built app, it must be signed. Signing iOS apps and signing Android apps are easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.
Deploy the Appdome-Built App to a Mobile Device
Once you have signed your Appdome-built app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-built apps, please read this knowledge base.
That is it – Enjoy Appdome for BlackBerry Dynamics in your app!
How Do I Learn More?
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.