Important: This article is part of a series outlining the deployment of a production on premise Symantec Mobility: Suite solution. This is meant to be used supplementary to the published Mobility: Suite Administration and On-premise Installation guides. If there are any recommendations made in this walkthrough which contradict the above mentioned guides, use the recommendations in the guides
Note: Do not cancel the setup.sh script; if it is terminated early before the setup is completed, repeat Installation Part I.
1. Go to a workstation running Internet Explorer (IE) 11, Chrome or Firefox; with network communication to the FE over TCP port 8000. Following the last two lines from the installation script above navigate to For example: http://172.19.216.123:8000 :
2. Click Start Wizard to begin.
3. Mobility: Suite requires a valid Public SSL Certificate which is, most importantly, valid from the managed mobile devices. Click here to purchase an SSL certificate from Symantec. If a valid SSL certificate has already been issued continue to Upload SSL Certificates to Configurator. To get past the SSL requirement, temporarily, see Untrusted / In-house Certificates.
Note: Other valid public Certificate Authorities (CAs) may be used. The certificate’s common name (CN) must match the published FQDN of the Mobility Server. For example, if the server’s FQDN was mobile.mydomain.com, when making a certificate signing request (CSR) the administrator would us this FQDN for the CN in the CSR.
4. From the Internet browser select Yes to handle SSL locally and click Choose File for each of the following, browsing to the provided (or created) certificate files:
Certificate à sign.crt
Key File à sign.key
CA Bundle à cacert.pem
Tip: The CA Bundle is the certificate issuer’s certificate. If an intermediate certificate is required, copy and paste its certificate into this file. It is also recommended to remove all extra properties from the sign.crt file see: How to remove extended properties from a PEM SSL certificate (HOWTO110259) .
5. Next to continue:
6. Will multiple companies be using this installation? Select No.
7. Enter the Server name found in the FQDN and CN of the CSR, fill in the rest of the form information as requested.
Tip: A valid dedicated email account should be used for the primary administrator. This may be changed later but having a valid email account is vital to be able to reset the accounts password.
Note: Wildcard certificates may be used.
8. Click Next to continue:
Note: The domain name is parsed from the uploaded SSL certificate. If the domain name is an internal domain and not published with a registrar, meaning it cannot be accessed from the Internet. Recreate and re-upload the SSL certificate(s) for the published domain name. This information is written into the database (DB) and written into the Mobile agents for device to FE communication. If the FQDN is not yet known, the domain name of the server may be changed at a later time by following HOWTO80680. This will also require that the SSL certificates be updated. However the server-name cannot be changed post installation, again, the residing domain can be changed but the Server name cannot.
9. Paste the information from following Google Cloud Messaging into the Mobility Manager Configuration Wizard and Next to continue.
Tip: These fields may be left blank and entered after the installation is complete.
10. Select MySql as the database engine.
11. Repeat Part I: The Virtual Machine; entering the required information for the MySQL server rather than the Mobility: Suite FE. (HOWTO110252)
Note: A production MySQL 5.6 database (For Mobility: Suite) requires at least 30GB storage, 4GB Memory and a dual core processor. (Roughly half of the hardware requirements for the Mobility FE)
12. Once root shell access is obtained to the new server, open a new tab and follow: HOWTO107280 to download and configure the MySQL host and the two required databases.
13. Once the DB host and two databases are created continue to Enter MySQL Connection Information.
14. Enter the required connection info for the Primary Database into the Wizard and Test Connection. Once a successful connection is established click Next to continue:
15. Enter the required connection info for the MDM Database into the Wizard and Test Connection. Once a successful connection is established click Next to continue:
Tip: For troubleshooting MySQL connectivity see Troubleshooting MySQL Connectivity.
16. Continue to Mail Relay Configuration
17. Enter the email server information. If a proxy is being used, most likely, a username and password is required. If using an unauthenticated mail server on port 25 (for example), a username and password may not be needed. If no mail relay server is available follow the HOWTO110251.
Tip: To change the mail relay after the installation completes see HOWTO110249.
18. Once valid mail relay information is entered click Next and continue to Caching
19. For the cache backend, select Database Storage and Next to continue:
Note: For more details on Cache Backend options see TECH228357
20. Once the cache backend is completed continue to RabbitMQ.
21. Accept the default settings for the RabbitMQ role. Click Test Connection; once a successful connection is established Next to continue.
Note: The hashed password for the default local instance is: guest
Tip: If the connection times out, verify that localhost resolves to 127.0.0.1 and not an IPV6 address. IPTables may also block 5672. Keep in mind that terminating the script will bring the process back to step 1; use Putty to SSH into the FE to further troubleshoot. For troubleshooting RabbitMQ refer to TECH215945. If an off-box RabbitMQ is needed refer to HOWTO100093.
22. Continue to Verify Configurator Settings.
23. Verify that the settings entered are correct and click Finish to complete and finalize the installation:
Note: This process can take up to 15 minutes to complete. To view live progress use Putty to open an SSH shell to the FE and type: tail –f /var/log/nukona/load_settings.log
24. After the configurator completes, allow another 5 minutes for the setup.sh script to finalize.