Microsoft Windows MDM Setup

Integration of FileWave with Microsoft Windows MDM requires some initial setup. This is likely a one-time configuration for your environment, depending on complexity.

On initial setup, we'll need to make sure we can satisfy the licensing pre-requisites, publish a custom FileWave client, set our acceptable use terms, and finally create and configure the AAD MDM application itself.

Pre-Requisites of Windows MDM Setup

What

FileWave can integrate and use the framework of Microsoft Windows MDM to manage Windows endpoints, but there are licensing requirements that need to be satisfied (outside of FileWave).

When/Why

Windows MDM requires certain licenses based on your organization's relationship with Microsoft.  As far as FileWave-specific licensing is concerned, each endpoint need only have a FW client license.

How

All Windows MDM function relies on Microsoft Entra Active Directory, so that must be in place for your organization.  Specifically Microsoft Entra Premium P1 or P2. Many of their license bundles include that license. Additionally, you'll need AutoPilot access and access to the Microsoft store for business:

Licensing requirements for AutoPilot:

Windows Autopilot licensing requirements | Microsoft Learn

(AutoPilot is the framework that allows your devices to enroll into FileWave when initially setup)

Information on Microsoft Endpoint Management / InTune for Business:

Endpoint Management at Microsoft | Microsoft Learn

Part 1: Custom FileWave Client

What

Windows MDM with FileWave is implemented in a hybrid-mode.  That is, we can issue MDM commands (such as installing a policy), but also wish to leverage our native FileWave client capabilities.

When/Why

Our first step in setting up the integration for Windows MDM is to create and publish a customized FileWave client so that our newly MDM enrolled devices will have a functioning FileWave client installed upon enrollment.

How

Before anything make sure that you have done following steps:

Your FileWave server is running healthy, and backups are being performed.
You have valid, trusted certificate installed on your FileWave server.
You have at least saved FileWave preferences once (open preferences in the native admin and save it.)
This will set important configurations on your FileWave server (shared keys, etc.)
You have at least updated model once
This will allow FileWave's internal URIs to be in place.

After you confirmed everything is ok, then you may upload the custom client MSI installer.

Upload fwcld msi package
  1. Open the native admin and open preferences.

  2. Go to the Mobile tab and look under the Windows sub-tab.

  3. Upload your custom client.msi package on that tab as shown below. Create this installer with the Customer Installer Builder.

Upload custom msi.png

Part 2: Setting up Terms and Conditions

What

When a device is enrolled in Windows MDM, a custom end-user terms page is required for the Microsoft application we'll be building later.

When/Why

We'll need to establish our terms pages within the FileWave AnyWhere (Web admin), and they'll be used at enrollment time.  These terms pages can be customized for your environment with the terms you prefer. 

How

Editing Terms & Conditions

Terms & Conditions are for a page that are shows to users who are enrolling to your Server. You can customize this page via the FileWave Web Admin.

  1. Click on the gear button next to Model update in FileWave Web Admin.

  2. Navigate to Terms & Conditions tab.

  3. Edit the title and/or the content of the page.

EditTermsandConditions.png

Part 3: Setting up the Portal App

What

The configuration of your Windows MDM integration will all be driven by an application you yourself create in the Microsoft Entra Portal.

When/Why

This application is the linch pin that ties your devices (in AutoPilot), through your user accounts (the group associated with the app), into redirection to your FileWave MDM server.  Detailed setup steps follow.

How

Add Microsoft Entra ID account in FileWave
  1. Open your FileWave AnyWhere (Web Admin) page and navigate to sources.

  2. Click the Microsoft tab.

  3. Click on New account and you should see the following form: