Skip to main content

Mobile Management Center

Configuration Sections

The MindLink Management Center will load with the logging configuration as its default page. The user can navigate through different configuration settings by using the navigation tree, which includes the following configuration sections:


Licence

The licence page ensures the products you are using are firstly; supported by MindLink and secondly; that only the correct products (as stated by contract) are in use.

Opening the license tab, you are given the ability to browse for a file. This will be the file you received within the correspondence with your account manager.

Click the Browse for license file button which will open file explorer. Navigate to your license file. MLM

Click the Browse for license file button which will open file explorer. Navigate to your license file. Selecting a valid license file will show similar details to the corresponding management center image below.

MLM

  • License Holder: This field specifies the Company name the license is issued to and also the product owner at the time of purchase.

  • Expiry date: The date the product expires. At this time (grace period built in) the product will cease to function.

  • Details: This field contains the product/s that the license has been issued for. MindLink will not run with an incorrect product license (a single license can be issued for multiple products).

The system periodically checks the number of users who could log on and starts rejecting new logins if it sees that the number of hypothetical users is larger than the licensed capacity.

If a license reaches expiry the following message will appear. Please contact your account manager to receive a current license within contract renewal. MLM

If a license is issued for a different product to the one you are attempting to run. The following message will appear stating the product this license is valid for. Please contact your account manager to discuss increasing your subscribed products.


Logging

The logging section enables the user to configure the logging level as well as the log file location for the Connector Service.

Please note that logging on the Connector Service is performed using the Microsoft Enterprise Library Logging Application Block. MLM

By default logging is configured as follows:

  • Error level - Error class events
  • Warning level - Warning class events (Recommended)
  • Info level - Info class events
  • Verbose level - All class events

Logging Configuration You can Configure the Connector service logging level and log file location by clicking on the Browse button will let you find an absolute path to a new log file location, or you can manually edit the field to a path relative to the Connector Service install location.

The account used to run the Connector Service must have write access to the install location of the product in order to log to the rolling log file. The file can by default be found at %ProgramFiles%\MindLink Software\MindLink Application\ConnectorService\Logs\Connector.log


General

The General section lets the user configure the general settings that will be applied to the Connector Service. MLM

Information service port: The port number used when behind a load-balancer to provide a service heart-beat.

File Transfer

Maximum concurrent downloads: The maximum number of allowed concurrent file download requests.

If an attempt is made to download a file when the number of active file downloads to the server is equal to the number specified, the download will fail with an error indicating that the server limit is currently exceeded and to try again later.

Maximum concurrent uploads: The maximum number of allowed concurrent file upload requests.

If an attempt is made to upload a file when the number of active file uploads to the server is equal to the number specified, the upload will fail with an error indicating that the server limit is currently exceeded and to try again later.

Maximum file size for file uploads: If the configured connector supports file posting, the maximum size of files in kilobytes allowed to be uploaded.

If an attempt is made to upload a file that is larger than the specified size, the server will return an error indicating that the file is too large to upload.

Features

MLM Features

Enable instant messaging: When set, allows connected clients to use instant messaging.

When not checked, user presence will not be published, instant messaging will be disabled, and the client will be limited to group messaging functionality. Any client that exposes instant messaging functionality when instant messaging is disabled will receive failure notifications from the server when an attempt is made to use such functionality.

Enable group chat: When set, allows connected clients to use group chat.

When not checked, group chat preferences are not loaded and users will not see any groups or chat rooms to which they are subscribed in their contacts list nor will they be able to search for and add groups.

Allow user to disable instant messaging When set, allows users to specify whether they want to log on with or without the instant messaging capability enabled on their web or mobile client.

When not checked, users will not be able to choose to enable/disable instant messaging upon login and the setting will default to the configuration in the management tool.

Allow user to disable group chat When set, allows users to specify whether they want to log on with or without the group chat capability enabled on their web or mobile client.

When not checked, users will not be able to choose to enable/disable group chat upon login and the setting will default to the configuration in the management tool.

Enable file transfers in 1-1 conversations - Allows users to send between one another

File transfer allows users to send messages in IM conversations. This includes both images and text files.

Message Constraints

Maximum message length: The number of characters that a single message can include.

If an attempt is made to send a message that is longer than the specified length, the message will be automatically converted to a story instead.

Maximum story length: The maximum number of characters that a single story can include.

If an attempt is made to send a story that is longer than the specified length the server will not send the story and will return an error indicating that the story exceeded the allowed story length. The maximum story length must be longer than the maximum message length


Add-Ins

Group Chat add-ins can be configured across MindLink Anywhere and Mobile Tablet Platforms. Phone devices are not supported. Add-in page

Client Add-Ins are actually web pages hosted inside the Group Chat Console client, which communicate with the parent window using JavaScript.

MindLink Anywhere hosts each Client Add-In inside a Html IFRAME element within the MindLink Mobile page. The Client Add-In can communicate with MindLink Mobile using the same JavaScript calls as in the Group Chat Console client.

However, to enable this communication to happen, both MindLink Mobile and the Client Add-In page must be served from the same domain and port address. This is a standard security requirement enforced by all clients.

For instance, if MindLink Mobile is served from http://www.MindLink.net/MindLink Mobile, then for any Client Add-In to be shown in MindLink Mobile it must also be served from a relative path on http://www.MindLink.net e.g. http://www.MindLink.net/myclientaddin

In an enterprise environment, it is often not the case that MindLink Anywhere and any Client Add-Ins will be served from the same actual machine. Hence, they will be served from different domains/ports and so Client Add-In/MindLink Mobile communication will be forbidden. The use of a reverse-proxy is therefore required to mux requests to MindLink Mobile and to any configured Client Add-Ins to the same domain. See the Prerequisites page to Configure Add-in Proxies


Skype for Business

The Adaptor section manages the selection of the underlying chat system to which to connect and the infrastructure DNS servers that define the chosen platform. Skype for Business

Server Version: Select the chat platform version.

Auto Provisioning Server Information: Enable the auto detection of the Front End Server. This will allow the server to detect any server changes within the Topology and auto configure the new servers. This requires Skype Core Components to be installed

Auto Provisioning Application ID: Enter the Application ID of the trusted application on the Front End.

Local Server Name: Manually enter the FQDN of the local machine

Next hop connection

Server Name: Manually enter the FQDN of the Skype for Business front end or pool server.

Trusted Application Server

Server/Listen Ports: The default communication port for Skype for Business used by the Front End Server to listen on when using trusted authentication. To allow Collocation the default ports are as below :

Platform Certificate: The certificate to use for establishing an MTLS connection with the Skype for Business server.

Persistent Chat

Auto Provision Group Chat Information: Automatic discovery of the lookup address for querying Group Chat. Use this option to look at multiple chat pools

Lookup Server Address : Manually enter the lookup address for querying Group Chat. This is the address created upon activation. Use Get-csPersistentChatEndpoint to identify.

Connect to Multiple Persistent Chat Pools

Enables connection to multiple persistent chat pools. This allows users to join any chatrooms that are located on any of the specified persistent chat pools. Entries added to the table can be removed by pressing the Delete key.

Troubleshooting

Use untrusted connection: To Debug the communication protocol and transport mechanism during debug mode.

Disable transport: The transport type between the Connector service and the Skype for Business pool e.g. TLS or TCP during debug mode.

Authentication Protocol: Domain protocol set to either NTLM or Kerberos.

Conversation History

Conversation History: Enable conversation history saving and loading.

Preferences

Preferences: Sets the file repository for saving local preferences.

Private File Transfers

Private file transfer cache - Specified directory where private file transfers cache folders are kept

Sessions

Session timeout: This sets the timeout for MindLink Anywhere. The MindLink client will be set to an idle/away status after being disconnected from the network after the configured time has elapsed.


Active Directory

Message Constraints

LDAP Connections

Autodiscover global catalogue

Skype for Business forest name: Select the relevant forest name in which platform is installed and base for AD operations for users.

Server name: Manually enter the FQDN of the LDAP server is Auto-Discover is not detecting correctly.

Use default port: Default port number of the Global Catalogue used to look-up user SIP addresses from Active Directory i.e. 3268.

Port number: To enter a custom port number to look-up user SIP addresses from Active Directory.

Timeout (seconds): Specify the time interval in seconds for Active Directory queries.

Use default naming context: Auto-discover the name of the root context of the directory. Use this is membership is not restricted.

Naming context: Manually enter full OU path if users are to be restricted to this AD OU object

Authentication

Search filter: Must be configured, responsible for retrieving a sip address for a user via Active Directory.

Default user domain: The default domain that will be used if a user does log specify a domain in their user name when logging on.

Restrict usage to members of a group. Restrict access to Members of this AD Group to be able to log in

Restricted group distinguished name: Select the Group from the dropdown (start typing the name to dynamically list) if users are to be restricted to this AD Group.


Exchange

Exchange tab

As of 17.7, administrators can now explicitly configure how the exchange server is resolved. This can be done automatically by ticking the Autodiscover Exchange Web Services box or the URL can manually be entered in the box below. Additionally, a list of well-known URLs can be added where the management center will look to resolve the exchange server name based on those URLs


Network

Network tab The network tab allows HTTP Proxy settings to be configured.


Advanced

Advanced tab

The advanced tab allows debug keys to be utilised (such as configuring Exchange Online or enable pre-release features)

APNS Changes

Apple changes to push notification requirements

After changes by Apple, new debug keys must be used to configure APNS. Please add the below configuration to your MLM Management Center Advanced tab :

KeyValue
debug.mobile.apns.http.enabledTrue
debug.mobile.apns.http.key
debug.mobile.apns.http.keyidTHJ6Y7P8S3
debug.mobile.apns.http.issuer54SZCW768Q
debug.mobile.apns.http.appbundleidim.fcg.MindLinkMobile

Other use cases for advanced debug keys

you can also override any other configuration value. Examples of a couple of custom setting keys include:

  • Configuration key: connector.ucma.serverversion Value: Unknown
  • Configuration key: global.message.maxlength Value: 200

Notes when using custom settings:

  • Custom key/value

  • Invalid keys cause the host to crash

FeatureConfiguration KeyConfiguration setting value
Disable Notification Batchingdebug.userservices.batchgroupnotifications.disabledtrue

By default, group notifications are batched into groups to avoid overwhelming the notification center of the device. This functionality can be disabled to allow each incoming message to immediately trigger a notification


This section manages MindLink Mobile settings and provides general information with regard to the MindLink Mobile Client set up.

MLM

General

Token Issuing Certificate Specify a token issuing certificate to manage user authentication.

Server

Hostname External DNS of the Mobile Server FQDN. This must be the externally accessible name and matches the server address used to connect to the server in the app.

Socket server

Port The port on which the Connector service will listen for incoming MindLink Mobile client connections.

Disable security: When enabled, the socket service is NOT protected by TLS

Certificate: Specifies the certificate to use over TLS.

Host identification web service

Port: Specifies the port to use for the identification service and optionally all other HTTP-based services; port used to initiate a connection

SSL option Secure the lookup connection

SSL certificate A valid certificate must be selected for the service to provide for HTTPS connections.

Session web service

For both iOS and Android, the client is configured to connect to the Web Service URL. For example, for a Web Service running on '7074' (as shown in the Web Service Port), the client should be configured as the following example shows:

http://{servername}:7074 If there is a proxy in front of the service, then the client should be configured with the proxy URL.

Use Different Port: When enabled, use a different port for session web services; Option to use a different HTTP port for File Transfers

Port: The port number for the Session Web Service

Disable Security: When enabled, uses unsecure HTTP instead of HTTPS for the session service

Certificate Select the SSL certificate to be used to secure File Transfers

Session Service Proxy Base URL: Base URL for session services external proxy connections

File Download External Proxy Base URL: Base URL for file transfer external proxy connections

Session Expiration

Enable session expiration: Enable long session timeouts. This is the connection between the Mobile server and Skype for Business

Long session time (days): Timeout setting, in Days

For both iOS and Android, the client is configured to connect to the Web Service URL.

For example, for a Web Service running on '7074' (as shown in the Web Service Port), the client should be configured as the following example shows:

http://{servername}:7074 If there is a proxy in front of the service, then the client should be configured with the proxy URL.


Android Settings

MLM

Android devices

Allow Android device connections: The setting that allows Android devices to connect to the MindLink Mobile server.

Firebase Cloud Messaging

FCM URL: Specifies the URL at which to reach the Firebased Cloud messaging platform for Push Notifications Leave this as the default unless there is an outbound proxy.


Apple Settings

The following settings need to be configured for the MindLink Mobile for iPhone implementation.

MLM

Apple Devices

Allow Apple Device Connections: The setting that allows iOS devices to connect to the MindLink Mobile server.

Apple Push Notification Service (APNS)

Disable APNS: Tick this box to prevent iOS devices from using out-of-app push notifications, such as those received on the device's lock screen.

APNS server address: The Apple Push Notification Settings host server address.

For APNS Changes introduced in 20.7 please use api.push.apple.com.

If you're unable to use the default HTTPS port (443), you can alternatively append port 2197 to the address.

APNS Base 64 Key The appropriate key value used when communicating with APNS should be provided to you together with your license.

APNS App Bundle Identifier The bundle identifier to use when sending push notifications. The value to choose depends on the flavour of the MLM app you use. The default value im.fcg.MindLinkMobile is the one to use for the version of the app without specific MDM support.

Network : HTTP Connectivity: This is a special connectivity mode designed for use with iOS and MobileIron. It allows the 7072 TLS connection to be replaced by a HTTPS connection for use when Tunnelling supports only HTTP/S traffic and TLS/Websocket is not available.


Server Pooling

The Server Pooling feature can be utilised to enhance resiliency for your MindLink Mobile Enterprise implementation. Please note that the Server Pooling feature requires access to a database instance setup on either Microsoft SQL Server versions 2012, 2014 or 2016. MLM

Enable server pooling: This enables server pooling to be utilised, this will require a SQL database

Database connection string: - Configure the connection string with the following syntax:

Server=FQDN SQL server; Initial Catalogue=SQL catalogue; Integrated Security=SSPI

or if you wish to use a Failover SQL partner you could use the following syntax :

Server=FQDN SQL server; Failover Partner=FQDN SQL partner; Initial Catalogue=SQL catalogue; Integrated Security=SSPI

Override credentials for database operation: If the user running the management tool does not have sufficient SQL permissions, then these can be overridden by a set of credentials that have sufficient permission by your SQL administrator.

Test the connection: To check the validity of a relevant SQL database connection string and the override credentials, select 'Test'. The following steps may differ and as such are outlined in the two scenarios listed below.


Policies

MLM

Disable Copy and Paste: Ticking this option will disable the ability to use the native copy and paste functionality within the MindLink Mobile Application. Applying this option will disable copying content from within the application, however, you will still be able to paste from an external source into the chat.

Disable Group/Sender name in notifications: Ticking this option will hide the name of the message sender in out-of-app notifications, such as the ones received on the device's lock screen. When this setting is ticked the 'Disable message preview in notifications' setting below is automatically ticked, too.

Disable message preview in notifications: Ticking this option will hide the preview of received messages in out-of-app notifications, such as the ones received on the phone's lock screen. The sender's name will still show unless the above policy is also ticked.