UEM
      Back to home
      1. Knowledge Base
      2. Settings
      3. UEM

      UEM Connection and functions

      The article below will provide instructions on how to connect your UEM environment to the Bluewater Connect platform. Along with how to use all the associated features.

      Connecting your UEM platform will allow the following updates to take place automatically and allow you to perform the listed actions from within Bluewater.

      Features Available:

        • Device Sync - This option will retrieve all device details from UEM to populate the Bluewater database with a rich dataset. This will also provide basic controls such as passcode wipe, enterprise lock etc. (No additional setup required)

        • User Sync - This option will retrieve all user details from UEM to populate the Bluewater database, working as a direct AD sync to remove the need for manual creation via the UI. (If you already have user records in Bluewater, additional setup will be required before enabling this option. See step 6 below for details)

        • Service Relationship - This option works in combination with Device and/or User Sync, When enabled, it will retrieve all available service number details from UEM and update the service to device/user allocations in Bluewater using the assignments from UEM.

        • User Relationship - This option works in combination with Device and/or User Sync, When enabled, it will retrieve all available user allocation details from UEM and update the user to device/service allocations in Bluewater using the assignments from UEM. (Additional Mapping Required, See step 6 below for details)

        • Group Filtering User/Device - This option works in combination with Device and/or User Sync. By allowing you to input the group IDs from your UEM system to filter the entity records synced into Bluewater. This is often used when you have multiple departments under the same UEM environment and you only want to sync one or two into Bluewater, adding those departments' group ID's will ensure only those devices/users are synced into Bluewater.

        • Device Actions - This option works in combination with Device sync and will allow for the ability to trigger write actions for devices in your UEM via Bluewater, such as: Enterprise wipe, Reset passcode, Disable Lost Mode, Lock device. 

        • Exclude Device Name from Update from manufacturers (Intune Only) - This option will allow you to choose whether you want to keep the Bluewtater model names or have them updated from UEM as the source of truth. To keep the Bluewater Model names, input the manufacturer of the devices you don't want to be overwritten i.e Samsung, Apple. 


      Setup Requirements:

      1. To connect your UEM system to your Connect portal, please select and follow the relevant guide below to set up the required configuration in your UEM tenancy:

      2. Once you have completed the steps in the guide, you will have a set of credentials that can be added to the UEM configuration in your Connect portal to enable the sync, these details should be as follows:

        1. For Intune, you will have:

          • Application/Client ID (Client ID)

          • Client Secret (Client Secret)

          • Publisher Domain (Tenant ID)

        2. For Omnissa, you will have:

          • Username (UEM Username)

          • Password (UEM Password)

          • API Key (Tenant Code)

          • Console URL (REST API URL)

      3. Now you have the required credentials, log in to your Bluewater Connect portal, navigate to ''Portal Settings > UEM'', then select the relevant UEM provider from the drop-down list and the configuration type (the default is ‘'Basic’' for Airwatch and ‘'Client Credentials’' for Intune).

      4. Once on the relevant page, input the credentials into the fields available, enabling only ‘'Device Sync'' as the default option.

      5. Once all fields are populated and the options are selected, click ‘'SAVE’' and then ‘'Test Integration’'. You should see a green banner stating the test was successful, and the ‘'Network Status’' and ‘'Sync Status’' will show ‘'Success’'.

        The connection is now established and will sync every 3hrs for Intune and every 24hrs for Airwatch. Proceed to the last step.

      6. If you would like to enable User Sync & User Relationship Sync, please ensure you complete the required mapping as advised below:

        1. In order to connect the UEM User record to the Bluewater User record, the ''external ID'' on the user profile in Bluewater for each record needs to be populated with the UUID/MDM Username exported from your UEM system. If you are unsure how to complete this step, please reach out to your Bluewater CSM or request assistance via customersupport@bluewatercontrol.com 
        2. Once all existing users are updated, you can now navigate to ''Portal Settings > UEM'' and enable the ''Sync User'' & ''Sync User Relationships'' options in the Connect portal. 

      Important: Any existing user in Bluewater that isn't mapped as per above will result in a duplicate record being created in Bluewater from UEM sync.