Workspace ONE UEM – The Connector
So I started this mini-series about setting up all the integration points, when starting (or doing a free trial testing) with Workspace ONE. The first post was about Workspace ONE Access (
vIDM) Connector, which is only one part of the integration needed for the full functionality of Workspace ONE UEM.
The second part is Workspace ONE UEM Connector (sometimes referred to as Airwatch Cloud Connector or just Cloud Connector). This component is used for integration with your on-prem:
- Email Relay (SMTP)
- Directory Services (LDAP/AD)
- Email Management Exchange 2010 and later (PowerShell method)
- Lotus Domino Web Service (HTTPS)
- Syslog (Event log data)
- Microsoft Certificate Services (PKI)
- Simple Certificate Enrollment Protocol (SCEP PKI)
- Third-party Certificate Services (on-premises only)
So let’s set up one. It’s straight forward.
The first question I typically get is where you can find the installation binaries for this component. Installation of Cloud Connector is always strictly tight to you Workspace ONE UEM infrastructure/tenant. There is no download for this component at my.vmware.com or my.workspaceone.com page.
You will need to open your Workspace ONE UEM console. Make sure you are at the company OG (for on-prem deployments) and also do it directly from the machine which should then become the Cloud Connector.
Navigate to Groups & Settings > All Settings > System > Enterprise Integration> Cloud Connector. You will see it disabled if this is your first time in this section.
Go ahead and Override settings on this page and enable both AirWatch Cloud Connector and also Auto Updates.
Now you will need to click save. Workspace ONE UEM will in the background generate certificates and an installer for you.
Click on Download AirWatch Cloud Connector Installed. Again do this directly from the machine where you will install the Cloud Connector do not download it somewhere else and transfer it. You will be prompted to choose a password. This password will be then used during the installation itself (after that it’s useless so don’t worry about it too much).
We are all set to start the actual installation. Run the downloaded file as an administrator.
Accept and Next.
I highly recommend sticking to the default location. It makes the troubleshooting way easier. Click Next.
Now you will need to insert the password you choose when you downloaded the installer from Workspace ONE UEM console. Click Next.
(Optional) If there is a proxy server needed to communicate with Workspace ONE UEM console over port HTTPS (443) you can specify it in this step. Click Next.
Acknowledge the TLS warning.
After the reboot, you should see an AirWatch Cloud Connector service up and running.
And if you click Test Connection in the Workspace ONE UEM console, you should get a green message stating “AirWatch Cloud Connector is active”.
There are two things you need to know. Where to find the log files, which is by default here: C:\VMware\AirWatch\Logs\CloudConnector\CloudConnector.log
And how to increase the logging level from INFORMATION to DEBUG in order to actually see something there, which is configured in the file: C:\VMware\AirWatch\CloudConnector\Bank#\CloudConnector.exe.config
Look for this line and set the level to “debug”:
<loggingConfiguration filePath="..\..\Logs\CloudConnector\CloudConnector.log" tracingEnabled="false" level="Information" logFileRollSize="10240" maxArchivedFiles="20"/>
There is no need to restart the service, changes will be applied immediately.
In the next post, we will focus on Active Directory integration and also how to set up AirWatch Cloud Messaging (AWCM), which is needed for on-prem deployments.