Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.13
  3. Installation and Configuration
  4. Configuration
  5. Simplifying Windows 10 activations
  6. Deploy a discovery service to simplify Windows 10 activations

Deploy a discovery service to simplify 
Windows 10
 activations

The following steps describe how to deploy the discovery service web application in the environment described below.
Verify that the following software is installed and running in your environment:
  • Windows Server
     2012 R2
  • Java
     JRE 1.8 or later
  • Apache Tomcat
     8 Version 8.0 or later
  1. Configure a static IP address for the computer that will host the discovery service.
    If you want to allow users to activate devices when they are outside of your organization's network, the IP address must be externally accessible on port 443.
  2. Create a DNS Host A record for the name 
    enterpriseenrollment.<
    email_domain
    >
     that points to the static IP address that you configured in Step 1.
  3. In the directory where you installed 
    Apache Tomcat
    , search the server.xml file for 
    8080
     and apply comment tags as shown in the example below:
    <!--
    <Connector port="8080" protocol="HTTP/1.1"
    connectionTimeout="20000"
    redirectPort="8443" />
    -->
  4. Search 
    server.xml
     and change all instances of 
    8443
     to 
    443
  5. Search for the 
    <Connector port="443"
     section, remove the comment tags above and below, and modify it as shown in the example below:
    <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
    maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
    clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Users\<
    account _name
    >\.keystore" />
  6. While logged in as the account you specified in the example above, generate a certificate by running the two commands shown in the example below. When asked for your first and last name, type 
    enterpriseenrollment.<
    email _domain
    >
     as shown in the step result below:
    filename
    >.csr
    changeit
    
    What is your first and last name?
      [Unknown]:  
    enterpriseenrollment.example.com
    
    What is the name of your organizational unit?
      [Unknown]:  
    IT Department
    
    What is the name of your organization?
      [Unknown]:  
    Manufacturing Co.
    
    What is the name of your City or Locality?
      [Unknown]:  
    Waterloo
    
    What is the name of your State or Province?
      [Unknown]:  
    Ontario
    
    What is the two-letter country code for this unit?
      [Unknown]:  
    CA
    
    Is CN=enterpriseenrollment.example.com, OU=Business Unit, O=Example Company, L=Waterloo, ST=Ontario, C=CA correct?
      [no]:  
    yes
    
    
    C:\Program Files (x86)\Java\jre1.8.0_60\bin>keytool -certreq -alias tomcat -keyalg RSA -file <enterpriseenrollment.example.com>.csr
    Enter key password for <enterpriseenrollment.example.com>
            (RETURN if same as keystore password):
  7. Send the certificate signing request to a certification authority. The certification authority will send back a .p7b file. For the example above, the certification authority would return the file 
    enterpriseenrollment.example.com.p7b
    .
    • If you send the certificate signing request to a major external certification authority, users should not have to take any additional action to trust this certificate during the activation process.
    • If you send the certificate signing request to an internal certification authority, users must install the CA certificate on the device before starting the activation process.
  8. Install the certificate using the command shown in the example below:
    C:\Program Files (x86)\Java\jre1.8.0_60\bin>keytool -import -trustcacerts -alias tomcat -file <
    filename
    >.p7b
  9. Stop 
    Apache Tomcat
    .
  10. Visit myAccount to download the Auto Discovery Proxy Tool. Extract the contents of the .zip file and run 
    W10AutoDiscovery-
    <version>
    .exe
    .
    The .exe file will extract the file 
    W10AutoDiscovery-
    <version>
    .war
     to 
    C:\BlackBerry
    .
  11. In the directory where you installed 
    Apache Tomcat
    , check for the folder 
    \webapps\ROOT
    . If it already exists, delete the 
    \ROOT
     folder.
  12. Rename 
    W10AutoDiscovery-
    <version>
    .war
     as 
    ROOT.war
    . Move it to the folder 
    \webapps
     in the directory where you installed 
    Apache Tomcat
  13. Start 
    Apache Tomcat
    .
    Apache Tomcat
     will deploy the new webapp and create a 
    \webapp\ROOT folder
  14. Run notepad.exe as an administrator. In the directory where you installed 
    Apache Tomcat
    , open 
    \webapps\ROOT\WEB-INF\classes\config\wdp.properties
    .
  15. Add the Host ID for your 
    BlackBerry UEM
     domain to the line 
    wdp.whitelisted.srpid
     as shown in the example below. You can find the Host ID for your 
    BlackBerry UEM
     domain in the 
    BlackBerry UEM
     management console. If you have multiple 
    BlackBerry UEM
     domains, specify the Host ID for each one. Perform the following actions:
    1.  On the menu bar, click 
      Settings > Licensing > Licensing summary
      .
    2. Click 
      Activate licenses
      .
    3. In the 
      Licensing activation method
       drop-down list, click 
      Host ID
      .
    wdp.whitelisted.srpid=<
    Host ID
    >, <
    Host ID
    >, <
    Host ID
    >
  16. Restart 
    Apache Tomcat
    .