Open Source Mobile Device Management?

fausp · March 8, 2019, 6:07am

Any news abt MDM on Nethserver 7.6 ?

robb · March 8, 2019, 7:03am

With php-scl it should be possible to use php7 with glpi. It would be great to have a full blown MDM feature, especially in a BYOD environment.

LayLow · March 8, 2019, 7:18am

I believe the real issue is:

mrmarkuz · March 8, 2019, 11:10pm

Oh, I forgot about that. I am going to give it another try the next days…

stephdl · March 9, 2019, 5:54am

It is probably possible to use the specific port or the different tcp socket of mariadb scl :-?

mrmarkuz · March 12, 2019, 11:24pm

OMG, I tried to connect to localhost:3312 and that’s not possible, I didn’t read the wiki page carefully enough.
With giving the glpi mariadb user access to server.domain.local the connection worked.
I also updated the used PHP from 5.6 to 7.1.

wget https://github.com/glpi-project/glpi/releases/download/9.4.0/glpi-9.4.0.tgz
tar -xzf glpi-9.4.0.tgz
mv glpi /usr/share/
# Set owner to apache
chown -R apache:apache /usr/share/glpi
# Create httpd conf for glpi
cat << EOF > /etc/httpd/conf.d/glpi.conf
Alias /glpi /usr/share/glpi
<Directory /usr/share/glpi>
  Require all granted
  <FilesMatch \.php$>
     SetHandler "proxy:fcgi://127.0.0.1:9001"
  </FilesMatch>
</Directory>
<Directory /usr/share/glpi/files>
  Order Deny,Allow
  Deny from all
  Allow from 127.0.0.1
  Allow from ::1
  Allow from localhost
</Directory>
EOF
# Install Nethserver rh-php71 and extensions and mariadb 10.2 from stephdl repo
yum install http://mirror.de-labrusse.fr/NethServer/7/x86_64/nethserver-stephdl-1.0.7-1.ns7.sdl.noarch.rpm
yum -y install nethserver-rh-php71-php-fpm rh-php71-php-mysqlnd rh-php71-php-mbstring rh-php71-php-gd rh-php71-php-ldap rh-php71-php-imap rh-php71-php-opcache rh-php71-php-xmlrpc nethserver-rh-mariadb102

Please change server.domain.tld to fit your servername and SECRET to have a more secure password.

# Create database and user
mysql102
create database glpi;
grant all privileges on glpi.* to glpi@server.domain.tld identified by 'SECRET';
exit;
# Restart services
systemctl restart httpd
systemctl restart rh-php71-php-fpm

Browse to https://NETHSERVER/glpi and go through the install. Enter server.domain.tld:3312 in the DB host field and the DB user credentials.

fausp · March 13, 2019, 9:19am

Thank you Markus, GLPI is installed… Can someone help me please, with the next steps for MDM ?

edit:
Do we need Fusion Inventory also, or just Flyve MDM for GLPI ?

mrmarkuz · March 13, 2019, 1:28pm

Yes, Fusion Inventory is needed:

https://flyvemdm-doc.readthedocs.io/en/latest/installation/fusioninventory.html

fausp · March 13, 2019, 4:30pm

OK I am here now in the config wizzard:

Which user should I use? I guess apache?

mrmarkuz · March 13, 2019, 11:36pm

Yes, like here but the php path should be changed to use 7.1.
/opt/rh/rh-php71/root/usr/bin/php

fausp · March 14, 2019, 7:18am

OK, thank you. I am here now:

I guess I have to install mosquitto via yum first. Is the rest of the commands OK?

mrmarkuz · March 14, 2019, 10:03am

For the mysql commands you have to use mysql102 -e "..." as glpi doesn’t use the default mysql server.

Same for the path to create the flyvemdm.cnf file, for mariadb102 it’s /etc/opt/rh/rh-mariadb102/my.cnf.d/

LayLow · March 14, 2019, 10:28am

Or better yet, the RH way: scl enable php71 ‘command to execute’

fausp · March 14, 2019, 11:07am

mrmarkuz · March 14, 2019, 11:13am

You don’t need the -h option.
I think you have to replace gpli-database-name with glpi.

fausp · March 14, 2019, 11:16am

[root@mdmsrv01 ~]# mysql102 mdmsrv01.mydomain.lan -u mosquitto -p -e "select * from \`glpi\`.\`glpi_plugin_flyvemdm_mqttusers\`;"
Enter password:
ERROR 1045 (28000): Access denied for user 'mosquitto'@'localhost' (using password: YES)

What abt the port 3312 ?

mrmarkuz · March 14, 2019, 11:27am

I assume you have everything on one Nethserver or do you run mosquito and glpi on different servers?
The command mysql102 uses the right mariadb102 so you don’t have to care about the port. Did you enter the correct password for mosquito you set before?

Please try:

mysql102 -u mosquitto -p -e "select * from \`glpi\`.\`glpi_plugin_flyvemdm_mqttusers\`;

Another try:

Recreate the mariadb user with mosquitto@localhost instead of mosquitto@mqtt.server.ip.

fausp · March 14, 2019, 12:47pm

mysql102 -e "CREATE USER 'mosquitto'@'localhost' IDENTIFIED BY 'MyPassWord';"

mysql102 -e "GRANT SELECT ON glpi.glpi_plugin_flyvemdm_mqttusers TO 'mosquitto'@'localhost';"

mysql102 -e "GRANT SELECT ON glpi.glpi_plugin_flyvemdm_mqttacls TO 'mosquitto'@'localhost';"

mysql102 -h localhost -u mosquitto -p -e "select * from \`glpi\`.\`glpi_plugin_flyvemdm_mqttusers\`;"

Enter password:
+----+------------------+-----------------------------------------------------------------------------------------------------+---------+
| id | user             | password                                                                                            | enabled |
+----+------------------+-----------------------------------------------------------------------------------------------------+---------+
|  1 | flyvemdm-backend | PasswordPasswordPasswordPasswordPasswordPasswordPasswordPasswordPasswordPasswordPasswordPasswordPas |       1 |
+----+------------------+-----------------------------------------------------------------------------------------------------+---------+

fausp · March 14, 2019, 12:49pm

???

mrmarkuz · March 14, 2019, 1:01pm

I’d replace apt-get with yum and give it a try.