VMware Workspace ONE Community
IanH3
Contributor
Contributor
‎10-21-2021 01:56 PM

Airwatch SEG Mac OS Native Mail

hello,

I have my secure email gateway up and running for my iOS and IPAD os devices.  Works great.  We have a handful of Mac's in our organization that I want to also manage through Airwatch however, i want to push the secure mail profile to these macs and use the native mail client in the same way i push the native mail client to my iPAD's / iPhones.

Does anyone know of a way to do this, as i have not been able to get it to work successfully.  From what i've been able to tell, airwatch doesn't support or allow for what i am trying to do, or there is a step that I am missing.

Any help is appreciated.

Thanks

Labels (1)
Labels
0 Kudos
3 Replies
somemdm
Enthusiast
Enthusiast
‎10-21-2021 02:42 PM

While I haven't done this specifically, I do know that the native mail app in MacOS requires EWS to be enabled on the SEG in order to sync (it won't sync using EAS).

On your SEG, edit the application.properties files and ensure that the following line has true on the end like this:

enable.boxer.ens.ews.proxy=true 

Then restart the SEG services.

Then you'll need a MacOS profile with 'Exchange Web Services' configured. Here is where I'm not certain how you you configure it but traditionally an EWS URL via SEG will be something like https://seg.domain.com/EWS/Exchange.asmx but you could try mucking around with 'Internal Exchange Host' and 'Internal Server path' using bits of the above URL (not really sure the format of this payload), but I'm sure you could find an example payload to use as reference somewhere on the Internet.

Cheers.

 

Tags (1)
0 Kudos
somemdm
Enthusiast
Enthusiast
‎10-21-2021 02:59 PM

And just to clarify, this is just a bit of guesswork, I'm not sure if this is supported by VMware.

But rather than starting with a payload, try configuring the native mail app manually once the SEG change has been done and see if it will actually work at all before trying with payloads.

0 Kudos
vardam01
Contributor
Contributor
‎11-15-2021 10:27 AM

Hi,

think you can achieve this by leveraging per-app VPN (if you have it configured). You would need to add the Mail app to the Device Traffic Rules etc and provide the domains that you would like to whitelist. 

Additionally, in your Mac VPN profile, you can provide the same domains in the mail domains section.

 

0 Kudos