Installation of the Configuration Mangier 2007 mobile device client on mobile devices requires the following:

• A properly configured Mobile Device Client Agent. For more information, see How to Configure the Mobile Device Client Agent.
  
  
• A mobile device client deployment folder containing all necessary client installation files. For more information, see How to Create a Folder for Mobile Device Client Deployment.
  
  
• A DMCommonInstaller.ini file or ClientSettings.ini file properly configured for your environment. For more information, see How to Edit the Mobile Device Client Configuration .ini File.
  
  

In addition, using Configuration Manager 2007 software distribution to install the device management client requires the following:

• One or more management points enabled for mobile device management. For more information, see How to Enable a Mobile Device Management Point.
  
  
• One or more distribution points enabled for mobile device management. For more information, see How to Enable Distribution Points to Support Mobile Devices.
  
  
• To target collections of Configuration Manager 2007 managed computers that synchronize with mobile devices the hardware inventory of those computers must be extended. For more information, see How to Distribute Inventory Extension to Client Desktop Computers for Mobile Device Management.
  
  

If your environment is configured for native mode or server authentication mode, certificate enrollment will be required. Certificate enrollment allows the mobile device user to use a certification authority (CA) to enroll a user authentication certificate. This certificate will be used for SSL authentication when the mobile device communicates with Configuration Manager 2007 servers and for registration in native mode. In order to be issued a certificate the user will need to authenticate to the CA one time during the client installation process. This may require a corporation network connection as most certification authorities are not exposed to the Internet. Enforcing certificate enrollment is configured in either ClientSettings.ini or DMCommonInstaller.ini using the CertEnrollAction=Enroll setting. For more information, see How to Edit the Mobile Device Client Configuration .ini File. The enrollment process can use the enrollment software included with Configuration Manager 2007 or enrollment software produced by the enterprise.

Once the files necessary are on the mobile device, the upgrade or installation process calls the DMInstaller_[platform].exe program. In order to be allowed to run on the device, DMInstaller_[platform].exe is signed with an unprivileged version of the Mobile2Market certificate.

Note
Signing does not apply to Windows Mobile Pocket PC 2003 or Windows CE devices.

The Mobile2Market unprivileged certificate will be trusted by most devices but will not have elevated permissions on the device. DMInstaller_[platform].exe then attempts to install the Microsoft Authenticode code-signing certificate in the privileged execution store and software publishing certificates (SPC) store of the mobile device. If the installation fails and the device is connected via an already managed Configuration Manager 2007 client, a status message will also be sent describing the failure. DMInstaller_[platform].exe will exit the installation process without calling the client setup files. An error log message will also be left on the device in the DMInstaller.log which reads "Access Denied (0x8007005)."

If the mobile operator or mobile device vendor has not restricted privileges on the mobile device and the Mobile2Market unprivileged certificate is trusted by the mobile device then the mobile device is assumed to be unlocked and available to be managed. The Microsoft Authenticode certificate will be installed with elevated privileges. DMInstaller_[platform].exe then calls DMClientSetup_[platform].exe which installs the mobile device management client on the mobile device.

The DMClientSetup.exe then exits and mobile device client installation is complete. For more information about how to verify mobile device installation, see How to Verify Mobile Device Client Installation or Upgrade.

The mobile device client setup program (DMClientSetup_[platform].exe) is used to install, update and uninstall the mobile device client on the mobile device. The client installation action is configured in either DMCommonInstaller.ini or ClientSettings.ini using the ClientInstallAction setting. The ClientInstallAction accepts three values:

• None - Reconfigure the client settings.
  
  
• Install - Installs the mobile device management client or upgrades the device management client if the mobile device client is older than the client deployed with the client installation package
  
  
• Uninstall - Remove the device management client
  
  

Mobile device management settings will be set depending upon the state of the mobile device client:

Note
Any Configuration Manager 2007 client settings on the mobile device that do not conform to the new client configuration will be overwritten by the newly installed settings. This includes any settings the user may have changed on the device

To repair a damaged mobile device client, uninstall the damaged mobile device client and then reinstall the mobile device client on the mobile device. For more information on uninstalling the mobile device client, see How to Remove the Mobile Device Client.

As client installation proceeds on the mobile device, log files are generated on the device. The log files can be used to confirm that the installation was completed. After successful client installation, the following log files can be found on the mobile device:

• DMInstaller[date:time].log
  
  
• DMClientSetup[date:time].log
  
  
• DMSvc[date:time].log
  
  
• DMCertEnroll[date:time].log will only be present if the mobile device client installation enrolled certificates.
  
  

For more information, see How to Configure Logging for Windows Mobile and Windows CE Devices.

The following reports can be used to verify the progress or success of mobile device client installation:

• Software Distribution Status Report for DM client install program
  
  
• Configuration Manager client computers reporting ActiveSync-connected devices Device Client
  
  
• Device Client Agent Deployment Status Details
  
  
• Device Client Agent Deployment Failure Report
  
  
• Device Client Agent Deployment Success Report
  
  
• Device Client Agent Health Summary
  
  
• Device Clients in Healthy condition
  
  
• Device Clients in unhealthy condition due to certificate issues
  
  
• Device Clients in unhealthy condition due to communication issues
  
  
• Device Clients in unhealthy condition due to local client issues
  
  

How to Manually Transfer and Install the Mobile Device Management Client

Provides the steps to create a client deployment package and manually install it on a mobile device.

How to Install the Mobile Device Management Client Using Software Distribution to a Desktop Computer Running ActiveSync or Mobile Device Center

Provides the steps to create a client transfer package and then distribute and install it via a Configuration Manager 2007 managed computer that synchronizes with a mobile device.

How to Upgrade the Mobile Device Management Client Over the Air

Provides the steps to create a client transfer package and then distribute and install it to Configuration Manager 2007 managed mobile devices.

How to Manually Install the Mobile Device Client via ActiveSync or Mobile Device Center Synchronization

Provides the steps to create a client deployment package and then install it via a computer that synchronizes with mobile devices.

Concepts

Other Resources