Mobile device management profile distribution
First Claim
1. A method performed by data processing apparatus, the method comprising:
- receiving, from each of a plurality of client devices, a respective first request for access to a respective first network resource, the first network resource corresponding to one of a plurality of restricted resources accessible only by devices enrolled with a mobile device management system, which enrollment occurs when each of the devices receives a mobile device management profile from the device management system, and the device management profile configures a proxy setting of the corresponding device;
determining, for each of the client devices, whether the respective first request to access the respective first network resource includes an address of a predetermined proxy server;
for each client device in a first subset of the client devices;
determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server;
determining that the client device is not enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server;
preventing, based on determining that the client device is not enrolled with the mobile device management system, the client device from accessing the respective first network resource;
providing to the client device, based on determining that the client device is not enrolled with the mobile device management system, a redirect to a mobile device management resource that is different from the respective first network resource;
providing instructions for presentation of a user interface to the client device, the provided instructions relating to the mobile device management resource and comprising a user notification regarding the mobile device management profile; and
enrolling the client device with the mobile device management system, the enrolling comprising providing the mobile device management profile to the client device; and
for each client device in a second subset of the client devices different than the first subset;
determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server;
determining that the client device is enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; and
allowing the client device access to the first network resource based on determining that the client device is enrolled with the mobile device management system.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on computer storage media, for automated mobile device management profile distribution. One of the methods includes receiving a first request for access to a first network resource from a client device, the first network resource corresponding to one of a plurality of restricted resources accessible only by devices enrolled with a mobile device management system, determining that the client device is not enrolled with the mobile device management system, preventing the client device access to the first network resource, providing to the client device a redirect to a mobile device management resource that is different from the first network resource, providing instructions for presentation of a user interface to the client device, and enrolling the client device with the mobile device management system, the enrolling comprising providing a copy of the mobile device management profile to the client device.
-
Citations
27 Claims
-
1. A method performed by data processing apparatus, the method comprising:
-
receiving, from each of a plurality of client devices, a respective first request for access to a respective first network resource, the first network resource corresponding to one of a plurality of restricted resources accessible only by devices enrolled with a mobile device management system, which enrollment occurs when each of the devices receives a mobile device management profile from the device management system, and the device management profile configures a proxy setting of the corresponding device; determining, for each of the client devices, whether the respective first request to access the respective first network resource includes an address of a predetermined proxy server; for each client device in a first subset of the client devices; determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; determining that the client device is not enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; preventing, based on determining that the client device is not enrolled with the mobile device management system, the client device from accessing the respective first network resource; providing to the client device, based on determining that the client device is not enrolled with the mobile device management system, a redirect to a mobile device management resource that is different from the respective first network resource; providing instructions for presentation of a user interface to the client device, the provided instructions relating to the mobile device management resource and comprising a user notification regarding the mobile device management profile; and enrolling the client device with the mobile device management system, the enrolling comprising providing the mobile device management profile to the client device; and for each client device in a second subset of the client devices different than the first subset; determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; determining that the client device is enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; and allowing the client device access to the first network resource based on determining that the client device is enrolled with the mobile device management system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer storage medium encoded with instructions that, when executed by one or more computers, cause the one or more computers to perform operations comprising:
-
receiving, from each of a plurality of client devices, a respective first request for access to a respective first network resource, the first network resource corresponding to one of a plurality of restricted resources accessible only by devices enrolled with a mobile device management system, which enrollment occurs when each of the devices receives a mobile device management profile from the device management system, and the device management profile configures a proxy setting of the corresponding device; determining, for each of the client devices, whether the respective first request to access the respective first network resource includes an address of a predetermined proxy server; for each client device in a first subset of the client devices; determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; determining that the client device is not enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; preventing, based on determining that the client device is not enrolled with the mobile device management system, the client device from accessing the respective first network resource; providing to the client device, based on determining that the client device is not enrolled with the mobile device management system, a redirect to a mobile device management resource that is different from the respective first network resource; providing instructions for presentation of a user interface to the client device, the provided instructions relating to the mobile device management resource and comprising a user notification regarding the mobile device management profile; and enrolling the client device with the mobile device management system, the enrolling comprising providing the mobile device management profile to the client device; and for each client device in a second subset of the client devices different than the first subset; determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; determining that the client device is enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; and allowing the client device access to the first network resource based on determining that the client device is enrolled with the mobile device management system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system comprising:
one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising; receiving, from each of a plurality of client devices, a respective first request for access to a respective first network resource, the first network resource corresponding to one of a plurality of restricted resources accessible only by devices enrolled with a mobile device management system, which enrollment occurs when each of the devices receives a mobile device management profile from the device management system, and the device management profile configures a proxy setting of the corresponding device; determining, for each of the client devices, whether the respective first request to access the respective first network resource includes an address of a predetermined proxy server; for each client device in a first subset of the client devices; determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; determining that the client device is not enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource does not include the address of the predetermined proxy server; preventing, based on determining that the client device is not enrolled with the mobile device management system, the client device from accessing the respective first network resource; providing to the client device, based on determining that the client device is not enrolled with the mobile device management system, a redirect to a mobile device management resource that is different from the respective first network resource; providing instructions for presentation of a user interface to the client device, the provided instructions relating to the mobile device management resource and comprising a user notification regarding the mobile device management profile; and enrolling the client device with the mobile device management system, the enrolling comprising providing the mobile device management profile to the client device; and for each client device in a second subset of the client devices different than the first subset; determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; determining that the client device is enrolled with the mobile device management system based on determining that the respective first request to access the respective first network resource includes the address of the predetermined proxy server; and allowing the client device access to the first network resource based on determining that the client device is enrolled with the mobile device management system. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
Specification