Meet the application server prerequisites before installing the application server. The prerequisites listed here apply to any application server you plan to install.
A Workspace ONE UEM installation can involve many servers, and the exact specifications depend on the size and needs of your deployment. You may need to gather this information before proceeding so you size your servers correctly. Read through the Workspace ONE UEM Recommended Architecture Guide, available at docs.vmware.com., for hardware sizing information and other technical details that ensure the smooth operation of your Workspace ONE UEM solution.
Review all the network requirements as outlined in the Workspace ONE UEM Recommended Architecture Guide. These requirements include the firewall ports that must be opened for Workspace ONE UEM to function properly.
Ensure that you meet the following software requirements for the application servers:
- Internet Explorer 9+ installed on all application servers
- Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016
- 64-bit Java (JRE 1.8) server needed for the server on which AWCM is installed. The Java installer is packaged with the Workspace ONE UEM installer and installs automatically if it is not already present.
64-bit Java (JRE 1.8) installed on all app servers. The Java installer is packaged with the Workspace ONE UEM installer and installs automatically if it is not already present.
- .NET Framework 4.6.2. The .NET Framework 4.6.2 installer is packaged with the Workspace ONE UEM installer and installs automatically if it is not already present.
PowerShell version 3.0+ if you are deploying the PowerShell MEM-direct model for email. To verify your version, open PowerShell and run the command $PSVersionTable. More details on this and other email models are available in the Workspace ONE UEM Mobile Email Management Guide, available at docs.vmware.com.
- Microsoft SQL Server 2012 Native Client 11.3.6538.0 to run the database installer. If you do not want to install SQL Server 2012 Native Client, run the database installer from another UEM server (or a jump server) where Microsoft SQL Server 2012 Native Client 11.3.6538.0 can install.
- If you use Windows for SQL authentication, you must join application servers that talk to the database to the Windows user's domain. The Active Directory service account must have administrator-level permissions.
The Workspace ONE UEM servers can be configured with a proxy / PAC file for outbound Internet access. Apple APNs traffic, however, is not HTTP traffic, and cannot be authorized through traditional HTTP proxies. This traffic must go straight out to the Internet or through an application/SOCKS proxy.
If you are performing outbound proxying of APNs messages, your proxy application must support SOCKS V5.
SOCKS V4 and SOCKS V4a are not supported.
Install Role from Server Manager
Ensure that you meet the following IIS requirements, depending on your Windows Server version:
- IIS 7.0 (Server 2008 R2)
- IIS 8.0 (Server 2012 or Server 2012 R2)
- IIS 8.5 (Server 2012 R2 only)
- IIS 10.0 (Server 2016)
See additional information on the required roles and features under Configure your Application Servers.
RDP and VM Access to Application Servers
You must have remote access to the servers that Workspace ONE UEM is installed on. Verify this access before attempting to install Workspace ONE UEM servers.
Remote Desktop Connection Manager can be downloaded from the following link:
Verify you can connect using RDP to your application servers or appropriate VM hosts.
- Open Remote Desktop Connection:
- Start > Run
- Type mstsc
- Select OK
- Enter the IP address of the server and select Connect.
- Log in using credentials for the server. Verify a successful log-in.
Permissions of Workspace ONE UEM Service Accounts
The service account you create for Workspace ONE UEM needs the appropriate permissions to integrate with your back end systems. This can be one service account that has all required access. Verify connectivity between your Workspace ONE UEM service account and your backend systems.