We use AirWatch as our Mobile Device Management platform, & recently we launched the “Self Service Portal” to our user base.
This also coincided with restructuring our AirWatch SaaS instance, after which we noticed that devices could only be seen that we enrolled into the new organisation group. But we only had 20 devices in this new structure, with 500 enrolled on the old. So those that were on the old structure would see the below when logging into the “Self Service Portal.”
AirWatch uses a strict hierarchical system throughout, you can apply things a level to all enclosed organisation group’s. But not to same level or sibling organisation group’s. Our users accounts were being brought into the AirWatch console via the “AirWatch Cloud Connector” at the root organisation group, so there was no issue there.
The issue was that, even though we had an “AirWatch Cloud Connector” at the root organisation group that had “Self Service Portal” enabled as well as “Directory Service”, we changed our “Simplified Enrolment” to point from one child organisation group to another of the same level.
So when logging into the “Self Service Portal” via the URL: https://<yourAirWatchConsoleURL>/MyDevice, it would prompt for an email address (replace yourAirWatchConsoleURL with your Console URL):
With “Simplified Enrolment” enabled, (which I thought was only applicable during enrolment), the same organisation group auto discovery process is used by the “Self Service Portal.”
Therefore when re-setting up “Simplified Enrolment”onto this new structure, anyone authenticating to the “Self Service Portal” were then being taken to view all devices for the account logging in at the new structure ‘s organisation group, which as it was a sibling to the old structure would then not show their devices.
The solution is to get the Group ID of your root organisation group then change the “Self Service Portal” URL used before to: https://<yourAirWatchConsoleURL>/MyDevice?=<groupID> (replacing yourAirWatchConsoleURL & groupID accordingly).
The “Self Service Portal” should load, but instead of asking for the users email address, it will ask for their Username & Password.
Users logging in will then be able to see all their devices from the root organisation group down, which for use meant those devices that are on both the old & new structure.