Share via


Desktop Configuration Tool

4/8/2010

One way to provision a device, including during the bootstrap process, is to push the XML provisioning file to the device over ActiveSync. You accomplish this by using the desktop configuration tool (rapiconfig.exe). You pass the name of the XML configuration file to this command-line tool.

Note

The Remote API Security policy (4097) is set to RESTRICTED by default and should not be changed.

  • Rapiconfig.exe is located in the tools directory of the Windows Mobile Professional SDK and the Windows Mobile Standard SDK .

Note

The tool in previous versions of the SDKs differ slightly. For information, about the differences, see RapiConfig.exe.

By default, RAPI calls are in restricted mode, which means they are processed according to the ActiveSync security role. By default, the ActiveSync security role is User Authenticated, and all resource requests are checked against this role mask before they are granted. **

For information about the benefits and drawbacks of provisioning using RAPI and ActiveSync, see Provisioning From a Desktop Computer Using Remote API and ActiveSync.

The OEM can enable Remote API (RAPI) bootstrapping by setting the Grant Manager Policy to allow the device to accept RAPI messages with MANAGER privileges. For more information about this, and how a Mobile Operator can bootstrap the device and then change the policies back to a more secure setting, see Enabling Remote API (RAPI) Bootstrapping.

Finally, you can use rapiconfig.exe to get or set the security configuration of a device from the desktop computer. You must have sufficient permissions to get or set the security configuration. For more information, see Testing How an Application Will Behave Under Different Security Configurations.

See Also

Tasks

Adding XML by using the Desktop Configuration Tool

Concepts

Provisioning From a Desktop Computer Using Remote API and ActiveSync
RapiConfig.exe

Other Resources

Security Best Practices for Windows Mobile Devices