DMS Configuration Service Provider
4/8/2010
This Configuration Service Provider allows an OMA DM version 1.2 server to handle OMA DM account objects. The server can use this Configuration Service Provider to add a new account or to manage an existing account, including an account that was bootstrapped by using the w7 APPLICATION Configuration Service Provider.
This Configuration Service Provider is managed over the OMA DM protocol.
Note
Access to this Configuration Service Provider is determined by security roles. Because OEMs and mobile operators can selectively disallow access, ask them about the availability of this Configuration Service Provider. For more information about roles, see Security Roles and Default Roles for Configuration Service Providers.
Note
Use this Configuration Service Provider for OMA DM v1.2 servers. For information about changing an account using an OMA DM v1.1.2 server, see DMAcc Configuration Service Provider.
The following image shows the management object used by OMA DM.
.gif "Bb737562.d730ef95-c3e9-45ae-b607-22a0f7579391(en-us,MSDN.10).gif")
DMS
The root node of all OMA DM server account nodes that use the OMA DM v1.2 protocol..gif "Bb737562.security(en-us,MSDN.10).gif")
Security Note:Security roles for the DMAcc Configuration Service Provider and the DMS Configuration Service Provider should be synchronized. Because they share the same data store, having different roles could result in elevated privileges. The following table shows the default settings for the DMS Configuration Service Provider. The default security role maps to each subnode unless specific permission is granted to the subnode.
Data type
node
Access type
Get
Occurs
One
Roles allowed to query and update setting
Operator
Operator TPS
Manager
DMS/ <x>
A placeholder for zero or more OMA DM server accounts that use the OMA DM v1.2 protocol.For a w7 APPLICATION Configuration Service Provider bootstrapped account, this parameter is assigned a unique name by the DM Client. In Windows Mobile 6.5 powered devices, the unique name is the hexadecimal value of the SHA1 hash of the provider ID.
The DM server can change this node name in subsequent DM sessions.
Data type
node
Access type
Add, Get, Replace, Delete
Occurs
ZeroOrMore
Scope
Dynamic
DMS/ <x> /AppID
The application identifier for the OMA DM account. The supported value isw7.Data type
chr
Access type
Add, Get
Occurs
One
Scope
Dynamic
DMS/ <x> /ServerID
The server identifier for the current OMA DM account. Server IDs must be unique. This value is case-sensitive.Data type
chr
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /Name
The user-readable name of the application.Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /PrefConref
A reference to preferred connectivity. The expected entry is a URI to NAP management object or a connection GUID used by the device Connection Manager.If this node is missing, the device uses the default connection that is provided by device Connection Manager.
Data type
chr
Access type
Get, Add, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAddr
The DM server address. One address can be configured in Windows Mobile 6.5.Data type
node
Access type
Add, Get
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAddr/ <x>
A node that stores the address of the OMA DM account.When mapping the w7 APPLICATION Configuration Service Provider to the DMS Configuration Service Provider, the value of this parameter is 1. This is the first DM address encountered in the w7 APPLICATION Configuration Service Provider. Other DM accounts are ignored.
For more information about w7 APPLICATION Configuration Service Provider mapping, see Mapping Between w7 and DMS Configuration Service Providers.
Data type
node
Access type
Add, Get
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAddr/ <x> /Addr
The address of the OMA DM Account.Data type
chr
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAddr/ <x> /AddrType
Specifies the format and interpretation of the DMS/x/AppAddr/s/Addr node value. The valid values AddrType are:URI(default) andIPv4.Data type
chr
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAddr/ <x> /Port
The port object. Windows Mobile supports one port only.Data type
node
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAddr/ <x> /Port/ <x>
A placeholder to store port information. When mapping w7 APPLICATION Configuration Service Provider information, the value is 1. For information about this mapping, see Mapping Between w7 and DMS Configuration Service Providers.Data type
node
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAddr/ <x> /Port/ <x> /PortNbr
Specifies the port number to be used. Values are decimal numbers and must fit within the range of a 16-bit unsigned integer.Data type
chr
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /AAuthPref
A string-value that is used for application authentication preference. The valid values for this parameter are the names of the various possible SyncML authentication types, for example:syncml:auth-md5.If this node is present, the client uses this authentication type when connecting to the server.
The valid values are:
- BASIC
- DIGEST
If the value is empty, the default behavior is to indicate the authentication mechanism negotiated in the previous session if one exists. If the value is empty and no previous session exists, and if MD5 credentials exist, Windows Mobile clients try DIGEST (MD5) authorization first. If the criteria are not met then it tries BASIC authorization first.
Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAuth
A collection of authentication information.Data type
node
Access type
Add, Get
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAuth/ <x>
A placeholder for separating one or more authentication settings. When mapping w7 APPLICATION Configuration Service Provider settings to this object, the value of <x> is the same name as the AAuthLevel value (CLRED or SRVCRED).For more information about w7 APPLICATION Configuration Service Provider mapping, see Mapping Between w7 and DMS Configuration Service Providers.
Data type
node
Access type
Add, Get
Occurs
OneOrMore
Scope
Dynamic
DMS/ <x> /AppAuth/ <x> /AAuthlevel
Specifies the application authentication level. The valid values are:- CLCRED indicates that the credentials client will authenticate itself to the OMA DM server at the OMA DM protocol level.
- SRVCRED indicates that the credentials server will authenticate itself to the OMA DM Client at the OMA DM protocol level.
Data type
chr
Access type
Add, Get
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAuth/ <x> /AAuthtype
Specifies the authentication type. The valid values areBASICandDIGEST.When AAUTHLEVEL is CLCRED, the supported value is
BASICandDIGEST.When AAUTHELVEL is SRVCRED, the supported value is
DIGEST.Data type
chr
Access type
Add, Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /AppAuth/ <x> /AAuthName
Specifies the authentication name.Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAuth/ <x> /AAuthSecret
Specifies the authentication secret.Data type
chr
Access type
Add, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /AppAuth/ <x> /AAuthData
Specifies the authentication nonce.Data type
bin
Access type
Add, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /Ext
A node that stores extended parameters. This node holds vendor-specific information about the OMA DM account. This is created automatically when the OMA DM account is created.Data type
node
Access type
Get
Occurs
One
Scope
Dynamic
DMS/ <x> /Ext/Microsoft
Stores Microsoft-specific parameters. This is created automatically when the OMA DM account is created.Data type
node
Access type
Get
Occurs
One
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/BackCompatRetryDisabled
Specifies whether to retry resending a package with an older protocol version (for example, 1.1) in the SyncHdr (not including the first time).Valid values are:
FALSE: back compat retry is enabledTRUE: back compat retry is disabled
Data type
bool
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Default value
FALSE
DMS/ <x> /Ext/Microsoft/ConnRetryFreq
Specifies how many retries the DM client performs when there are Connection Manager level or wininet level errors.Data type
int
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Default value
3
DMS/ <x> /Ext/Microsoft/DefaultEncoding
Specifies whether the DM client will use WBXML or XML when communicating with the server. The valid values are:application/vnd.syncml.dm+xml(Default)application/vnd.syncml.dm+wbxml
Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/InitialBackOffTime
Specifies the initial wait time in milliseconds when the DM client retries for the first time. The wait time grows exponentially.Data type
int
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Default value
16000
DMS/ <x> /Ext/Microsoft/MaxBackOffTime
Specifies the maximum number of milliseconds to sleep after package-sending failure.Data type
int
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Default value
86400000
DMS/ <x> /Ext/Microsoft/ProtoVer
Specifies the OMA DM Protocol version that the server supports. No default value is assumed. Valid values for Windows Mobile 6.5 are1.1and1.2.The protocol version set by this node will match the protocol version that the DM client reports to the server in SyncHdr in package 1. If this node is not specified when adding a DM server account, the latest DM protocol version that the client supports is used. Windows Mobile 6.5 device clients support version 1.2.
Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/RoamingAware
This node specifies whether the connection is cellular roaming aware when the OMA DM client is scheduled to connect to the server using the Scheduler configuration service provider.Note
Roaming policy, defined by this node and the RoamingConnectFreqency node, does not impact server-initiated OMA DM sessions or any device-initiated DM session that is not opened by the Scheduler configuration service provider.
The valid values are:
FALSE(default): Schedule to open an OMA DM session is not cellular roaming aware. The DM client always connects to the server when the time scheduled in the Scheduler configuration service provider is reached.TRUE: Schedule to open an OMA DM session is cellular roaming aware.
Note
The value of the RoamingConnectFrequency node specifies whether the DM client will connect to the server and, if so, how frequently.
Data type
bool
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/RoamingConnectFrequency
This node specifies how frequently the DM client is called to connect to the server when the device is cellular roaming and the RoamingAware node value is TRUE. This node takes effect only if the device is roaming when the DM client tries to connect to the server at a particular scheduled time.Note
The actual OMA pulling intervals are determined by the following equation, where IntervalDuration is the IntervalDuration node in the Scheduler configuration service provider: RoamingConnectFrequency x IntervalDuration
Note
Roaming policy, defined by this node and the RoamingAware node, does not impact server-initiated OMA DM sessions or any device-initiated DM session that is not opened by the Scheduler configuration service provider.
Valid values include any positive integer. A value of 0 specifies that the device will never connect to the server when roaming. The default value is 4.
Data type
int
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/Role
Specifies the role mask that the DM session runs with when it communicates with the server. If this parameter is not present, the DM session is given the role mask of the DM session that the server created.Note
The acceptable access roles for this node cannot be more than the roles assigned to the DMS object.
Data type
chr
Access type
Get, Replace
Occurs
One
Scope
Dynamic
DMS/ <x> /Ext/Microsoft/SSLClientCertSearchCriteria
This node specifies the client certificate search criteria. This node supports search by subject attribute and certificate stores. If any other criteria are provided, it is ignored.The string is a concatenation of name/value pairs, each member of the pair delimited by the "&" character. The name and values are delimited by the "=" character. If there are multiple values, each value is delimited by the Unicode character "U+F000". If the name or value contains characters not in the UNRESERVED set (as specified in RFC2396), then those characters are URI-escaped per the RFC.
The supported names are Subject and Stores.
Stores specifies which certificate stores the DM client will search to find the SSL client certificate, system store or user store. If both the system and user store are specified in the parameter, then the client searches the system store first and then searches the user store if a valid certificate cannot be found in the system store. The store name is not case sensitive.
Valid store values are MY\
System, MY\User, MY\System%EF%80%80MY\User, MY\User%EF%80%80MY\SystemThe default store value is
System\MY.Note
"" needs to be escaped in SyncXML.
Note
%EF%80%80is the UTF8-encoded character U+F000.The Subject value specifies the certificate to search for.
Note
The SSLCLIENTCERTSEARCHCRITERIA value is case sensitive.
Data type
chr
Access type
Add, Get, Replace
Occurs
ZeroOrOne
DMS/ <x> /Ext/Microsoft/UseHWDevID
Specifies whether to use the hardware ID for the ./DevInfo/DevID parameter in the DM account to identify the device.The valid values are:
TRUE: the device ID will be provided at the ./DevInfo/DevID node and Source LocURI for the DM package that is sent to the server: IMEI is returned for a GSM device, the ESN for a CDMA device, and a GUID for a non-radio device. These values and their format are described in the DevInfo Configuration Service Provider.FALSE: an application-specific GUID is returned rather than the hardware device ID. This is the default value.
Note
Parent node roles for security permissions do not apply to this node.
Data type
bool
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
Roles allowed to query and update setting
Manager
Operator TPS
DMS/ <x> /Ext/Microsoft/UseNonceResync
Specifies whether the OMA DM client should use the nonce resynchronization procedure if the server trigger notification fails authentication.If the authentication fails because the server nonce does not match the server nonce that is stored on the device, then the device can use the backup nonce as the server nonce. For this procedure to be successful, if the device did not authenticate with the preconfigured nonce value, the server must then use the backup nonce when sending the signed server notification message.
The valid values are:
TRUE: The client initiates a DM session if the backup server nonce is received after authentication failed.FALSE: The client does not try to authenticate the notification with the backup server nonce if authentication to the stored nonce fails.
If this node is missing, the device does not use nonce resynchronization.
Data type
bool
Access type
Add, Get, Replace
Occurs
ZeroOrOne
Scope
Dynamic
For more information about the server nonce resynchronization, see OMA DM MD5 Authentication Nonce.
See Also
Concepts
Configuration Service Provider Reference for Windows Mobile Devices
DMAcc DDF File
DMAcc Configuration Service Provider Examples for OMA DM
w7 APPLICATION Configuration Service Provider