Bootstrapping To Use an OMA Client Provisioning Server
4/8/2010
The mobile operator can provision the device with an OMA Client Provisioning Trusted Provisioning Server (TPS) and a privileged Push Proxy Gateway (PPG) used by the TPS for continuous provisioning. You can use the XML example in this section as a template. After the device is bootstrapped, the message coming from the TPS will be granted the Manager role, and WAP Push will still be the mechanism for continuous provisioning.
A mobile operator can also set other data connectivity information in the device's configurable settings in this bootstrap message.
For the default parameters that can be changed by TPS and the manager, see the Windows Mobile 6 Documentation on MSDN. For a device to accept a message from the TPS, the TPS must use a provisioned, privileged PPG to push continuous provisioning XML to the device through Short Message Service (SMS). Also, the PPG should authenticate the push initiator (TPS) and inform the device by using a Push-Flag header. The push initiator header should be used to provide the URL of the TPS.
Note
After this bootstrap process, user-PIN-signed WAP push messages will be accepted if they originate from a privileged PPG and the PPG authenticated the push initiator.
The user authenticated message can be:
- Input from the user interface.
- Data sent through RAPI if the default RAPI policy is not changed.
- WAP push messages that are signed with a user PIN.
The device can be bootstrapped with this provisioning document through any of the following methods:
- Provisioning Using a ROM Configuration XML File
- Provisioning OTA Through a WAP Push once OTA bootstrap is enabled.
- Provisioning From a Desktop Computer Using Remote API and ActiveSync once RAPI bootstrap is enabled.
Code Example
The following XML example bootstraps the device with a WAP push gateway, a Trusted Provisioning Server URL for continuous provisioning. The message coming from the OMA Client Provisioning TPS will be granted the Manager role after the device is bootstrapped.
<wap-provisioningdoc>
<!-- The following XML is needed ONLY if the bootstrap message is sent over the air over WAP push -->
<characteristic type="BOOTSTRAP">
<parm name="PROVURL" value="https://www.thephone-company.com/TPS" />
</characteristic>
<!-- Provide a privileged WAP push gateway's SMS address -->
<characteristic type="PXLOGICAL">
<parm name="NAME" value="WAP Push Gateway"/>
<parm name="PROXY-ID" value="163.187.21.3"/>
<parm name="TRUST"/>
<characteristic type="PXPHYSICAL">
<parm name="PHYSICAL-PROXY-ID" value="Push Gateway 1"/>
<!-- The push gateway's SMS address -->
<parm name="PXADDR" value="9201612"/>
<parm name="PXADDRTYPE" value="E164"/>
<parm name="PUSHENABLED" value="1"/>
<parm name="TO-NAPID" value="SMS NAP"/>
</characteristic>
</characteristic>
<!--Provide the NAPDEF for the PPG. This will be ignored by the device though because the default SMSC number stored in a SIM card will be used for all incoming SMS messages. -->
<characteristic type="NAPDEF">
<parm name="NAPID" value="SMS NAP"/>
<parm name="NAME" value="SMS Connection"/>
<parm name="NAP-ADDRESS" value="+12345550150"/>
<parm name="BEARER" value="GSM-SMS"/>
</characteristic>
<!-- Must change grant manager policy (4119) if this bootstrap message is sent over RAPI so that the message that is assigned the TPS role will be granted as the device manager by updating the following policy. After bootstrapping must change the grant manager policy so that RAPI messsage no longer has the device manager role -->
<characteristic type="SecurityPolicy">
<parm name="4119" value="128"/>
</characteristic>
<!-- The following xml is only required when this bootstrap message is sent over WAP Push via SMS. Must change grant manager policy (4119), OMA CP NETWPIN Policy (4141), OMA CP USERPIN Policy (4142), OMA CP USERNETWPIN Policy (4143) if this bootstrap message is sent OTA through WAP Push so that the message that is assigned OPERATOR_TPS role will be granted as the device manager and pure user pin signed, network pin signed, or user-network pin signed WAP push provisioning message from untrusted source is disallowed-->
<characteristic type="SecurityPolicy">
<parm name="4119" value="128"/>
<parm name="4141" value="3200"/>
<parm name="4142" value="3200"/>
<parm name="4143" value="3200"/>
</characteristic>
<!-- Any other configuration data put in a bootstrap message such as HTTP proxy, synchronization settings, e-mail settings, etc. See the SDK API Reference for a complete list. -->
</wap-provisioningdoc>
Remarks
For information about the provisioning file syntax for different OMA Client Provisioning versions, see OMA Client Provisioning Files.
See Also
Reference
NAPDEF Configuration Service Provider
PXLOGICAL Configuration Service Provider
SecurityPolicy Configuration Service Provider
BOOTSTRAP Configuration Service Provider