Product Documentation

Choosing Automated Actions Trigger Types

Dec 21, 2015

Triggers are the states, events or properties that cause an automated action to occur. There are four categories of triggers: Device Property, User Property, Applications, Event. Each trigger can contain multiple types.

The following table provides a few examples of triggers and trigger events.

Trigger Examples
Device Property Useful device properties you can use as triggers for automated actions:
  • Jailbroken or Rooted. If users jailbreak their device, you can set an action to notify the user and if the user does not undo the jailbreak in a given amount of time, selectively wipe the device.
  • Out Of Compliance. If a device is put into a state of being out of compliance, you can block that device from the SMG (and thus corporate email) and notify the user.
  • Passcode compliant. If this trigger's condition is false, then you can set the device to Out Of Compliance or selectively wipe the device.
  • Perimeter Breach. If the device leaves the geo-perimeter defined in an iOS geo-fencing policy, this condition can set and used to notify the user, wipe the device, and so on.
  • Many more: Look in the Automated Actions dialog to view all user properties.
User Property Useful user properties you can use as triggers for automated actions:
  • Active Directory failed login attempts. If an Active Directory user attempts to log in more times that allowed, you can notify the user that they will have to wait a certain time period before they can try to log in again.
Applications This trigger allows you to specify whether or not an app is installed on a device, by name, and then set an appropriate action such as notify or set the device as out of compliance.
Event The following system events can be used as triggers in automated actions:
  • Secure Mobile Gateway block. A user's device has been blocked by the Secure Mobile Gateway and the device lost access to your organization's email.
  • Device unmanaged. The device lost its ability to connect to and communicate with (and thus be managed by) the Device Manager server.
  • Device jailbroken. A user broke the iOS user agreement and warranty in order to install unauthorized software.
  • Device not blacklist or whitelist app compliant. A user's device breaks an app blacklist or whitelist policy, you can choose an action to perform.
  • Device revoked. The device has lost ability to connect to the Device Manager server.
  • Device international roaming. A user's device is roaming internationally.
  • Device domestic roaming. A user's device is roaming domestically.
  • Location perimter breach. A user's device has gone outside of a defined perimeter.
  • Location services disabled. The location services on a user's device is disabled.
  • Active Directory disabled. If you disable a user's Active Directory account, such as when an employee leaves a company.

Types of Automated Actions

The following list details the types of actions you can configure to occur automatically based on trigger type.

  • Selective Wipe. Clears organizational data from the device while retaining personal information and selected settings. The MDM profiles and all packages pushed by Device Manager to the device are removed. The device can, however, be re-enrolled at a future time.
  • Revoke. Revoking a device prohibits any further connection from the device. If the device attempts to connect to Device Manager, the MDM profile and all packages deployed to the device are removed. The device is barred from re-enrollment unless it is re-authorized by an administrator.
  • Set as Out Of Compliance. The device is given a property named Out of Compliance and the property is set to True. When a device is out of compliance (has this property set to true), then it appears in the Out of Compliance on the Dashboard Alerts widget.