Desktop Configuration ToolSend Feedback
One way to provision a device, including during the bootstrap process, is to push the XML provisioning file to the device over ActiveSync. You accomplish this by using the desktop configuration tool (rapiconfig.exe). You pass the name of the XML configuration file to this command-line tool.
Note The Remote API Security policy (4097) is set to RESTRICTED by default and should not be changed.
Rapiconfig.exe is located in the tools directory of the following SDKs:
- Windows Mobile 2003 SDK for Smartphones
- Windows Mobile 2003 SDK for Pocket PC
- Windows Mobile Version 5.0 SDK and later.
Note The tool in these SDKs differs slightly. For information about the differences, see RapiConfig.exe.
By default, RAPI calls are in restricted mode, which means they are processed according to the ActiveSync security role. By default, the ActiveSync security role is User Authenticated, and all resource requests are checked against this role mask before they are granted. For more information, see RAPI Restricted Mode Security.
For information about the benefits and drawbacks of provisioning using RAPI and ActiveSync, see Provisioning From a Desktop Computer Using Remote API and ActiveSync.
The OEM can enable Remote API (RAPI) bootstrapping by setting the Grant Manager Policy to allow the device to accept RAPI messages with MANAGER privileges. For more information about this, and how a Mobile Operator can bootstrap the device and then change the policies back to a more secure setting, see Enabling Remote API (RAPI) Bootstrapping.
Finally, you can use rapiconfig.exe to get or set the security configuration of a device from the desktop computer. You must have sufficient permissions to get or set the security configuration. For more information, see Testing How an Application Will Behave Under Different Security Configurations.
Send Feedback on this topic to the authors