I'm using Nordic Mesh 2.2.0 Lightswitch example.
is there possibility of controlling the mesh from a Mobile application which is not a provisioner (basically not part of the mesh n/w )
For example: I have provisioned and configured lights and switches at home through my mobile phone (provisioner). When I am not at home other person of family has to control the lights with their phone which is not part of the mesh, and I hope we cannot have two devices as provisioners. So in this case what is the alternative !!
You can control the Mesh from a Mobile application using the proxy feature. Letting your phone act as a proxy client it will have an address in the network and acts like any other mesh device, but sends all its mesh communication over a BLE connection to a Proxy Server, which relays it into the mesh. You can't do this with nRF Mesh at the moment so you have to develop your own app.
I will also suggest you to have a look at the SDK UART coexistence example and Integrating Mesh into nRF5 SDK examples, this will allow you to create a BLE link and send messages over UART.
Is it like the mobile application also has to be provisioned when all the lights and switches are provisioned?
No, you don't have to provision it.
can you please elaborate this. Because as par as my understanding goes, the unprovisioned devices cannot communicate in the mesh. How can the security be given if any mobile application could control my lighting setup?
What I meant was that you don't necessarily have to provision the mobile application. For a device to be able to communicate in the mesh network, they will need to have access to the network key and app key.
To get access to these keys, you can either provision the phone or share these keys some other way. In this case your family won't have access to the provisioner. A solution could be instead of storing the provisioning data locally on the phone, it can be stored on a cloud solution for example. You can then have an app that have access to this cloud and get a hold of the keys. The important part is to have some sort of authentication in the app, so that not anybody can access the cloud and get the keys.