Disable Windows,ios and android phone upgrades/updates.Auto push app update and to eliminate the same pop-up in devices
Hope you are doing well.
How can we disable windows phone,ios and android phone upgrades from air watch console.
Also how can we push app update from air watch console for windows,ios and android phone from air watch console.
How can we eliminate auto push app update on windows,ioas and android phone.
Required your kind assistance please.
We have an always-on IKEv2 VPN with a Global HTTP Proxy profile pointing to our internal proxy server.
We are using AirWatch in the cloud to manage the devices.
When the VPN is on APNs doesn't seem to be connecting the devices.
We have opened up the full 18.104.22.168/8 address block into our environment for TCP ports 5523, 2195, 2196 and 443 as described in this apple document - https://support.apple.com/en-gb/HT203609
Do we also need to apply the rule the other way so that the devices can connect back to APNs?
AirWatch seem to suggest that the devices don'e connect back to APNs and instead connect straight back to the console.
Can someone help with this please?
What's the best way to get an App Store app onto many iOS devices? If those devices are supervised, the best way is to use MDM and Apple's new Managed Distribution method. I'll demonstrate how to do that using AirWatch below. (Other MDM providers have similar capabilities. Check with your favorite.)
- Make sure you will meet the requirements: VPP, MDM, Supervision, and a common Apple ID.
- Link your MDM provider to your Apple VPP account
- Invite your MDM "users" to your VPP program
- Use VPP to "purchase" apps (even free ones)
- Use MDM to deploy the apps to your users.
Before we start, are you sure you want to do this? Apple Configurator may be a much better solution for the "getting apps onto iPads and iPhones" problem, at least when all the devices are in the same room. But if the devices will be scattered far from the iGeek, then keep reading.
The setup is quite important.
- Make sure your MDM provider your platform version supports iOS 7's new Managed Distribution system. ("New" means November 2013.)
- You'll need to create an MDM user who will own all those devices. You will want to make sure this user is in a new location group.
- You will need to set up an iTunes Volume Purchase Program account for your business or school. Note this requires a new Apple ID, a DUNS number, a pound of flesh, some eyes of newts and toe of dog, and a few days for processing. OK, it isn't that hard, I'm just having fun.
- You'll need an Apple ID to share among your devices. You will want to use the technique to credit an Apple ID without a credit card. (I'm assuming you will be distributing only free apps to your devices, which means you can share the same Apple ID.)
Got it? Good. Now for every iOS device, you'll need to do a few preparation steps. (Hint: If you play your cards right, you will be able to accomplish all of the below in a single stoke.)
- Supervise it using Configurator
- Sign in to the App Store using the common Apple ID (restore a backup image with the App Store user signed in)
- Enroll into MDM (you can do that automatically using Configurator during the supervision process, at least with Casper Suite, AirWatch, MobileIron, and others.)
- Associate the device with the common MDM user (that should be a setting in MDM prior to generating the enrollment profile)
Link your MDM provider to your Apple VPP account
Sign into your VPP Account. In the upper-right corner, click on your Apple ID and then "Account Summary".
In the "Managed Distribution" section, download the VPP token. This contains the credentials your MDM provider needs to link to VPP.
Now log into AirWatch. Navigate to Settings > Apps > Catalog > License Based VPP. Double check you are looking at the correct location group.
Enter a name to describe this connection (I called it "Tekserve VPP") and upload the token. I strongly recommend "Automatically Send Invites" is NOT checked.
Save this config, and you now have linkage!
Invite your MDM "users" to your VPP program
Next step is to invite your MDM users to participate in the program. There is no assumption that the Apple ID is the same as the MDM user's email. In fact, Apple is pretty clear they don't want MDM (or the employer) to ever know an employee's Apple ID. Therefore the MDM system needs to send an email to the users, who click a link to accept enrollment in the VPP program.
I haven't yet figured out how to invite one user at a time, so we're going to have to invite EVERY user in the MDM location group. Now if you have been following carefully, you are working in a location group with only a single MDM user. Cool. Send the invitations by clicking the "(Re)Invite Users" button. There won't be a confirmation, but email will be sent to all addresses the MDM has on file.
Using your iOS7 device's browser, please click on this https://buy.itunes.apple.com/WebObjects/MZFinance.woa/wa/associateVPPUse... to register for Apple's License Based VPP Program. Registering for the program will enable you to download applications purchased by your organization on your behalf.
Please contact your IT helpdesk if you have any questions: firstname.lastname@example.org
Clicking the link will open the App Store (on an iOS device) or the Mac App Store (on a Mac) and ask for an Apple ID and password.
This organization can now assign apps and books to you.
Use VPP to "purchase" apps (even free ones)
Next step -- there are a lot of steps -- is to use Apple's VPP to purchase an app.
The iTunes VPP store used to have only paid apps. Now it has free apps as well. Today let's install Tiny Death Star, a popular enterprise productivity app. So log into the iTunes VPP store, search for "death star", and "purchase" several copies. You can purchase as many as you want, it's free!
A paid app presents a choice for either downloading old-style redemption codes or new-style managed distribution. Free apps don't get a choice; managed distribution for all.
After purchase, Apple takes a few minutes to prepare your order. Wait until you receive email confirmation before continuing to the next step.
Use MDM to deploy the apps to your users
Back in AirWatch, click on Apps & Books > Applications > Purchased. Now you ask AirWatch to check with Apple, so click the "Sync Licenses" button. This part may take a short time, but in my test I just needed to refresh the page.
Once AirWatch is aware of the app, you can assign it to users. Click the twisted-arrow button.
AirWatch assigns these apps via smart groups only. This article is already way too long, so I won't explain how to create these.
Now decide how many licenses you want allocated to the group.
Now save the assignment. The last step is to publish the app.
In my experience, the app isn't quite ready to publish immediately. So if it doesn't work immediately, wait 15 minutes and try to publish again.
On my test supervised iPod, I get the Tiny Death Star app, automatically downloaded and without any prompts. It works! Woo hoo!
My unsupervised iPhone also received the Tiny Death Star app, and it isn't even enrolled into AirWatch. Hmm.
I understand part of this. I used my personal Apple ID for the test; the same Apple ID I used on my iPhone. Managed distribution works by adding the assigned apps to my Apple ID purchase history. And my iPhone has automatic app downloads enabled. But does this imply that unsupervised devices can also receive silent installs?
Looks like more exploration is needed.
Currently conducting a large deployment of iPads utilizing Apple Configurator. Airwatch allows you to download a profile for enrolling devices silently by selecting a 'default enrollment user' and enabling 'shared enrollment user'.
Does anyone know a way these can be linked to actual Airwatch user accounts after a mass enrollment with the default enrollment user. I assumed creating a batch uploads of accounts with the specific UDIDs and serial numbers would link the devices that match that criteria with a user account but that doesn't seem to be the case.
Otherwise, anyone know the pros/cons of enrolling all devices under one user account in Airwatch as the 'default enrollment user' does? I am having a hard time accepting the fact that I can manage devices from a device perspective rather than from a user account perspective.
Thanks in advance for any input!
Forum topic added by Mahesh 1 week ago
Story comment by taylor 2 weeks ago
Mobile Management Provider changed by Aaron Freimark 2 weeks ago
Wiki Page changed by Aaron Freimark 2 weeks ago
Story added by Aaron Freimark 2 weeks ago
Mobile Management Provider changed by Aaron Freimark 2 weeks ago
Forum topic comment by Elizabeth Hale 17 weeks ago
Mobile Management Provider changed by Simo Kari 18 weeks ago
Forum topic comment by jpref 19 weeks ago
Forum topic comment by bugfrisch 20 weeks ago
Mobile Management Provider changed by krypted 20 weeks ago
Mobile Management Provider changed by JAMFSoftware 21 weeks ago
Forum topic comment by spurtipreetham 21 weeks ago
Forum topic added by okta 21 weeks ago
Forum topic added by am.imran.ahmed 21 weeks ago
Forum topic comment by Samuelbrown 21 weeks ago
Mobile Management Provider changed by NeerajOR 22 weeks ago
Forum topic comment by Elizabeth Hale 22 weeks ago
Forum topic comment by taylor 22 weeks ago
Forum topic comment by bhaveshagrawal1014 22 weeks ago