I have the pleasure of speaking with many of our customers at the outset as they plan their iOS management strategy. For customers interested in implementing a bring-your-own-device (BYOD) policy, there are serious implications worth devoting some consideration to before proceeding.
To both share this information as well as provide our customers with a resource they can refer back to, we've published a guide outlining these pros and cons. Even a quick glance will better prepare you for your deployment, and may help you avoid common technical and organizational issues.
Looks like I've finally found an forum that talks about the important stuff in iOS land instead of the new Jet Black iPhone 7 and how it will get tiny scratches on it if you don't put it in a case!
I'm embarking on a journey to tidy up the use of iOS devices in our company and it's bloody confusing! MDM, Apple Configurator, VPP..... I need help!
If someone could point me in the direction of some threads that will help address the following challenges it would be much appreciated.
Company issued iOS devices and Apple Id's - our admin girls have looked after issuing these up until now and I've just ignored it but from what I've found i should be able to use VPP or Apple Configurator 2 to use a company Apple Id to keep control of the device? And I'm fairly certain I don't want to go down the path of DEP.
App deployment - We're about to subscribe to Azure AD Premium which includes M$ InTune, and while it looks great it seems to rely on having the install package for each app rather than linking with the App Store. Is it possible to get the packages? And what if the package you have isn't compatible with all used versions of iOS?
Version Locking - Is it possible to lock devices to a version of iOS to avoid compatibilty issue?
In general, I'm starting from scratch (Except for InTune) and any assistance would be appreciated!
Thank in advance.
First of all - i`m can`t believe that every iOS user need AppleID in corporate environment. Why? I tell you.
My problem is:
I have 20-30 iPads (iOS 9 and 10) and i need support them remotely (we have branches in 20 cities).
If i just give those devices to user and he (or she) will use personal AppleID, then when user will leave company we can face a problem with Activation Lock.
If i use corporate AppleID, then i need to tell password to user, because when iOS update or just reboot, AppStore will ask for that. And we still can face the Activation Lock (in sabotage scenario from fired user) or some .. ransom-fraud?.. if stupid user let for someone to know password.
I just need sometimes push our apps (from public AppStore) to this devices and see its location.
Ok, i have one OS X and i can setup a simple MDM with Profile Manager. Is it absolutely necessary to use AppleID on those iPads?
Can you to advice me something?
Apps are migrated from VPP redemption to managed distribution.The getVPPAssetsSrv does not give the adam Id for these apps. These apps are paid apps which were originally purchased around 2012 and migrated in Jan 2016. Few other apps which were purchased around 2012 and migrated in Jan 2016 work fine.
Could not get app details for few apps in getVPPAssetsSrvUrl. Tried getting app details via https://vpp.itunes.apple.com/lookup
and through contentMetadataLookupUrl.
Anyone have any ideas?
We regularly receive questions from our customers asking if it's possible to add the Apple devices they already own to their DEP account. We had a chance to speak with Apple Business Services recently to understand the specific situations where this is possible and want to share it with anyone who it might be of use to:
We have deployed a certificate to devices that is generated on the Microsoft CA through a SCEP request. When browsing on safari on an ios device, no prompt when using MFA request through ADFS is done. Is there any way to have the browser call to the device identity certificate store where these are sitting. Thanks.
We've received a number of questions about what Single App Lock is and what features it comes along with. We put together an informative guide to answer these questions. I appreciate your feedback on it!
I am looking to deploy wifi connection profiles to iOS 9 users in my company. It looks like there was a utility called IPHONE CONFIGURATION UTILITY available for earlier IOS versions but it's not available anymore. Can someone pls advise what tool can i use on a windows platform (preferred) to create such wireless connection profiles for mass deployment ?
Thanks in advance
There's been a lot of press on the new features coming out for iOS 9.3, but most of this hasn't covered the more subtle, MDM functionality enhancements. Namely:
- Ability to enable/disable apps from running
- Ability to reconfigure icon layout on the Home Screen
- Control over notification settings
- Additional restriction options
- Safari auto-fill domain control
We go into more depth in the following article:
Feel free to respond, I'll answer any questions the best that I can
We are trying to enroll iPhone devices with our 3rd party server,I downloaded the APNS certificate in the PEM format form the portal and installed it in the keychain access. I selected the APNS certificate (APSP:an23.....) and the private key that is associated with the MDM vendor certificate(Am i doing any mistake here???) and exported those into .p12 file. Using this .p12 file i am sending the wakeupcall to the iOS devices by sending push notification using python-apns library. I am getting feedback that the message is been delivered but the iOS device is not hitting back to the Checkin-url with the Idle status.Help is appreciated.
I am looking into some cost effective ways of providing MDM functionality over the air (Profile push, lock, wipe etc) and wondered if OS X Server Profile manager would work as apparently it can provide some sort of OTA management? Has anyone had any hands on experience with this as an MDM software, and are there any real gotchas?
Previously I have used configurator to supervise device with base restrictions, and then used MDM software to manage fleets, so have plenty of experience with that.
The cost and support for a full MDM platform would be tough to justify at this point in time, but it would be good to get a level of management on the fleet of roughly 100 users. They are mostly office based with a handful of remote workers, which is why the OTA piece is important.
We have a couple dozen iPads installed as kiosks at various locations, remotely managed via Meraki. We've used Apple Configuration to put the devices in supervised mode, however, we did setup a shared Apple ID that all the devices were logged into upon setup, and we also set passcodes on the device.
Our kiosk app is an enterprise app, and I'm pushing from Meraki by creating a managed app linking to our manifest.plist file.
However, as we push out updates, we're getting inconsistent behavior. What I'd like is to have the app silently update without any user intervention, which does sometimes happen. But sometimes it requires the user to accept the update. I don't believe we've been asked to re-enter the password, but I'm not sure, as I have to wait for the user reports to trickle in from the various locations.
Again, we're not using VPP, which is what all the silent update sources I can find seem to assume. Just a standard enterprise distribution app.
Would love any suggestions!
Good Day All,
So I have been investigating the world of MDM and trying to learn how it all works. I found an older guide online on how to host your own internal MDM server. I followed the guide until it got to the point of building your mobileconfig file which will be used to configure devices to talk to your MDM Server.
Everything I can find is always reference the old tool, iPhone Configuration Utility. This is no longer available.
I can't seem to find anything which talks specifically about using Apple Configurator 1 or 2 to generate this mobile config. Looking at Apple Configurator, there are no options available to specify an MDM Server. Is there something I need to do to "flip the switch" to turn on MDM in the profile I am trying to create? Or should one use something else for this?
I read about using OS X Server and Profile Manager to do this, but am having issues logging in to Profile Manager, for some reason. Not sure what password to use?
If anybody has a more up to date guide or instruction they can provide on this, that would be extremely helpful.
I have my enterprise iOS account setup, I have MDM enabled, I have my push certificate, and I have a domain on the web with SSL installed and ready to go...I just can't get my mobileconfig generated.
So if anybody has the way to do this, and I believe we need to also "sign" the mobileconfig file too, correct? If so, how?
Thank you so much!
Mobile Management Provider changed by FrankGraziani 1 week ago
Mobile Management Provider changed by rachana 2 weeks ago
Forum topic added by taylor 2 weeks ago
Mobile Management Provider changed by taylor 7 weeks ago
Forum topic comment by Elizabeth Hale 9 weeks ago
Mobile Management Provider changed by Simo Kari 10 weeks ago
Forum topic comment by jpref 10 weeks ago
Forum topic comment by bugfrisch 12 weeks ago
Mobile Management Provider changed by krypted 12 weeks ago
Mobile Management Provider changed by JAMFSoftware 12 weeks ago
Forum topic comment by spurtipreetham 12 weeks ago
Forum topic added by okta 12 weeks ago
Forum topic added by am.imran.ahmed 12 weeks ago
Forum topic comment by Samuelbrown 13 weeks ago
Forum topic comment by Elizabeth Hale 14 weeks ago
Forum topic comment by taylor 14 weeks ago
Forum topic comment by bhaveshagrawal1014 14 weeks ago
Forum topic comment by Sabi 14 weeks ago
Wiki Page changed by Aaron Freimark 14 weeks ago
Forum topic comment by philback 14 weeks ago