Though this community centers on iOS management, I thought it worthwhile to share a recent writeup from our blog. It's on deploying PKG files to macOS computers using an MDM. Traditionally, this has been accomplished only with third party management software installed on the local computer.
Article: Distribute macOS PKGs via MDM
Apple is slowly nudging macOS management practices towards those of iOS MDM management. It seems that MDM is the future for macOS which is a good thing for those from a traditional iOS MDM background.
We have a customer who is reporting that several iOS devices are resetting to factory default, automatically by themselves. We are unable to figure out a specific pattern. The devices are enrolled in MDM, but there are no wipe commands from MDM. Also the devices are using Gsuite exchange Google Sync mail.
Have any one else experienced similar problems? Are there any conflicting policies from Google Sync that could remote erase the device?
Looks like I've finally found an forum that talks about the important stuff in iOS land instead of the new Jet Black iPhone 7 and how it will get tiny scratches on it if you don't put it in a case!
I'm embarking on a journey to tidy up the use of iOS devices in our company and it's bloody confusing! MDM, Apple Configurator, VPP..... I need help!
If someone could point me in the direction of some threads that will help address the following challenges it would be much appreciated.
Company issued iOS devices and Apple Id's - our admin girls have looked after issuing these up until now and I've just ignored it but from what I've found i should be able to use VPP or Apple Configurator 2 to use a company Apple Id to keep control of the device? And I'm fairly certain I don't want to go down the path of DEP.
App deployment - We're about to subscribe to Azure AD Premium which includes M$ InTune, and while it looks great it seems to rely on having the install package for each app rather than linking with the App Store. Is it possible to get the packages? And what if the package you have isn't compatible with all used versions of iOS?
Version Locking - Is it possible to lock devices to a version of iOS to avoid compatibilty issue?
In general, I'm starting from scratch (Except for InTune) and any assistance would be appreciated!
Thank in advance.
First of all - i`m can`t believe that every iOS user need AppleID in corporate environment. Why? I tell you.
My problem is:
I have 20-30 iPads (iOS 9 and 10) and i need support them remotely (we have branches in 20 cities).
If i just give those devices to user and he (or she) will use personal AppleID, then when user will leave company we can face a problem with Activation Lock.
If i use corporate AppleID, then i need to tell password to user, because when iOS update or just reboot, AppStore will ask for that. And we still can face the Activation Lock (in sabotage scenario from fired user) or some .. ransom-fraud?.. if stupid user let for someone to know password.
I just need sometimes push our apps (from public AppStore) to this devices and see its location.
Ok, i have one OS X and i can setup a simple MDM with Profile Manager. Is it absolutely necessary to use AppleID on those iPads?
Can you to advice me something?
Apps are migrated from VPP redemption to managed distribution.The getVPPAssetsSrv does not give the adam Id for these apps. These apps are paid apps which were originally purchased around 2012 and migrated in Jan 2016. Few other apps which were purchased around 2012 and migrated in Jan 2016 work fine.
Could not get app details for few apps in getVPPAssetsSrvUrl. Tried getting app details via https://vpp.itunes.apple.com/lookup
and through contentMetadataLookupUrl.
Anyone have any ideas?
We regularly receive questions from our customers asking if it's possible to add the Apple devices they already own to their DEP account. We had a chance to speak with Apple Business Services recently to understand the specific situations where this is possible and want to share it with anyone who it might be of use to:
We have deployed a certificate to devices that is generated on the Microsoft CA through a SCEP request. When browsing on safari on an ios device, no prompt when using MFA request through ADFS is done. Is there any way to have the browser call to the device identity certificate store where these are sitting. Thanks.
We've received a number of questions about what Single App Lock is and what features it comes along with. We put together an informative guide to answer these questions. I appreciate your feedback on it!
I am looking to deploy wifi connection profiles to iOS 9 users in my company. It looks like there was a utility called IPHONE CONFIGURATION UTILITY available for earlier IOS versions but it's not available anymore. Can someone pls advise what tool can i use on a windows platform (preferred) to create such wireless connection profiles for mass deployment ?
Thanks in advance
There's been a lot of press on the new features coming out for iOS 9.3, but most of this hasn't covered the more subtle, MDM functionality enhancements. Namely:
- Ability to enable/disable apps from running
- Ability to reconfigure icon layout on the Home Screen
- Control over notification settings
- Additional restriction options
- Safari auto-fill domain control
We go into more depth in the following article:
Feel free to respond, I'll answer any questions the best that I can
We are trying to enroll iPhone devices with our 3rd party server,I downloaded the APNS certificate in the PEM format form the portal and installed it in the keychain access. I selected the APNS certificate (APSP:an23.....) and the private key that is associated with the MDM vendor certificate(Am i doing any mistake here???) and exported those into .p12 file. Using this .p12 file i am sending the wakeupcall to the iOS devices by sending push notification using python-apns library. I am getting feedback that the message is been delivered but the iOS device is not hitting back to the Checkin-url with the Idle status.Help is appreciated.
I am looking into some cost effective ways of providing MDM functionality over the air (Profile push, lock, wipe etc) and wondered if OS X Server Profile manager would work as apparently it can provide some sort of OTA management? Has anyone had any hands on experience with this as an MDM software, and are there any real gotchas?
Previously I have used configurator to supervise device with base restrictions, and then used MDM software to manage fleets, so have plenty of experience with that.
The cost and support for a full MDM platform would be tough to justify at this point in time, but it would be good to get a level of management on the fleet of roughly 100 users. They are mostly office based with a handful of remote workers, which is why the OTA piece is important.
We have a couple dozen iPads installed as kiosks at various locations, remotely managed via Meraki. We've used Apple Configuration to put the devices in supervised mode, however, we did setup a shared Apple ID that all the devices were logged into upon setup, and we also set passcodes on the device.
Our kiosk app is an enterprise app, and I'm pushing from Meraki by creating a managed app linking to our manifest.plist file.
However, as we push out updates, we're getting inconsistent behavior. What I'd like is to have the app silently update without any user intervention, which does sometimes happen. But sometimes it requires the user to accept the update. I don't believe we've been asked to re-enter the password, but I'm not sure, as I have to wait for the user reports to trickle in from the various locations.
Again, we're not using VPP, which is what all the silent update sources I can find seem to assume. Just a standard enterprise distribution app.
Would love any suggestions!
Mobile Management Provider changed by 7PMDM 15 hours ago
Mobile Management Provider changed by taylor 5 days ago
Story added by Aaron Freimark 5 days ago
Mobile Management Provider changed by taylor 6 days ago
Mobile Management Provider changed by MDMforALL 1 week ago
Story added by Aaron Freimark 2 weeks ago
Story added by Aaron Freimark 2 weeks ago
Story added by brendan 2 weeks ago
Story added by Aaron Freimark 4 weeks ago
Story added by Aaron Freimark 4 weeks ago
Wiki Page changed by Aaron Freimark 4 weeks ago
Forum topic added by taylor 5 weeks ago
Forum topic added by Mahesh 6 weeks ago
Story comment by taylor 7 weeks ago
Wiki Page changed by Aaron Freimark 7 weeks ago
Story added by Aaron Freimark 7 weeks ago
Mobile Management Provider changed by Aaron Freimark 7 weeks ago
Forum topic comment by Elizabeth Hale 22 weeks ago
Mobile Management Provider changed by Simo Kari 23 weeks ago
Forum topic comment by jpref 24 weeks ago