iOS and centralised iPad backups : Centralised backup solution for iPad iOS

fredster's picture

fredster

Joined: May 22, 2013
No votes yet

Hello,

I've got an impossible request, but I'm interested if anybody has come across any information that may be helpful; trying the power of crowd sourcing.

iOS and iPad backups: has anybody come across there ANYTHING that provides an automatic backups of iOS/iPads to enterprise backup solutions ? And the it is very important that it is automatic; I can not rely on our customer's iPad users to be involved in the back up procedure.

- I know that there are back up solutions that have an iOS client on the iPad, but typically it requires a manual process for the end user to initate the back up procedure.
- I know that a mac can be set up to act as a back up option (over Wifi) but (typically) this does not 'connect' directly to most enterprise back up solutions (EMC, etc).
- I can think of ways to hook 'this-into-that' and 'bolt-that-on-to-this' but most of these options require ongoing support.

In a perfect world, (working with the options that Apple allow us) I would like a hardware (or VM appliance) that runs an iTunes service continuously for backup services ALONE. This device would connect to the Wifi environment and provide a continuous service to all iPads that connect on to the Wifi network. Each iPad back up would be unique by date/timestamp. And this solution would allow me to restore any back up to the source iPad.

Anybody ?
(chirp chirp <- the sound of crickets over the deathly silence)

Thank you,
Fred

Top
Eight_Quarter_Bit's picture

Eight_Quarter_Bit

Joined: Sep 26, 2014

Our Solution

Your rating: None (1 vote)

If you are after an "official" solution, sold as a product, I am not currently aware of one. As you have said, there are convoluted workarounds, but they carry a myriad of complications.

In addition, it's important to make the distinction between backup and sync, as they have some interesting differences in the world of iOS. One would assume that performing a "backup" from iTunes would create an exact duplicate of the devices' contents, but, sadly, it does not.

A "backup", as defined by clicking the "backup" button in iTunes, only backs up the settings of the device. The content on the device (things like apps, music, videos, pictures, etc.) is not included in a backup. Those things are transfered only in a sync, which can only be performed with the single computer the device was synced to for the first time (what I will refer to as a "sync relationship" from now on.). Backups can be performed between any combination of host computer and iOS device, syncing is a 1-to-1 bound relationship.

iTunes can be configured to handle wireless sync and backup, but as you have noted this does not integrate with existing solutions particularly seamlessly.

Restoration of the backup and syncing back content also becomes an issue, because while settings preserved with a backup is device-specific, content preserved with a sync is device agnostic. Allow me to illustrait.

If you are syncing non-homogenous devices to a single location, and you are using iTune's default mode of syncing all applications, you can start to encounter content "bleed." An app purchased on one device gets synced back to the central iTunes library, and then any other devices that sync after that will receive that that application. This is obviously not ideal for our usage scenario.

Even if you disable iTune's "Automatically install new apps" option (which has to be done on a per-device basis, I might add) you still have to face the complications of restoring that device, because that has to happen over USB. If you have a single iTunes library on a machine dedicated to backup you can only get the synced content back from that machine, and that machine alone. This makes for ugly logistical situations, and high tech department overhead, as you are well aware.

This is a "round peg meets square hole" situation. Usually in these sorts of scenarios the best way to fix the problem ISN'T to start cutting the pegs square, or make the holes round, but rather to stop using pegs and holes all together.

In other words, the solution we decided to go with was to stop trying to force the very individual-owner-designed iPad into the very centrally-managed framework of the traditional IT setup.

Because we rolled out per-user Apple IDs, we gain all the perks that come with it. This includes iCloud backup. As a matter of fact, iCloud backup was one of the big arguments for maintaining a 1-to-1 relationship between Apple IDs and users, rather than using the "hack" of having multiple devices/users share a single Apple ID.

Once iCloud backup is on (which is part of our end-user training when they receive their Apple IDs,) all user-specific setting are preserved and backups happen automatically, from anywhere in the world a user has an internet connection. Restoration is super easy, and can even be handled directly from the iPad, fresh out of the box, during initial setup. No tech machine required. Heck, with a minimal amount of user training it doesn't even require tech department interaction whatsoever. All of our users perform self-enrollment with our MDM, and they configure their iPad fresh out of the box for themselves, following a nifty little guide created for them. Our users handle everything related to iPad setup and/or restoration for themselves, aside from creating accounts.

"But wait!" I hear you say. "What about content? The stuff you have to sync, rather than back up?" That's an excellent question.

Maintaining individual IDs also means that any user-selected and installed applications are tied to their account. Restoring those items is as simple as going to the app store and browsing previously purchased content. For any business-critical applications, that's what your MDM is there for. We have all of our app pushes tied to user groups, pulled into the MDM from Active Directory. As soon as a user enrolls (or re-enrolls) all the apps they are supposed to have are pushed to the device. Rainbows and unicorns abound.

What about videos? Music? Books? Pictures?

Those are trickier. Our MDM (JSS: part of the Casper Suite from JAMF) can handle pushing eBooks/iBooks, so that's taken care of. We don't currently have any music or videos that are necessary for our usage scenario (at least that can't be better distributed via streaming anyway.) If a user wants to have music or videos on their device then they can sync their iOS device to their personal machine. That's probably going to be the method they will want to use to get music /onto/ the device anyway, and since we aren't trying to hack together an oddball solution of creating sync relationships with a centrally owned company machine, the precious single-machine relationship between the iOS device and a computer is left open for the user to create on their own, if they so desire.

Pictures become the only item that is a little tricky. Photo Stream keeps the last month's worth of items, but anything older than that is only resident on the devices that are set to connect to Photo Stream. Photo Stream is a cable to connect two devices via the cloud (with a generous timeout,) not a permanent storage location.

Thankfully there are are about a billion and a half solutions for uploading your important pictures to the internet. As an entity we use Google Apps anyway, so it's as simple as instructing users that if they want to keep pictures older than a month, pop open Google Drive, select your pictures, and upload them.

I know this probably isn't the reply you were hoping for, but perhaps it will give you a previously unconsidered angle to look at things from. We have generally found that when you encounter a workflow related problem with an iOS device, the solution isn't found in implementing a new technical solution, but rather fundamentally altering the workflow itself. It has worked out for us so far.

Top
fredster's picture

fredster

Joined: May 22, 2013

Hi Eight_Quarter_Bit,Thank

Your rating: None

Hi Eight_Quarter_Bit,

Thank you for your time, patience and very detail response. From your comment, I can see that your team has spent considerable amount of time working with the (available) options to best meet your customers needs and your responsibilities. Well done.

We, too, has developed a similar workflow and for 90% of the time, our customers are happy with the arrangements. But the topic of 'backups' is a big issue with AD-centric organisations. For many AD based organisations, they have implemented centralised back up and every large AD organisation (I know) has a back up and DR policy in place. When iOS devices enter the organisation, things get icky. (There's a whole topic on this subject but lets not go there...)

With regard to backups, I want to back up just end user data. And specifically, photos. I would settle for just core data that is typically backed up in an iTunes data (photos, music, ebooks, etc) and am not concerned about App specific (sandbox) data. In our scenario, our customers are using a custom App for field inspections. As part of the field inspections, they take photos and can submit the photos into the inspection app. The fact that iPad photos have embedded EXIF data, make the photos ideal as a recording tool to illustrate what the inspectors saw at location, on the hour, minute, day, etc. This also makes the photos much more important as they tie into the business responsibilities. To date, the inspectors have been responsible for looking after their photos (a la Apple approach) however, yesterday, I was assisting an inspector who has undertaken a firmware upgrade on his iPad and during the process, managed to loose 4 months worth of photos. When I looked at his computers iTunes back ups, there were a few back ups but the photos required were not present in any of the backups. I have no idea what he has done (but I'm fairly sure he has intervened in the update process) but there is no point looking for fault... what's done is done and the photos (used in business) are gone. Hence the point to my Question.

For our situation, iCloud is not an option as policy dictates that we can not use a public cloud service. Hence data back ups using iCloud is not a service we can use. This also means that we can not use Photostream... and indeed the functionality (as you remarked) of Photostream would not meet our needs anyway.

So, in my perfect world, I would like a hardware box or VM image that can be put racked into the corporate infrastructure and would automatically add an iTune backup functionality over the Wifi network.This solution would only do mobile device/iOS backups I don't think it needs to be sync'ed as such; just discrete unique backups; time and date stamped. And it HAS to remove the end user out of the equation; it has to be automatic. I know that there are a myriad of online solutions, everything from syncipity to dropbox to box.net to owncloud, etc but each of them requires end users to initiate the process. The general argument for advocating end-users manage their devices is that 'it's end user choice' but I don't complete agree; after all if you chose to use your iPad for business, then you choose to allow the business to back up your business related data?

Top
Eight_Quarter_Bit's picture

Eight_Quarter_Bit

Joined: Sep 26, 2014

Ah, that does change things a bit.

Your rating: None

Ah, yes, I can see where backing up photos becomes mission-critical, when that's one of the whole points of using the device. I'm in education, so our usage scenario is different.

The only way you could do it over wifi automatically (without jailbreaking your devices, which is a whole other headache which I recommend strongly against) is by creating a sync relationship between a central machine running iTunes and the end devices. Again, photos are content , and thus not part of a backup -content is only transfered in a sync. This sync will also only happen automatically over wifi if the end-user device has its screen locked and is plugged in, unless you GUI script iTunes server-side to initiate sync. As something of the local authority on scripting iTunes, I can tell you right now that's not a good solution, and should be avoided at nearly any cost. Letting the devices initiate sync is also something of a deal-breaker, because telling employees to make sure that they plug in and lock their devices at some point during the day is just as bad as requiring them to launch an app and initiate sync, and maybe worse.

There are third-party libraries that that can be used for iOS device syncing (I looked into using libmobiledevice for a previous project), but they only work over USB, on a *NIX-based system (OS X, Linux, etc.) and they are reverse-engineered, so they break pretty much every major update to iOS. There is a possibility that someone may reverse-engineer wifi syncing in the future, but it would be prone to breakage just as easily.

Another thing you have to consider with using wifi sync is the fact that it uses Bonjour. Bonjour is link-local, and thus unroutable. This means if you are using any kind of internal routing/subnetting you must either run Bonjour gateways, or have a "backup machine" within each subnet/VLAN.

Does this have to be done over wifi from the device? Would USB connected to the end-user's machine be acceptable?

Obviously USB requires some level of user interaction (a user must plug in the device to their computer) but from what it sounds like that's happening already.

Since the photos on the device are exposed as a "camera" to the computer via a standard filesystem, you could probably script copying those photos to a network share, using the end-user computer to run the script. The script could be run automatically whenever the device is plugged in, so no user interaction would be required, nor could they alter the "backup" process. This wouldn't have to touch iTunes, wouldn't be visible/alterable by the user, wouldn't require an iTunes "sync relationship", and should be reasonably bullet-proof. This is, of course, not a "packaged" solution, but in the realm of iOS management very little is.

Another potential solution is using a mobile photo copying device. This is a mixed bag, because it's not on the network where it can be monitored by IT staff, but it also has the benefit of being a packaged solution with no internal development, is almost completely bullet-proof, and only requires users to plug their iOS device into the photo backup device. It can also be used in the field, unlike a local network-based solution (which may or may not be a desirable thing.) It's not perfect, but is one more option to place on the table.

Your last option for photo backup, since your app for field inspections is custom anyway, is to build synchronization into the app itself. Webdav would probably be a good candidate, as it's easy to implement server-side, can be run inside the network as well as exposed to the internet for off-site devices, can be run encrypted end-to-end, and the server and data remain within the company-owned network. Essentially it would be a private cloud. This is probably the best, most reliable solution, but if the app wasn't developed internally it means additional development cost.

In my opinion, iTunes wifi syncing is not an acceptable solution, built as an appliance or not. It's faaaar too prone to problems and has too many "gotchas". It would break much too frequently. Look up syncing iOS devices to Linux for some good examples. The photo library is not exposed in any way via Apple's MDM API, so you're stuck with hacks. This might all change with iOS 7, but I tend to not hold my breath when it comes to Apple adding features targeted at enterprise. It's not the role Apple designs the iPad for, and Apple only implements features along a very narrow band of their intended design. That's just the way Apple works, and it's not likely to change any time soon. In this case, the mountain must go to Mohammad.

I'd say building photo sync into your custom app is the first solution that should be considered. Barring that, scripting photo capture at the end-user desktop is your best bet. Other content can't be captured this way, but at least it covers your mission-critical photo data.

Top
cape_doctor's picture

cape_doctor

Joined: Jun 5, 2013

about iOS backups

Your rating: None

Hi All,
I am not sure about this statement:

"A "backup", as defined by clicking the "backup" button in iTunes, only backs up the settings of the device. The content on the device (things like apps, music, videos, pictures, etc.) is not included in a backup. Those things are transfered only in a sync, which can only be performed with the single computer the device was synced to for the first time (what I will refer to as a "sync relationship" from now on.). Backups can be performed between any combination of host computer and iOS device, syncing is a 1-to-1 bound relationship."

Have a look here: http://support.apple.com/kb/HT4946

Yes, there is a difference between syncing and backing up: A backup is a point-of-time copy containing settings, Messages, Camera Roll, documents, saved games, and other data.
In other words, backups contain far more than just settings of the device but it is correct that they do not contain content (i.e. Media) synced to the device, such as movies, music, podcasts, and apps. With backups you can roll back in time.
Syncing of content (all or selected types of content) ensures that this content is available on one or more devices. Once you sync back and forth media files to iTunes and associated devices you cannot roll back.

If you grab the backups from client computers (OS X: ~/Library/Application Support/MobileSync/Backup/, Windows Vista and Windows 7: \Users\username\AppData\Roaming\Apple Computer\MobileSync\Backup\) with your enterprise backup solution then this will be the closest you get regarding fredster's initial question. Of course this will require your iPad users to be involved in this process. iCloud backups are more graceful as they happen with very little to none user interaction and you can find out what and when gets backed up here: http://support.apple.com/kb/HT4859.
I don't think that there is a turn-key solution for fredster's actual question though.
hth

Top
Jathter's picture

Jathter

Joined: Jul 11, 2013
WWW

iOS back helped us to recover

Your rating: None

iOS back helped us to recover lost or deleted data from iOS device. Here are some tutorials:

1. how to recover deleted text messages from iPhone
2. how to recover deleted pictures from iPhone
3. how to recover deleted notes on iPhone
3. how to recover deleted notes from iPad

Top

Who is online?

There are currently 0 admins, 0 users and 20 guests online. Connected users: .

About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Recent Activity