When Single App mode is turned on, is it possible to update an enterprise app that is running without user intervention?
I’ve tried two MDM services. Thus far, when I push an enterprise app update to a supervised device in Single App mode, nothing happens. I have to change the profile to turn off Single App mode and push that profile change, then push the app update, then springboard appears prompting the user to update or not, then re-enable Single App mode and push that profile change when updating is done.
We want our iOS devices to be used in a way such that only our enterprise app is allowed to run, but also have the ability to update the enterprise app remotely without requiring someone with physical access to the devices to press "OK" to accept an app update.
Apple is finally making an official way to bulk create Apple IDs
Does someone know how the process for updating device-based VPP apps with Profile Manager ?
When no Apple ID is set on the device, the trigger in iTunes Store & App Store settings to download automatically the updates of apps is accessible (whereas the first 3 ones that set the automatic downloading of new content purchased are obviously hidden).
So the question could be : did someone have the chance to check if the trigger also applies to device-based VPP apps ?
I'm a newbie to MDM and am still trying to figure out how all the pieces fit together. Have a query I hope the Gurus can help answer.
Is the following correct? From the moment it registers itself with Apple, each device maintains a persistent connection with the APNS service via the "apsd" deamon. This connection serves as the underlying "pipe" that helps the apsd deamon, on its part, offer the publish-subscribe service that helps client apps (aka the subscribes) receive "messages" from the publisher (aka APNS in this case). If this is true then
My query concerns how a device gets its unique token from APNS. Per my understanding, an application needs to register itself with APNS for it to be able to receive notifications...and as a part of this registration process, the APNS service returns a unique App Specific "token" to the app...how does this pan out in the MDM context...what's this app? Who decides the topic to use? The reason for me to ask this is because the MDM Check-In protocol requires the device to send the "Topic" and "Token" during the final TokenUpdate step. Without an app, where does the "Topic" and "Token" come from?
Any responses would be greatly appreciated.
Thanks and Regds
Apple has published a knowledge base article identifying a problem with the iOS 9.2 update released last week:
If apps don‘t finish installing using Mobile Device Management (MDM) and iOS 9.2
When you use Mobile Device Management (MDM) to install an app in iOS 9.2, the installation might not finish.
This can happen if the MDM server requests the list of managed apps on the device before the installation is complete. Other MDM commands to your device will succeed unless they are behind an incomplete installation. To resolve the issue, clear the MDM server queue of any of the following commands:
- Installing or updating apps (InstallApplication)
- Returning the list of managed apps (ManagedApplicationList)
Apple plans to resolve this issue in a future software update.
MDM providers I spoke with today said the 9.2 update is causing "havoc" with customers. Note that Apple is still signing iOS 9.1, so updated devices can still be downgraded.
The (non-NDA protected) Developer portal today listed iOS 9.2.1. No public word yet on whether 9.2.1 fixes this MDM issue. (But I would wager it does.)
I have the following situation -
There is a school which distribute number of iPads to students, which deploy in-house app for student.
Basically the app will display the PDFs, Images and Videos form remote server.
Now the challenge is that, Class 1 student needs to fetch PDfs, Images and Videos form one link
where as Class 2 student needs to fetch PDfs, Images and Videos form another link.
Hence the app need to know which device group, the current device is enrolled into.
And the device Groups info is set via MDM server.
So the question is - is there anyways enterprise app can get information from MDM server about the device group it is enrolled in, so that it can change its app feature as per device group ?
Apple today released iOS 9.1 many, many devices. From the release notes:
This release includes new features, improvements and bug fixes, including:
- Live Photos now intelligently senses when you raise or lower your iPhone, so that Live Photos will automatically not record these movements
- Over 150 new emoji characters with full support for Unicode 7.0 and 8.0 emojis
- Improved stability including CarPlay, Music, Photos, Safari, and Search
- Improved performance while in Multitasking UI
- Fixes an issue that could cause Calendar to become unresponsive in Month view
- Fixes an issue that prevented Game Center from launching for some users
- Resolves an issue that zoomed the content of some apps
- Resolves an issue that could cause an incorrect unread mail count for POP mail accounts
- Fixes an issue that prevented users from removing recent contacts from new mail or messages
- Fixes an issue that caused some messages to not appear in Mail search results
- Resolves an issue that left a gray bar in the body of an Audio Message
- Fixes an issue that caused activation errors on some carriers
- Fixes an issue that prevented some apps from updating from the App Store
For information on the security content of this update, please visit this website:
Want to downgrade your device to iOS 8.4.1? Yesterday you could, but today you can't.
This is because Apple keeps a tight leash on iOS updates. During the install process, the device (or iTunes, or Configurator, or GroundControl) must verify some information with Apple, specific to both the device and the iOS build. Apple's servers analyze the info, then send back a one-time key to permit the installation. So at any time, Apple can stop "signing" the iOS update, effectively stopping all installs.
(This process doesn't affect you if you are already running the OS, only if you are installing or re-installing it.
After a new release, Apple always shuts down the old release. But it doesn't shut it down immediately. It waits a week or two first. I don't know the exact reason for the "signing window" to stay open. Maybe it's to give extra time for companies in the middle of a large deployment to get organized. Maybe it's to allow individuals who accidentally upgraded too early to change their minds. But when Apple stops signing that old release, it effectively forces your hand, and any iOS install then MUST go to the latest version.
Unfortunately, Apple has never announced in advance when it will stop signing an older release. This makes planning, well, a challenge.
To help (a little), we've compiled a history of how long Apple's kept that window open, after an upgrade. Maybe history will be a guide.
|iOS Version||Days as latest version||Days still signed after update|
|iOS 9.0.1||7 days||n/a|
|iOS 9||7 days||7 days|
|iOS 8.4.1||34 days||14 days|
|iOS 8.4||44 days||11 days|
|iOS 8.3||83 days||7 days|
|iOS 8.2||30 days||27 days|
|iOS 8.1.3||41 days||16 days|
|iOS 8.1.2||49 days||14 days|
|iOS 8.1.1||21 days||9 days|
|iOS 8.1||29 days||14 days|
|iOS 8.0.2||25 days||7 days|
|iOS 8.0.1||1 day||0 days|
|iOS 8||7 days||28 days|
|iOS 7.1.2||79 days||9 days|
Apple yesterday released iOS 9.0.2, on top of iOS 9.0.1 a couple of days ago. (We forgot to post that!) iOS 9.0.2 patched a lock screen security vulnerability, and fixed a couple of bugs.
Release notes for iOS 9.0.2:
This update contains bug fixes and improvements including:
- Fixes an issue with the setting to turn on or off app cellular data usage
- Resolves an issue that prevented iMessage activation for some users
- Resolves an issue where an iCloud Backup could be interrupted after starting a manual backup
- Fixes an issue where the screen could incorrectly rotate when receiving notifications
- Improves the stability of Podcasts
iOS 9.0.1 had the following to say:
This update contains bug fixes including:
- Fixes an issue where some users could not complete setup assistant after updating
- Fixes an issue where sometimes alarms and timers could fail to play
- Fixes an issue in Safari and Photos where pausing video could cause the paused frame to appear distorted
- Fixes an issue where some users with a custom APN setup via a profile would lose cellular data
Downloads of the latest IPSW for each device is available from our database of iOS Devices.
We use Always-On VPN with IKE 2 to reach our internal networks. Our internal networks can reach outside web servers only via http/https through our company proxy. This worked perfect until iOS 8.4.1. Some users upgraded their machines to iOS 9 and they told us "The internet is not working". We tested it and couldn't see any traffic to our proxies. iPads/iPhones try to resolve DNS and reach the servers direct. But our internal DNS Servers are not connected to the internet DNS Servers.
Just tested the function with iOS 9.0.2.
Still not working ! Very serious bug for company use of iOS devices.
We have been experiencing an issue on our campus where Apple devices, and Apple devices only, are disconnecting and reconnecting to our wireless network.
This has caused huge issues for our teachers who are streaming content to Apple TVs. Every 5-10 minutes the wifi drops, causing whatever they are playing to stop and terminates the connection to the Apple TV.
We've experienced this issue with iPhones, iPads and Macs, both managed and not. We also have Dell desktops, Chrome books, and surface tablets deployed in the school and none of them seem to be experiencing an issue.
My network admin isn't sure where to start trouble shooting as it is only Apple devices experiencing the issue. I do know we use all Cisco Enterprise level hardware for the routers.
Any direction would be much appreciated!
The next phase of GroundControl is beginning. I'm looking for 1-2 mobility engineers to work with me, helping large enterprises implement our software and save them from a world of pain. Must have MDM experience with Apple iOS devices. Best if you live in the New York area, too, but would consider remote workers. We are a small team today so you'd have a lot of impact!
E-mail me at aaron / at / groundctl / dot / com if interested.
- Comparison of MDM Providers (735,784)
- Complete List of iOS User-Agent Strings (356,067)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (233,118)
- Apple Configurator vs. MDM (149,504)
- iOS Devices (117,302)
- Mobile Device Management (95,820)
- Apple Profile Manager (91,413)
- Batch Apple ID Creator (84,333)
- Gartner Magic Quadrant for MDM (2014, 2012, 2011) (83,214)
- AirWatch (77,757)
Comparison of MDM Providers
Forum topic added by krish55 2 hours ago
Forum topic comment by whatsappstatusline 4 hours ago
Forum topic comment by Sarika Abraham 4 hours ago
Forum topic comment by irfan99 6 hours ago
Forum topic comment by irfan99 6 hours ago
Story comment by irfan99 6 hours ago
Forum topic added by krish55 15 hours ago
Forum topic comment by AdwardEden 21 hours ago
Forum topic comment by MarcBetts 1 day ago
Forum topic comment by jkrieg 2 days ago
Mobile Management Provider comment by TheStreets 4 days ago
Wiki Page comment by TheStreets 4 days ago
Forum topic comment by thangchamay 5 days ago
Forum topic comment by thangchamay 5 days ago
Wiki Page comment by thangchamay 5 days ago
Forum topic comment by taylor 6 days ago
Forum topic comment by davidcool 1 week ago