New MDM Features in iOS 9.3

taylor's picture
Your rating: None (7 votes)

There's been a lot of press on the new features coming out for iOS 9.3, but most of this hasn't covered the more subtle, MDM functionality enhancements. Namely:

  • Ability to enable/disable apps from running
  • Ability to reconfigure icon layout on the Home Screen
  • Control over notification settings
  • Additional restriction options
  • Safari auto-fill domain control

We go into more depth in the following article:

http://simplemdm.com/2016/03/04/ios-9-3-to-bring-new-mdm-features/

Feel free to respond, I'll answer any questions the best that I can Laughing out loud

iOS MDM profile renewal

bugmeister's picture
No votes yet

Hi,

I was wondering whether anyone can explain what's meant to happen when a managed device's MDM profile is close to expiry.

Should it auto-renew somehow? I ask because in the past I've seen iOS show a Renew button (which never worked for us), and we're constantly getting cases where devices had expired management profiles and need to be re-enrolled (surely re-enrollment isn't how the whole renewal process has to work) .

Thanks
Peter

Installing App Remotely, Gotchas

taylor's picture
Your rating: None (5 votes)

Wanted to share a useful article on how one can deploy apps to iOS devices remotely. It's geared for those of us who haven't had as much experience with MDM, VPP, and Supervision and are looking for an explanation on the different moving pieces. It also includes a few helpful tips on avoiding some of the annoying gotchas.

Here's the link: http://labs.wrprojects.com/install-apps-remotely-to-ipads-and-iphones/

MDM feature request

spurtipreetham's picture
Your rating: None (1 vote)

Hi,

Can you help me understand what MDM feature you use the most?
Also, If any MDM features you think are important and are missing from current MDM vendors(Can also be about features which are not well implemented).

Appreciate your replies.

Thanks,
Preetham

Updating apps in Single App Mode?

eri_ent's picture
Your rating: None (1 vote)

When Single App mode is turned on, is it possible to update an enterprise app that is running without user intervention?

I’ve tried two MDM services.  Thus far, when I push an enterprise app update to a supervised device in Single App mode, nothing happens.  I have to change the profile to turn off Single App mode and push that profile change, then push the app update, then springboard appears prompting the user to update or not, then re-enable Single App mode and push that profile change when updating is done.

We want our iOS devices to be used in a way such that only our enterprise app is allowed to run, but also have the ability to update the enterprise app remotely without requiring someone with physical access to the devices to press "OK" to accept an app update.

Managed Apple IDs - Hopefully the end of this script!

benhuckle's picture
Your rating: None (1 vote)

Apple is finally making an official way to bulk create Apple IDs

http://www.apple.com/education/preview/

Updating device-based VPP apps

Clark Kent 1974's picture
No votes yet

Hi.
Does someone know how the process for updating device-based VPP apps with Profile Manager ?
When no Apple ID is set on the device, the trigger in iTunes Store & App Store settings to download automatically the updates of apps is accessible (whereas the first 3 ones that set the automatic downloading of new content purchased are obviously hidden).
So the question could be : did someone have the chance to check if the trigger also applies to device-based VPP apps ?
Best regards.

Basic queries about MDM

GC's picture
No votes yet

Hi,
I'm a newbie to MDM and am still trying to figure out how all the pieces fit together. Have a query I hope the Gurus can help answer.

Is the following correct? From the moment it registers itself with Apple, each device maintains a persistent connection with the APNS service via the "apsd" deamon. This connection serves as the underlying "pipe" that helps the apsd deamon, on its part, offer the publish-subscribe service that helps client apps (aka the subscribes) receive "messages" from the publisher (aka APNS in this case). If this is true then

My query concerns how a device gets its unique token from APNS. Per my understanding, an application needs to register itself with APNS for it to be able to receive notifications...and as a part of this registration process, the APNS service returns a unique App Specific "token" to the app...how does this pan out in the MDM context...what's this app? Who decides the topic to use? The reason for me to ask this is because the MDM Check-In protocol requires the device to send the "Topic" and "Token" during the final TokenUpdate step. Without an app, where does the "Topic" and "Token" come from?

Any responses would be greatly appreciated.

Thanks and Regds

iOS 9.2 + MDM apps = bad things?

Your rating: None (6 votes)

Apple has published a knowledge base article identifying a problem with the iOS 9.2 update released last week:

If apps don‘t finish installing using Mobile Device Management (MDM) and iOS 9.2

When you use Mobile Device Management (MDM) to install an app in iOS 9.2, the installation might not finish.

This can happen if the MDM server requests the list of managed apps on the device before the installation is complete. Other MDM commands to your device will succeed unless they are behind an incomplete installation. To resolve the issue, clear the MDM server queue of any of the following commands:

  • Installing or updating apps (InstallApplication)
  • Returning the list of managed apps (ManagedApplicationList)

Apple plans to resolve this issue in a future software update.

MDM providers I spoke with today said the 9.2 update is causing "havoc" with customers. Note that Apple is still signing iOS 9.1, so updated devices can still be downgraded.

The (non-NDA protected) Developer portal today listed iOS 9.2.1. No public word yet on whether 9.2.1 fixes this MDM issue. (But I would wager it does.)

Can Enterprise App Read its MDM Configuration file

bishal_lf's picture
Your rating: None (2 votes)

I have the following situation -

There is a school which distribute number of iPads to students, which deploy in-house app for student.
Basically the app will display the PDFs, Images and Videos form remote server.

Now the challenge is that, Class 1 student needs to fetch PDfs, Images and Videos form one link
where as Class 2 student needs to fetch PDfs, Images and Videos form another link.

Hence the app need to know which device group, the current device is enrolled into.
And the device Groups info is set via MDM server.

So the question is - is there anyways enterprise app can get information from MDM server about the device group it is enrolled in, so that it can change its app feature as per device group ?

Thanks.

iPad Pro released today...first iPad for the desktop?

No votes yet

Courtesy of Horace at Asymco.

iOS 9.1 patches 49 security vulnerabilities

No votes yet

iOS 9.1 is out and according to Apple's security notice it patches 49 vulnerabilities. Get your updaters ready!

iOS 9.1 is available

Your rating: None (3 votes)

Apple today released iOS 9.1 many, many devices. From the release notes:

This release includes new features, improvements and bug fixes, including:

  • Live Photos now intelligently senses when you raise or lower your iPhone, so that Live Photos will automatically not record these movements
  • Over 150 new emoji characters with full support for Unicode 7.0 and 8.0 emojis
  • Improved stability including CarPlay, Music, Photos, Safari, and Search
  • Improved performance while in Multitasking UI
  • Fixes an issue that could cause Calendar to become unresponsive in Month view
  • Fixes an issue that prevented Game Center from launching for some users
  • Resolves an issue that zoomed the content of some apps
  • Resolves an issue that could cause an incorrect unread mail count for POP mail accounts
  • Fixes an issue that prevented users from removing recent contacts from new mail or messages
  • Fixes an issue that caused some messages to not appear in Mail search results
  • Resolves an issue that left a gray bar in the body of an Audio Message
  • Fixes an issue that caused activation errors on some carriers
  • Fixes an issue that prevented some apps from updating from the App Store

For information on the security content of this update, please visit this website:
http://support.apple.com/kb/HT1222

Apple overlaps iOS versions from 7 to 28 days; the average is 13 days

Your rating: None (1 vote)

Want to downgrade your device to iOS 8.4.1? Yesterday you could, but today you can't.

This is because Apple keeps a tight leash on iOS updates. During the install process, the device (or iTunes, or Configurator, or GroundControl) must verify some information with Apple, specific to both the device and the iOS build. Apple's servers analyze the info, then send back a one-time key to permit the installation. So at any time, Apple can stop "signing" the iOS update, effectively stopping all installs.

(This process doesn't affect you if you are already running the OS, only if you are installing or re-installing it.

After a new release, Apple always shuts down the old release. But it doesn't shut it down immediately. It waits a week or two first. I don't know the exact reason for the "signing window" to stay open. Maybe it's to give extra time for companies in the middle of a large deployment to get organized. Maybe it's to allow individuals who accidentally upgraded too early to change their minds. But when Apple stops signing that old release, it effectively forces your hand, and any iOS install then MUST go to the latest version.

Unfortunately, Apple has never announced in advance when it will stop signing an older release. This makes planning, well, a challenge.

To help (a little), we've compiled a history of how long Apple's kept that window open, after an upgrade. Maybe history will be a guide.

iOS Version Days as latest version Days still signed after update
iOS 9.0.2 n/a n/a
iOS 9.0.1 7 days n/a
iOS 9 7 days 7 days
iOS 8.4.1 34 days 14 days
iOS 8.4 44 days 11 days
iOS 8.3 83 days 7 days
iOS 8.2 30 days 27 days
iOS 8.1.3 41 days 16 days
iOS 8.1.2 49 days 14 days
iOS 8.1.1 21 days 9 days
iOS 8.1 29 days 14 days
iOS 8.0.2 25 days 7 days
iOS 8.0.1 1 day 0 days
iOS 8 7 days 28 days
iOS 7.1.2 79 days 9 days

iOS 9.0.2 out (so was iOS 9.0.1, briefly)

No votes yet

Apple yesterday released iOS 9.0.2, on top of iOS 9.0.1 a couple of days ago. (We forgot to post that!) iOS 9.0.2 patched a lock screen security vulnerability, and fixed a couple of bugs.

Release notes for iOS 9.0.2:

This update contains bug fixes and improvements including:

  • Fixes an issue with the setting to turn on or off app cellular data usage
  • Resolves an issue that prevented iMessage activation for some users
  • Resolves an issue where an iCloud Backup could be interrupted after starting a manual backup
  • Fixes an issue where the screen could incorrectly rotate when receiving notifications
  • Improves the stability of Podcasts

iOS 9.0.1 had the following to say:

This update contains bug fixes including:

  • Fixes an issue where some users could not complete setup assistant after updating
  • Fixes an issue where sometimes alarms and timers could fail to play
  • Fixes an issue in Safari and Photos where pausing video could cause the paused frame to appear distorted
  • Fixes an issue where some users with a custom APN setup via a profile would lose cellular data

Downloads of the latest IPSW for each device is available from our database of iOS Devices.

Recent Activity