VPN causing slow internet connection.

UKDan89's picture
Your rating: None (2 votes)


We have customers complaining that once their iPads are connected to the internet, their internet speed is severely throttled. It appears to be caused by the VPN, is there a way to fix this? We are using a Cisco AnyConnect IPsec VPN

Thank you.

iOS Provisioning Profile Renewal Process with MDM

kolin.augie's picture
Your rating: None (1 vote)

Hello all! We have what appears to be a common scenario, but have yet found the best answer.

We will be approaching the time to renew our iOS Distribution provisioning profiles for internal apps in the next few months. These apps are managed and deployed through MDM. I have tested the process of uploading a renewed profile through our MDM. The updated profile is displayed and the Renewal Date now matches the expiration date of the new profile.

My concern is relying on an MDM to update the profiles for all devices. The other option appears to be to re-package the current apps with the renewed profile and deploy the build again through MDM.

Any recommendations or best practices for this scenario?

I should note that all iOS devices are supervised and shared devices.

Thank you in advance!

Multi-tenancy for AirWatch and XenMobile own cloud??

zaza's picture
No votes yet

A lot of EMM providers are telling that they support multi-tenancy. That might be true for their own clould.
I got the surprise with XenMobile when we planned to build an own Community Cloud to serve different customers with EMM. Yes it is possible to administer different organizations, which cannot see each other, but if you want to connect Active Directory etc. then the multi-tenancy becomes complex. Citrix informed me that they are waiting for a new release to support multi-tenancy.
However, I would like to understand whether it is possible to configure instead AirWatch in a Community Cloud to run different customers inc. interfaces.
Does anybody can support me with this request?

iOS 8.1.1 is out: Bug fixes, increased stability and performance improvements

Your rating: None (5 votes)

iOS 8.1.1 is out. Download offline copies of the firmware via our database of iOS Devices.


This release includes bug fixes, increased stability and performance improvements for iPad 2 and iPhone 4s.
For information on the security content of this update, please visit this website:

"Bottom line...it's complicated" T-Mobile CEO John Legere on the new iPads and Apple SIM

Your rating: None (1 vote)

One of the more interesting features of the new iPad Air 2 and iPad mini 3 announced just over a week ago is the carrier-independent "Apple SIM". iPads are no longer locked to a single carrier, and users can switch carriers at any time. So it seemed.

When it comes to carriers nothing is ever simple. Now T-Mobile's CEO John Legere posted a "tweetstorm" to explain the user experience, which of course is very different from one carrier to another.

Here's the info: https://storify.com/jbrodkin/john-legere-tweetstorm-on-apple-sim-lockin

How To Handle A Gift of 50 iPads

jank50's picture
No votes yet

Just joined this group and I ask for your forbearance - I'm new to all this.

I work for an agency that serves people with developmental disabilities and we have about 55 locations in Westchester County, NY. Some generous peopel gave us a donation of 50 iPads and I'm trying to rationally deploy them! I'd like to be able to synch them remotley for iOS and app updates to avoid a lot of travel. The devices would be shared at the remote locations amongst several clients and the slection of apps would be limited to about 20 or so. Of course, since we're a non-proift, funds are limited, so whatever solutions are available, they must be affordable.

Thanks for your input.


P.S. Any suggestions for iPad cases without covers that would be durable?

iOS 8.1 coming out today — Apple Pay, Continuity, more

No votes yet

iOS 8.1, the next update to iOS 8 is arriving today. Major features are the inclusion of Apple Pay and Continuity. Continuity works when paired with other Apple devices running the latest operating system (Mac OS X 10.10 was released just last Friday), and allows for a few cool and actually useful features:

  • receive and send SMS messages from iPads and Macs
  • continue viewing and editing documents and email between iOS devices and Macs and iPads
  • "Instant Hotspot" lets you easily share your iPhone's LTE connection

Let us know how the upgrades go.

Devices can't be enrolled in DEP, what's my best course of action?

janeitzey's picture
Your rating: None (2 votes)

A department bought iPads outside of our registered Apple Education purchase account and now they can't be enrolled in DEP.

If I can't manage the iTunes account for this shared-use lab, what's my best course of action.

On another note, Apple Configurator 1.6 is dead slow updating new iPads to 8.0.2 even though the ipsw file is downloaded. It's taking over an hour. Any thoughts?

Thanks all!

Forbidden Apps

danny33c's picture
No votes yet

There are a number of apps out there, and new ones popping up all the time, that students are downloading for one reason or another. Mostly VPN apps to try and bypass our web filters. GBA4iOS is a little more innocuous, but does make the user change the time on their iPads to a date in the past.

We are blocking the install of Configuration Profiles which helps with VPNs. I also lock and disable features on the iPad if it is seen in inventory. It installs a Web Clip they click on that brings them to a page and explains why their iPad is disabled and how to get rid of it.

A new app I found yesterday is vShare. This is an app that allows you to pirate other apps, wants you to change the time on your iPad to a time in the past and installs a Provisioning Profile called "Anyone".

I would like to create this and start a list of apps that students use to bypass rules. A wiki of things that are Forbidden or otherwise screw up your configs. If this has already been done in another post please let me know, but I did not find anything. Here is my list so far:

Anyone - Provisioning profile

prevent adding passcode?

jonzer12's picture
No votes yet

We are getting ready to deploy ipads in a shared environment. We are using Maas360 as our MDM. The only issue left is that there seems to be no way to prevent users from enabling a passcode on the device. A student could potentially configure a passcode and prevent the next person from picking up the ipad and using it.

Any way to lock them out of this? How are others dealing with this?

iOS 8.0.2 released last night

No votes yet

iOS 8.0.2 was released last night, just eight days after 8.0, and just a day or so after 8.0.1 was released but quickly pulled. Our database of iOS Devices has all the links for direct downloads. Here are the release notes.


This release contains improvements and bug fixes, including:

  • Fixes an issue in iOS 8.0.1 that impacted cellular network connectivity and Touch ID on iPhone 6 and iPhone 6 Plus
  • Fixes a bug so HealthKit apps can now be made available on the App Store
  • Addresses an issue where 3rd party keyboards could become deselected when a user enters their passcode
  • Fixes an issue that prevented some apps from accessing photos from the Photo Library
  • Improves the reliability of the Reachability feature on iPhone 6 and iPhone 6 Plus
  • Fixes an issue that could cause unexpected cellular data usage when receiving SMS/MMS messages
  • Better support of Ask To Buy for Family Sharing for In-App Purchases
  • Fixes an issue where ringtones were sometimes not restored from iCloud backups
  • Fixes a bug that prevented uploading photos and videos from Safari

For information on the security content of this update, please visit this website:

Apple Firewall Issues

jesselvella's picture
Your rating: None (4 votes)


Just a heads up that it looks like Apple may be using a different service now to load the App Store. I ran into the issue today where the App Store was blocked for all of our students' iPads. I ran a trace on the HTTPS traffic coming from the device when it said it couldn't connect and I found it trying to hit this IP:

That IP also resolves to the domain name of:


I hope this helps anyone that may be having issues connecting to the App Store or maybe some can provide us with info on why the App Store seems to want to connect to that IP now.


Third Party Keyboards.... Beware!

Jakey's picture
Your rating: None (1 vote)

I just thought i would insert a quick note, as this isn't really documented anywhere on the internet yet that i can see...

The issue with Third party apps is that you can grant them full system access, which is great for those who want third party keyboards.

However, with that setting comes big consequences, as a result of this a keyboard can now interact with applications on a much deeper level, it can also now report home to the internet. This gives genuine applications visibility of what is being typed, most give privacy agreements around credit card and password fields which is fine.
But for those of us in the enterprise who are using these "secure containers" this is a serious breach of security, you could be unaware of the fact you are leaking sensitive information out to a third party.

Its important to know in order to prevent this all you need to do is make sure you have your corporate applications set as "Managed". Luckily our applications are already managed, so providing we never chose to manage third party keyboards.

There is an important extract in the latest Apple Security document detailing this;

For devices enrolled in mobile device management, document and keyboard extensions obey Managed Open In rules. For example, the MDM server can prevent a user from exporting a document from a managed app to an unmanaged Document Provider, or using an unmanaged keyboard with a managed app. Additionally, app developers can prevent the use of third-party keyboard extensions within their app.

Ensure that in your policy "Allow opening managed app documents in unmanaged apps" is unchecked to prevent third party keyboards. Resulting in the restriction named "Opening documents from managed to unmanaged apps not allowed" being set on the device under General > Profiles > Restrictions.
The setting of "Allow opening unmanaged app documents in managed apps" has no impact on third party keyboard, so this can stay set to suit your current corporate policy.

Hope this helps someone.


Your rating: None (5 votes)

What is Supervision?

Supervision was introduced by Apple in iOS 5 to differentiate institutionally-owned iPhones and iPads from personally-owned devices. Supervision is enabled using Apple Configurator, Device Enrollment Program — if purchased directly from Apple — or by GroundControl.

Supervision offers tremendous benefits to enterprises and institutions. It unlocks more than 20 additional management features, including single app mode, silent app push, and always-on VPN. Supervision also allows IT departments to restrict many features not appropriate for corporate-owned or shared devices, such as AirDrop, Messages, Handoff, and even Erase.

Despite the benefits, the supervision process had been too cumbersome for most organizations. According to a major MDM provider, fewer than 10% of all institutionally-managed devices are supervised.

Supervision features by iOS release:

  • App Lock (Single App Mode)
  • Global HTTP Proxy
  • Block iBookstore, iMessages
  • Block Game Center


  • Block AirDrop, AirPlay, etc.
  • Disallow Host Pairing
  • Activation Lock Bypass
  • Autonomous Single App Mode
  • Web Content Filter
  • Set background & lock screen
  • Silent App Push


  • Always-On VPN
  • Prevent Cloud Sync
  • Prevent Spotlight Internet results
  • Prevent Handoff
  • Prevent Erase
  • Prevent Restrictions UI
  • Prevent installation of Configuration Profiles by UI


Applescript for verification emails

johnyn's picture
No votes yet

I created an AppleScript to automate clicking the verification link and signing in. The script is messy...I just wrote it and used it today and haven't cleaned it up or commented at all.

The workflow I'm using it with is like this:

Use the Apple ID creator script, using the same password for all of the accounts.
Setup an Outlook rule to move verification emails to a folder named "AppleVerify".
Create another folder named "AppleVerifyDone".
Then I run this script.

The script will scan through AppleVerify to grab the verification link and the apple id, opens safari to that link, input the Apple ID, and inputs the password. Then it closes the safari window and moves the email to AppleVerifyDone.

Again, it's really messy and it will probably break for you since I wrote it specifically for my workflow. But I figure it might help someone out.

Rename .txt to .scpt
Edit the idpassword and emaildomain variables

About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Comparison of MDM Providers

Recent Activity

Who's New