We are using a MDM, one that is listed to the right, to manage our iOS devices and I have ran into an issue with pushing profiles while the iOS devices are locked. I am able to ping the iOS device but when I push the profile, either a new one like a webclip or a change to an existing profile the device does not get the payload.
If I unlock the iOS device the policy does show up, I can ask the iOS client to check home and it connects, but the policy still doesn't show up. I have to push the policy AGAIN and then the profile is successfully pushed down to the device. This has left me in a quandary about my MDM. All of our devices are on 5.1.1, we did a proof of concept last year on iOS 4.35 and this was not an issue.
My MDM provider states this is the effect of iOS 5 and that Apple has changed this policy and there is nothing they can do to modify this behavior.
Any MDM user out there experiencing the same thing? I can't believe all my iOS device have to be unlock to manage them.
I am an iOS developer starting a new project for one of our Enterprise customers. The iOS app will need to get Apple push notifications to notify the users of an event. This project will also have a significant server-side admin web app of its own to schedule these events for users in separate groups.
My IT contact with the customer sent me the following question. I'm only generally familiar with MobileIron and its capabilities.
"We have installed Mobile Iron to support our field staff mobile devices. Will we be able to use it for the push notifications for this app?"
I suspect that the answer is NO, for the following reasons:
- The notifications would be received by the MobileIron MyPhone@Work app and not our own app and thus our app could not act on the notification.
Are my suspicions correct? Is it possible to leverage their investment in MobileIron in any way for this project other than for deployment?
Thanks in advance for any insights and information...
I have a number of iPads that are enrolled to my OSX MDM server and Profile Manager. The iPads are non-personal devices placed in public office areas, mounted in iPads stands. My question is, what is the easiest way to update an app that is already installed to the latest version? Is there a way of doing this without user interaction? The app is in the App Store.
The devices are currently running iOS 5.1.1. My OS X Server is on Mountain Lion with Profile Manager 2.
Apple Configurator 1.2 is a recommended update for all Apple Configurator users. This update is available from the Mac App Store, via the Updates tab.
What's new in version 1.2?
This update improves overall stability and performance, and includes the following:
- Support for new iOS 6 features (Lock to App and Global HTTP Proxy) on supervised iOS devices
- Support for these new iOS 6 restrictions on a supervised device:
- Allow the removal of apps from the device
- Allow use of iMessage
- Allow access to iBookstore or the purchase of books classified as "Erotica" from iBookstore
- Allow filtering of profanity for Siri
- Allow use of Game Center
- Allow the installation of new configuration profiles
- Improved reliability when activating a new iPhone or iPad with Wi-Fi + Cellular
- The last settings used on the Prepare pane are retained when Apple Configurator is quit and relaunched
- Improved ability to update or restore devices that are currently in recovery mode
- Members of Active Directory groups are now shown in the Assign pane
- Paid apps from the App Store can now be installed in the Prepare pane only when a device is being supervised
- Support for configuring advanced network options on Apple TV
Is there a way to configure iPad/iPhone so it'd revert back to what's installed on it and what's in it's configuration profile, every time it reboots erasing all the data user has entered? It's about renting iPad for small hotels' customers.
Reminds me of an Apple iOS Demo Content, but is there a way to make such a setup manually with the tools available for everybody?
Over at techrecess.com, Randall Saeks listed what excited him about iOS 6. It is what I would have written, had I had the time. His #2 is an especially big game changer.
If he is missing one feature, it is Do Not Disturb. Don't worry; Ars Technica has that covered.
This week Apple updated iPCU for Windows to V3.6, but iPCU for OS X is still at V3.5. I cannot locate release notes for 3.6 so I don't know exactly what has changed.
However, there is now a new field in the General payload called "Consent Message," and has a description "Brief message that will be displayed during profile installation."
I tried this with our MDM solution, on an iOS 6 device, but the message was not displayed.
Does anyone know of any other changes in iPCU 3.6?
In addition to shared photo streams, AirPlay out, icon repositioning, and subtitles, the update allows for "advanced network configurations" using configuration profiles. There is a knowledge base article on installing the configurations using Apple Configurator. I suppose this could be used to deploy dozens of Apple TVs within a large school or company. Or maybe it could provide access to restrictions and hidden features?
This addition continues to raise the profile of Configurator, if ever so slightly. The tool is clearly becoming Apple's go-to solution for iOS deployment.
I'm hosting two executive lunches next week in New York City for organizations that are working on iPad integration challenges.
Tuesday, September 25th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
The Institute of Culinary Education will share their experience deploying iPads to teachers and students for training and teaching. You will learn:
- How to empower your teachers to dynamically display lessons using HDTVs connected to the iPad wirelessly with Apple TV.
- How to create iPad compatible training materials.
- How to stage the release of training materials so that students don't receive materials they aren't ready for (or haven't paid for).
- How to outsource Help Desk support and training on how to use the iPad.
- How to implement a mobile device management solution that adapts to your organization's evolving device policies and practice.
- How using the iPad enhances The Institute of Culinary Education's credibility as innovative and forward thinking with partners and potential students.
Thursday, September 27th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
Showtime Networks will share 2 years of experience integrating iPads bought for employees as well as current challenges with personal devices. You'll learn:
- How to empower your staff to work smarter, more creatively, and move flexibly with the iPad (beyond just replying to email).
- How to create iPad compatible resources that save time and money, plus allow employees to be more productive while traveling.
- How to work with your internal IT department to enable productivity instead of stifle it.
- How to implement a mobile device management solution that adapts to your organization's evolving device policies and practices.
- The challenges of employees bringing in their own iPads and upgrading faster than your organization.
- How using the iPad enhances Showtime's credibility as innovative and forward-thinking with affiliates and partners.
Please email jazmin [at] tekserve dot com with your name, title, company name, and phone number. Space is limited to 30 participants.
Is there a way an mdm policy can be applied and disable the use of 3G while roaming?
Users device is working on 3G and when the user is notified that they are roaming the policy will restrict 3G and only allow use of a 2g connection. When the user returns to their home country the policy is removed automatically.
This is purely for cost saving measures.
iOS 6, released today, brings several under-the-hood features geared specifically to businesses. And if you use Apple Configurator to lock down your iPads and iPhones with "Supervision," there are even more benefits. Supervision can lock down iOS and restrict much more than traditional MDM, and is a great solutions for schools, kiosks, Point-of-Sale, and other shared-use environments.
The information below comes from the just-updated Configuration Profile Key Reference in Apple's Developer Library. I've also been aided by my employer Tekserve and MDM provider AirWatch, who provided a most helpful iOS 6 press release.
New MDM Features for all iOS 6 Devices
- disableMailRecentsSyncing -- iOS 6 mail leverages iCloud to synchronize not only your address book, but also the email addresses you recently wrote. In iOS 6, this feature may be disabled for a particular account.
- allowDiagnosticSubmission -- When false, this prevents the device from automatically submitting diagnostic reports to Apple. Defaults to true.
- allowPassbookWhileLocked -- If set to false, Passbook notifications will not be shown on the lock screen. This will default to true.
- allowSharedStream -- If set to false, Shared Photo Stream will be disabled. This will default to true.
New MDM Features for all iOS 6 Devices Supervised by Apple Configurator
- allowGameCenter -- When false, Game Center is disabled and its icon is removed from the Home screen. Default is true.
- allowBookstore -- If set to false, iBookstore will be disabled. This will default to true.
- allowBookstoreErotica -- If set to false, the user will not be able to download media from the iBookstore that has been tagged as erotica. This will default to true.
- allowUIConfigurationProfileInstallation -- If set to false, the user is prohibited from installing configuration profiles and certificates interactively. This will default to true.
- App Lock Payload -- Leverage Guided Access to lock the device into a specific app. The home button is disabled, and the device returns to the specified application automatically upon wake or reboot. Only one app can be locked at any time. When the payload is removed the behavior reverts to normal.
- Global HTTP Proxy -- This payload allows you to specify global HTTP proxy settings, so all HTTP traffic passes through the proxy.
- Also an AirWatch video shows the ability to change the background a lock screen images on supervised devices, but we haven't yet been able to confirm that.
Regular readers know that I'm a big fan of Configurator. Far from being a cheap substitute for Mobile Device Management, I've thought about the two as complementary. And it seems with iOS 6 we are glimpsing Apple's big plans for the two.
[Update 3:17 PM] added Global HTTP Proxy.
About This Site
- Comparison of MDM Providers (644,311)
- Complete List of iOS User-Agent Strings (274,160)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (181,439)
- Apple Configurator vs. MDM (126,826)
- Mobile Device Management (84,142)
- Apple Profile Manager (74,447)
- iOS Devices (74,123)
- Batch Apple ID Creator (69,736)
- Gartner Magic Quadrant for MDM (2014, 2012, 2011) (68,751)
- AirWatch (68,206)
Comparison of MDM Providers
Forum topic comment by mldadmin 2 hours ago
Story comment by dfeldman 2 hours ago
Forum topic added by Snourse 8 hours ago
Story comment by Snourse 9 hours ago
Forum topic comment by klatuu 11 hours ago
Forum topic comment by spurtipreetham 13 hours ago
Forum topic comment by Dwarak 13 hours ago
Forum topic comment by carloleroux 3 days ago
Forum topic added by tambz9 3 days ago
Story added by Aaron Freimark 3 days ago
Story added by Aaron Freimark 3 days ago
Story comment by klatuu 3 days ago
Forum topic comment by Jakey 4 days ago
Story comment by nick.thompson 4 days ago
Forum topic comment by cape_doctor 4 days ago
Forum topic added by klatuu 5 days ago
Forum topic added by nberrios 5 days ago
Forum topic comment by Anonymous 5 days ago
Story comment by Anonymous 5 days ago
Forum topic comment by Anonymous 5 days ago