Profiles not being Applied on Locked Device

aircukjati's picture
No votes yet

We are using a MDM, one that is listed to the right, to manage our iOS devices and I have ran into an issue with pushing profiles while the iOS devices are locked. I am able to ping the iOS device but when I push the profile, either a new one like a webclip or a change to an existing profile the device does not get the payload.

If I unlock the iOS device the policy does show up, I can ask the iOS client to check home and it connects, but the policy still doesn't show up. I have to push the policy AGAIN and then the profile is successfully pushed down to the device. This has left me in a quandary about my MDM. All of our devices are on 5.1.1, we did a proof of concept last year on iOS 4.35 and this was not an issue.

My MDM provider states this is the effect of iOS 5 and that Apple has changed this policy and there is nothing they can do to modify this behavior.

Any MDM user out there experiencing the same thing? I can't believe all my iOS device have to be unlock to manage them.

Bind iOS Device to Profile Manager using Apple Configurator

Alexanderre's picture
No votes yet

Hi everybody!
Is it possible to bind multiple iOS devices to an existing Profile Manager using Apple Configurator? Which profiles should I install? The trick is to perform an initial out-of-the-box set up for a lot of devices using Configurator and then manage them via Profile Manager.

Using MobileIron for push notifications in our Enterprise app?

chris.patterson's picture
No votes yet

Hi all,

I am an iOS developer starting a new project for one of our Enterprise customers. The iOS app will need to get Apple push notifications to notify the users of an event. This project will also have a significant server-side admin web app of its own to schedule these events for users in separate groups.

My IT contact with the customer sent me the following question. I'm only generally familiar with MobileIron and its capabilities.

"We have installed Mobile Iron to support our field staff mobile devices. Will we be able to use it for the push notifications for this app?"

I suspect that the answer is NO, for the following reasons:

  1. There is no REST or Javascript API that would allow our admin web app to schedule push notifications through MobileIron.
  2. The notifications would be received by the MobileIron MyPhone@Work app and not our own app and thus our app could not act on the notification.

Are my suspicions correct? Is it possible to leverage their investment in MobileIron in any way for this project other than for deployment?

Thanks in advance for any insights and information...

Most silent way to update app?

cjacobsson's picture
No votes yet

I have a number of iPads that are enrolled to my OSX MDM server and Profile Manager. The iPads are non-personal devices placed in public office areas, mounted in iPads stands. My question is, what is the easiest way to update an app that is already installed to the latest version? Is there a way of doing this without user interaction? The app is in the App Store.

The devices are currently running iOS 5.1.1. My OS X Server is on Mountain Lion with Profile Manager 2.


Enterprise IT Adoption Cycle, Visualized

No votes yet

I came across this great chart on Brian Katz's blog. I'm sure more than a few of you will appreciate it.

Apple Configurator 1.2 adds support for iOS 6, Active Directory, Apple TV

No votes yet

Apple Configurator is gaining prominence as Apple's preferred iOS management utility. The latest version adds a wide array of improvements. From the release notes:

Apple Configurator 1.2 is a recommended update for all Apple Configurator users. This update is available from the Mac App Store, via the Updates tab.

What's new in version 1.2?

This update improves overall stability and performance, and includes the following:

  • Support for new iOS 6 features (Lock to App and Global HTTP Proxy) on supervised iOS devices
  • Support for these new iOS 6 restrictions on a supervised device:
  • Allow the removal of apps from the device
  • Allow use of iMessage
  • Allow access to iBookstore or the purchase of books classified as "Erotica" from iBookstore
  • Allow filtering of profanity for Siri
  • Allow use of Game Center
  • Allow the installation of new configuration profiles
  • Improved reliability when activating a new iPhone or iPad with Wi-Fi + Cellular
  • The last settings used on the Prepare pane are retained when Apple Configurator is quit and relaunched
  • Improved ability to update or restore devices that are currently in recovery mode
  • Members of Active Directory groups are now shown in the Assign pane
  • Paid apps from the App Store can now be installed in the Prepare pane only when a device is being supervised
  • Support for configuring advanced network options on Apple TV

Is there a way to configure iOS device to revert on reboot?

Alexanderre's picture
No votes yet

Hi everybody!
Is there a way to configure iPad/iPhone so it'd revert back to what's installed on it and what's in it's configuration profile, every time it reboots erasing all the data user has entered? It's about renting iPad for small hotels' customers.
Reminds me of an Apple iOS Demo Content, but is there a way to make such a setup manually with the tools available for everybody?

What has @rsaeks (and me) excited about iOS 6?

No votes yet

Over at, Randall Saeks listed what excited him about iOS 6. It is what I would have written, had I had the time. His #2 is an especially big game changer.

If he is missing one feature, it is Do Not Disturb. Don't worry; Ars Technica has that covered.

iPhone Configuration Utility for Windows 3.6

Paul Adams's picture
No votes yet

This week Apple updated iPCU for Windows to V3.6, but iPCU for OS X is still at V3.5. I cannot locate release notes for 3.6 so I don't know exactly what has changed.

However, there is now a new field in the General payload called "Consent Message," and has a description "Brief message that will be displayed during profile installation."

I tried this with our MDM solution, on an iOS 6 device, but the message was not displayed.

Does anyone know of any other changes in iPCU 3.6?

Poll: What do you think of iOS 6 Maps?

I love it. Better than Google.
14% (32 votes)
Whatever. About the same as before.
9% (22 votes)
It's worse. But I think it will get better with time, and I'm not panicking.
47% (110 votes)
OMG. How could Apple have shipped this? Panic!
31% (72 votes)
Total votes: 236

My head hurts: Updated Apple TV works with Apple Configurator

No votes yet

Apple today updated the software for its iOS-powered Apple TV. The update brings the software to "5.1," and is available through the Apple TV Settings menu.

In addition to shared photo streams, AirPlay out, icon repositioning, and subtitles, the update allows for "advanced network configurations" using configuration profiles. There is a knowledge base article on installing the configurations using Apple Configurator. I suppose this could be used to deploy dozens of Apple TVs within a large school or company. Or maybe it could provide access to restrictions and hidden features?

This addition continues to raise the profile of Configurator, if ever so slightly. The tool is clearly becoming Apple's go-to solution for iOS deployment.

About the Security Content of iOS 6

No votes yet

Great stuff in here, if this is the sort of thing you like:

Executive Lunches in NYC from Tekserve and Enterprise iOS

No votes yet

I'm hosting two executive lunches next week in New York City for organizations that are working on iPad integration challenges.

Tuesday, September 25th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
The Institute of Culinary Education will share their experience deploying iPads to teachers and students for training and teaching. You will learn:

  • How to empower your teachers to dynamically display lessons using HDTVs connected to the iPad wirelessly with Apple TV.
  • How to create iPad compatible training materials.
  • How to stage the release of training materials so that students don't receive materials they aren't ready for (or haven't paid for).
  • How to outsource Help Desk support and training on how to use the iPad.
  • How to implement a mobile device management solution that adapts to your organization's evolving device policies and practice.
  • How using the iPad enhances The Institute of Culinary Education's credibility as innovative and forward thinking with partners and potential students.

Thursday, September 27th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
Showtime Networks will share 2 years of experience integrating iPads bought for employees as well as current challenges with personal devices. You'll learn:

  • How to empower your staff to work smarter, more creatively, and move flexibly with the iPad (beyond just replying to email).
  • How to create iPad compatible resources that save time and money, plus allow employees to be more productive while traveling.
  • How to work with your internal IT department to enable productivity instead of stifle it.
  • How to implement a mobile device management solution that adapts to your organization's evolving device policies and practices.
  • The challenges of employees bringing in their own iPads and upgrading faster than your organization.
  • How using the iPad enhances Showtime's credibility as innovative and forward-thinking with affiliates and partners.

To Attend
Please email jazmin [at] tekserve dot com with your name, title, company name, and phone number. Space is limited to 30 participants.

Disable 3G when roaming?

Lambypie's picture
No votes yet


Is there a way an mdm policy can be applied and disable the use of 3G while roaming?


Users device is working on 3G and when the user is notified that they are roaming the policy will restrict 3G and only allow use of a 2g connection. When the user returns to their home country the policy is removed automatically.

This is purely for cost saving measures.

Thanks Paul

iOS 6 configuration profile reference: Configurator and MDM begin dating

No votes yet

iOS 6, released today, brings several under-the-hood features geared specifically to businesses. And if you use Apple Configurator to lock down your iPads and iPhones with "Supervision," there are even more benefits. Supervision can lock down iOS and restrict much more than traditional MDM, and is a great solutions for schools, kiosks, Point-of-Sale, and other shared-use environments.

The information below comes from the just-updated Configuration Profile Key Reference in Apple's Developer Library. I've also been aided by my employer Tekserve and MDM provider AirWatch, who provided a most helpful iOS 6 press release.

New MDM Features for all iOS 6 Devices

  • disableMailRecentsSyncing -- iOS 6 mail leverages iCloud to synchronize not only your address book, but also the email addresses you recently wrote. In iOS 6, this feature may be disabled for a particular account.
  • allowDiagnosticSubmission -- When false, this prevents the device from automatically submitting diagnostic reports to Apple. Defaults to true.
  • allowPassbookWhileLocked -- If set to false, Passbook notifications will not be shown on the lock screen. This will default to true.
  • allowSharedStream -- If set to false, Shared Photo Stream will be disabled. This will default to true.

New MDM Features for all iOS 6 Devices Supervised by Apple Configurator

  • allowGameCenter -- When false, Game Center is disabled and its icon is removed from the Home screen. Default is true.
  • allowBookstore -- If set to false, iBookstore will be disabled. This will default to true.
  • allowBookstoreErotica -- If set to false, the user will not be able to download media from the iBookstore that has been tagged as erotica. This will default to true.
  • allowUIConfigurationProfileInstallation -- If set to false, the user is prohibited from installing configuration profiles and certificates interactively. This will default to true.
  • App Lock Payload -- Leverage Guided Access to lock the device into a specific app. The home button is disabled, and the device returns to the specified application automatically upon wake or reboot. Only one app can be locked at any time. When the payload is removed the behavior reverts to normal.
  • Global HTTP Proxy -- This payload allows you to specify global HTTP proxy settings, so all HTTP traffic passes through the proxy.
  • Also an AirWatch video shows the ability to change the background a lock screen images on supervised devices, but we haven't yet been able to confirm that.

Regular readers know that I'm a big fan of Configurator. Far from being a cheap substitute for Mobile Device Management, I've thought about the two as complementary. And it seems with iOS 6 we are glimpsing Apple's big plans for the two.

[Update 3:17 PM] added Global HTTP Proxy.

About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Comparison of MDM Providers

Recent Activity

Who's New