Now who wants to port the Apple ID creator?
[UPDATE: MAKE SURE THERE IS ENOUGH DISK SPACE ON THE DEVICE!! Configurator doesn't handle low disk space gracefully...the device will be forced into recovery and you will need to erase the device.]
Apple is releasing iOS 8 tomorrow, and you know what that means. Gigabytes of data streaming through your WAN connection, making real work next to impossible to get done.
But it doesn't need to be that way. You can use Apple Configurator to download once, and upgrade many devices quickly, safely and efficiently. Be the superhero of the day by getting your colleagues iPhones and iPads updated in the least amount of time possible.
Note: FOLLOW THESE INSTRUCTIONS CAREFULLY. You don't want to be the guy who asks, "Why didn't you have a backup?"
Step 1: Find a Mac. Any Mac will do. Connect it to the biggest USB hub as you can find.
Step 2: Download Apple Configurator from the Mac App Store.
Step 3: Launch Configurator.
Step 4: Make sure the "Prepare" tab is selected.
Step 5: Set up the options EXACTLY as they are here. Pay special attention to make sure "Supervision" is off and "Erase before installing" is UNCHECKED.
Step 6: Make sure you aren't installing any apps and aren't setting anything in setup, in their respective tabs.
Step 7: Double-check the settings. Make sure you have no iOS devices connected via USB.
Step 8: Click the "Prepare" button at the bottom of the screen.
Step 9: Connect the first iOS device. Configurator will download iOS 8 and install it.
Step 10: Connect the second iOS device. It is safe to do this while the first is downloading. It won't download the same file twice, but it will download the unique version for that model when needed.
Step 11: After download and install, disconnect the device.
Step 12: When you have upgraded all the devices you want, click the "Stop" button.
Good luck tomorrow, and let us know how it goes. Who among you will upgrade the most devices?
(Pro Tip: The cached firmware takes up a HUGE amount of space. To clear them out, look in the path /Users/USERNAME/Library/Containers/com.apple.configurator/Data/Library/Caches/com.apple.configurator/Firmware.)
That may seem like a vendor complaint but truly seeking answers to who else on other MDM platforms is experiencing this.
For the first month of school our MDM is truely struggling with pushing out paid VPP apps to devices and continually has major VPP licensing issues. As in it thinks that we do not have any licenses to distribute VPP apps normally and we need to go thru a long time consuming procedure per unit to get paid apps on devices involving 'retiring' the current VPP user in MDM, recreating that units VPP 'user' in our MDM and then doing a manual association of paid apps to that device, plus many other 'workarrounds'. So far our MDM provider has indicated issues with VPP syncing with their product and has issued 2 Server SW patches to address issues in the last month, both of which we have limited success with. Other K-12 Districts have similar VPP issues with this particular MDM product. Up to this point we have been extremely happy with our MDM providers support, but this month of basically silence while we suffer with this issue with very little communication has left a very bad taste in out mouth for their product and honestly looking other directions for a MDM solution.
Anyway, all of that to ask with your MDM have you had any issues where the VPP licenses under normal conditions about 60-70% of the time will not associate correctly with a iOS device and an Apple ID 'user' unless you do a long drawn out procedure per device to address? With over 3500 devices at this pace it will be past Christmas break before we get the paid apps issues addressed on units.
At a press event today, Apple announced that iOS 8 will be publicly available on Wednesday September 17. The update is free and compatible with:
- iPhone 5S
- iPhone 5C
- iPhone 5
- iPhone 4S
- iPad Air
- iPad with Retina Display
- iPad 2
- iPad mini with Retina Display
- iPad mini
- iPod touch 5th Generation
So test out those caching servers (and if inclined those DNS blocks).
[Editor's note: Folks, for the last nine months or so I've been working on a pretty big project, and today I'm happy to help reveal it to you. Much of what I've learned has come from this community. Thank you! And if you are in Atlanta at AirWatch Connect, please stop by the expo and say hi.]
GroundControl is a new system for streamlining iOS deployment, launching today. Plug in a USB cable, and GroundControl supervises, restores a base image, and installs configuration profiles, on out-of-the-box iPhones and iPads and without a screen touch. The multiple "Launchpad" base stations are managed by the cloud, helping ensure a consistent experience no matter how large your deployment is. If you like, think of it as "Configurator in the cloud".
Perhaps the best way to get a feel for the product is to take a look at the demo video below:
Visit the site http://www.groundctl.com for an FAQ and a signup for a trial. If you have questions please ask.
The press release follows.
I've been wondering this for quite some time and haven't been able to figure it out. Apple has touted the following as a new feature coming in iOS 8.
"In addition to Mail and third-party apps, the Calendar, Contacts, Reminders, Notes, and Messages apps as well as user credentials are protected with a passcode until after the device is unlocked following a reboot."
What does that actually mean? It seems incredibly vague. Does that mean those applications will be able to have their own passcode at the application level instead of the device level? If not, then what is actually different from how passcodes worked before? Hasn't "protected with a passcode until after the device is unlocked following a reboot," always been the case when a passcode is being used?
We have a program that is just getting off the ground that allows our franchised users to purchase an iPad from us with good financing terms and the company specific apps to be preloaded when they receive it.
The problem we are running into is, since we are using Configurator to setup the iPads (download Google Chrome and Podcasts among others). When the user receives the iPad, it is not tied to an Apple ID but when Google Chrome releases an update, then the update screen prompts for the password that was originally used to download the app.
Is there any way to avoid this?
Setup email, download apps, and download some content within the apps. Some of this is automated through Configurator and some is manual. If we move to a completely manual process we still get the same issue as an Apple ID is required to download the free stuff.
The devices will not be supervised nor will they be ever touched again by our IT staff. These are resold to the end user and setup as a value added service.
Apple has announced that its iTunes Volume Purchase Program is now available in 16 additional countries. The full list is now:
Australia, Belgium, Canada, Denmark, Finland, France, Germany, Greece, Hong Kong, Ireland, Italy, Japan, Luxembourg, Mexico, Netherlands, New Zealand, Norway, Singapore, Spain, Sweden, Switzerland, Taiwan, Turkey, United Arab Emirates, United Kingdom, and United States.
In addition, Apple is now allowing VPP credits to be purchased through resellers (at least in the U.S.). Previously, credits were sold direct only. Support your favorite reseller and purchase locally!
i have a question about the nature of app updates on iOS7 that are sideloaded using the apple configurator. Is there any technical reason why apps sideloaded on an iOS 7 device cannot be later updated with another signed in apple id?
i looking into sideloading the MobileIron MDM client using the apple configurator, but only if the mobileiron mdm client can be updated from the apple app store using the owner's own personal apple id?
Does anyone have any experience with sideloading MDM client ipa files using the apple configurator?
About a week ago, security researcher Jonathan Zdziarski revealed what apparently is a number of "backdoors" to iOS. These allow access to data on even encrypted devices, as long as a pairing record is available from a trusted source (not trivial). Although Jonathan took pains to qualify the announcement, several reports have seemed to exaggerate the issue.
In response, Jonathan has compiled a list of more reputable tech articles on the topic. I've reprinted the list below.
iOS Lockdown “Backdoors” (TL;DR)
Dino Dai Zovi, Co-Author “iOS Hacker’s Handbook”
Surveillance Mechanisms in iOS Devices – Don’t Panic but… Do Read This
Elissa Shevinsky, CEO of Glimpse
Apple iPhones allow extraction of deep personal data, researcher finds
Reuters / Joseph Menn
Is Apple’s iOS Backdoor Not a Backdoor
Wall Street Cheat Sheet / Nathaniel Arnold
iOS slurp ware brouhaha: It’s for diagnostics, honest, says Apple
The Register / Iain Thomson
All, I have an oddity that hopefully someone has some ideas.
My infrastructure does not support traditional IP structures.
When we set up Apple Server to do Caching it instantly disables and errors out that we are using a public network. Which we are not, we just (as I said) don't use the traditional 10.*.* approach.
We need to upgrade multiple devices in multiple locations and don't / can't tie up the bandwidth needed to do them all over the air.
Here is an example:
One location may have 300 iPads.
iOS 8 is going to come in ~1.7 gb.
You don't have to be a network genius to see that 510gb of data, is going to drop traffic to a crawl!
Especially when other traffic gets the majority of the bandwidth and these device scavenge for what they get.
Has anyone tackled this, if so... please elaborate.
Are there other offerings Casper or SCCM come to mind in my quandry.
Any and all assistance is a boon at this point,
I have updated the script to work with versions 11.2.2 and 11.3
You can find the updated version here: https://github.com/brandonusher/Apple-ID-AppleScript
I have tested the creation process with the updated version while creating ~3,000 IDs and I only ran into one issue I couldn't fix, which is as follows:
- Sometimes AppleScript won't be able to find the iTunes window, so it breaks. To fix this, just edit the spreadsheet to remove the IDs it has already created and run the script again.
If you have any questions, feel free to ask and I can try to help you out
It seems Apple has made the prerelease Configuration Profile Key Reference available to the public. This the technical documentation for much of the iOS and Mac enterprise management capabilities Apple makes available via MDM vendors, Configurator, etc. (The other main document, the MDM Protocol Reference, remains behind the developer site authentication wall.)
I've done a diff with the documentation for iOS 7, and here are the highlights. Remember, this is prerelease and may change before release.
- SMIMEEnablePerMessageSwitch (Email Payload): Optional. If set to true, enable the per-message signing and encryption switch. Defaults to false.
- allowManagedAppsCloudSync (Restrictions Payload): Optional. If set to false, prevents managed applications from using cloud sync.
- allowEraseContentAndSettings (Restrictions Payload): Supervised only. If set to false, disables the “Erase All Content And Settings” option in the Reset UI.
- allowSpotlightInternetResults (Restrictions Payload): Supervised only. If set to false, Spotlight will not return Internet search results.
- allowEnablingRestrictions (Restrictions Payload): Supervised only. If set to false, disables the "Enable Restrictions" option in the Restrictions UI in Settings.
- allowActivityContinuation (Restrictions Payload): If set to false, Activity Continuation will be disabled. Defaults to true.
- allowEnterpriseBookBackup (Restrictions Payload): If set to false, Enterprise books will not be backed up. Defaults to true.
- allowEnterpriseBookMetadataSync (Restrictions Payload): If set to false, Enterprise books notes and highlights will not be synced. Defaults to true.
- EAPFASTUsePAC (WiFi Payload): Clearer fallback rules
- AlwaysOn VPN
- IKEv2 VPN
- Web Content Filter Plugins
- Managed Domains: New Email domains and Web domains. This payload defines web domains that are under an enterprise’s management.
Is anyone here using the new Apple Device Enrollment Program (DEP) for iPhones? I can see it being used for iPads since you can normally buy these direct from Apple however iPhones are a bit more challenging because I would think most enterprises buy the phones from their wireless provider. Can anyone please provide any insight they may have regarding DEP and iPhones? Thanks!
- Comparison of MDM Providers (682,372)
- Complete List of iOS User-Agent Strings (307,401)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (201,064)
- Apple Configurator vs. MDM (136,458)
- iOS Devices (90,609)
- Mobile Device Management (89,220)
- Apple Profile Manager (81,413)
- Batch Apple ID Creator (76,169)
- Gartner Magic Quadrant for MDM (2014, 2012, 2011) (76,085)
- AirWatch (72,058)
Comparison of MDM Providers
Apple Launches "Managed Distribution" for App Store Volume Purchase Program (VPP) for Business and EducationStory comment by KrisBritt 2 days ago
Story comment by KrisBritt 2 days ago
Story comment by bk_ccsd 3 days ago
Forum topic added by Arrowscan 4 days ago
Forum topic comment by vivekraja 5 days ago
Forum topic comment by GeorgeJuarez 6 days ago
Forum topic comment by bazar-e-husn 6 days ago
Forum topic comment by samantha 1 week ago
Forum topic comment by yasminpriya 1 week ago
Forum topic comment by William Spacy 1 week ago
Forum topic comment by swkim 1 week ago
Forum topic comment by SmithMorgan 1 week ago
Forum topic comment by taylor 1 week ago
Forum topic comment by dickswall 1 week ago
Story comment by dickswall 1 week ago
Wiki Page comment by taylor 1 week ago
Forum topic comment by taylor 1 week ago
Forum topic comment by tboyko 1 week ago
Forum topic added by Edam 2 weeks ago
Story comment by jeffreydeklaas 2 weeks ago