Four more MDM providers added to the comparison for iOS 7

No votes yet

Thanks to SOTI MobiControl, PUSHMANAGER, BoxTone and ProMDM for updating their entries on our Comparison of MDM Providers. Woo hoo!

In case you need another reason to update to iOS 7, here is a really long list of its security fixes

No votes yet

Apple has posted a remarkably long list of security vulnerabilities friend iOS 6, and fixed in iOS 7. See this link: http://support.apple.com/kb/HT5934

Our Awesome Configurator iOS 7 Upgrade Machine

Your rating: None (1 vote)

You may have noticed how Apple's servers were a little stressed today. To overcome thin bandwidth, we used Apple Configurator and copies of the iOS 7 GM we'd previously downloaded (they are identical to the final release). And here's what it looked like:

The device in the center is a 16-port U16S by Datamation Systems. This cool little device has an API to switch individual ports between charging and syncing. (Available for sale from Tekserve!)

iOS 7 is out -- here's a list of IPSW download links

No votes yet

Cribbed from the always useful http://ios.e-lite.org:

device current version date found
AppleTV(2G) (AppleTV2,1) 5.3 (10B809) 06/19/2013 18:04:01
AppleTV3,1 (AppleTV3,1) 5.3 (10B809) 06/19/2013 10:11:01
AppleTV3,2 (AppleTV3,2) 5.3 (10B809) 06/19/2013 10:11:01
iPad (iPad1,1) 5.1.1 (9B206) 05/07/2012 13:13:01
iPad2(wifi) (iPad2,1) 7.0 (11A465) 09/18/2013 13:54:01
iPad2(at&t) (iPad2,2) 7.0 (11A465) 09/18/2013 13:54:01
iPad2(vz) (iPad2,3) 7.0 (11A465) 09/18/2013 13:54:01
iPad2,4 (iPad2,4) 7.0 (11A465) 09/18/2013 13:54:01
iPad2,5 (iPad2,5) 7.0 (11A465) 09/18/2013 13:54:01
iPad2,6 (iPad2,6) 7.0 (11A465) 09/18/2013 13:54:01
iPad2,7 (iPad2,7) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,1 (iPad3,1) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,2 (iPad3,2) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,3 (iPad3,3) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,4 (iPad3,4) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,5 (iPad3,5) 7.0 (11A465) 09/18/2013 13:54:01
iPad3,6 (iPad3,6) 7.0 (11A465) 09/18/2013 13:54:01
iPhone (iPhone1,1) 3.1.3 (7E18) 04/08/2010 21:05:48
iPhone3G (iPhone1,2) 4.2 (8C148) 11/22/2010 13:08:57
iPhone3GS (iPhone2,1) 6.1.3 (10B329) 03/19/2013 13:00:01
iPhone4 (iPhone3,1) 7.0 (11A465) 09/18/2013 13:54:01
iPhone3,2 (iPhone3,2) 7.0 (11A465) 09/18/2013 13:54:01
iPhone4(vz) (iPhone3,3) 7.0 (11A465) 09/18/2013 13:54:01
iPhone4S (iPhone4,1) 7.0 (11A465) 09/18/2013 13:54:01
iPhone5,1 (iPhone5,1) 7.0 (11A465) 09/18/2013 13:54:01
iPhone5,2 (iPhone5,2) 7.0 (11A465) 09/18/2013 13:54:01
iPhone5,3 (iPhone5,3) 7.0.1 (11A470a) 09/18/2013 13:54:01
iPhone5,4 (iPhone5,4) 7.0.1 (11A470a) 09/18/2013 13:54:01
iPhone6,1 (iPhone6,1) 7.0.1 (11A470a) 09/18/2013 13:54:01
iPhone6,2 (iPhone6,2) 7.0.1 (11A470a) 09/18/2013 13:54:01
iPodTouch(2G) (iPod2,1) 4.2 (8C148) 11/22/2010 13:08:57
iPodTouch(3G) (iPod3,1) 5.1.1 (9B206) 05/07/2012 13:13:01
iPodTouch(4G) (iPod4,1) 6.1.3 (10B329) 03/19/2013 13:00:01
iPodTouch(5G) (iPod5,1) 7.0 (11A465) 09/18/2013 13:54:01
last updated: 09/18/2013 16:28:01 EDT

We've updated our huge Comparison of MDM Providers for iOS 7

No votes yet

We've spent a good number of hours over the last week updating our Comparison of MDM Providers for iOS 7. We've removed some of the more arcane sections that were getting in the way and have made the list easier to navigate. This was no small feat: there are over 100 points of comparison and 48 MDM providers.

Here are some of the many new fields we're now including:

  • Info Last Updated (date)
  • Supports iOS 7 (Y/N)
  • Enrollment by Configurator
  • Enrollment by Apple Device Enrollment Program
  • Geofencing
  • Allow Custom XML profiles
  • Supervised MDM features: Prevent Game Center, Prevent iMessage, App Lock (iOS 6), Global HTTP Proxy (iOS 6), Web Site White & Black-Listing (iOS 7), Prevent Manual Profile Installation
  • App Management: Push Enterprise Apps, Separate Managed and Unmanaged Data, Per-App VPN, Push App Configuration, Pull App Feedback, App Wrapping, App Developer SDK
  • VPP Licensing Integration
  • Reassign VPP Licenses
  • Support for other devices: Apple TV, Samsung, Nexus, HTC

So how do we learn about every MDM provider on the planet? Our secret is that we crowd-source the data. Much of it comes from the providers themselves, but other parts are added by a dedicated group of MDM aficionados. And if you see an incorrectly-ticked box, please edit the page and fix it. Hey, it's a wiki!

So I'm extra proud that here, on Day 1 of iOS 7, our chart has been updated for the following MDM providers:


l

If your favorite isn't on this list, just log in and update it! I'll announce updates as you do.

How to use DNS to block iOS 7, and other updates too

No votes yet

[updated 6:16 PM EDT]

iOS 7 is arriving tomorrow. Those of you with many devices and little bandwidth (I'm looking at you, education) may be worried about those multiple 1GB+ downloads. Apple's caching server (currently in beta) isn't going to help yet — iOS 6 doesn't know how to use it. So here is something that may help.

iOS devices check for new versions by polling the server mesu.apple.com. This is done via HTTP, port 80. Specifically, the URL is:

If you block or redirect mesu.apple.com, you will inhibit the check for software updates. If you are really ambitIous, you could redirect the query to a cached copy of the XML, but I haven't tried that. Please remove the block soon; you wouldn't want to prevent those security updates, would you?

Good luck. For the rest of you, happy updating tomorrow! We be here with plenty of news.

App Store allowing legacy app downloads to support older hardware/software

No votes yet

According to a story in 9to5mac.com, the iOS App Store is allowing downloads of older versions of apps if the newer versions would be incompatible. So say you are running the iPod touch 4 and you won't be able to upgrade to iOS 7. Even if your apps are upgraded to iOS 7-only, you'll still be able to download and use the older iOS 6 versions.

Anyway, the picture explains it better than I can.

Hey Configurator, Get Me Some Logs!

No votes yet

318's Charles Edge has discovered a way of getting more debugging info from Apple Configurator:

  1. Close Configurator
  2. In Terminal type: defaults write com.apple.configurator LogLevel ALL
  3. Open Configurator
  4. View logs in Console

To go back to normal logging use the command defaults delete com.apple.configurator LogLevel.

Thanks, Charles!

Profile Manager SDK?

wakaka's picture
No votes yet

I am working in a company that is extremely interested in deploying an in house MDM solution to administer iPhones for our employee. After a day of work, I have set up a Mac Mini with the server app and successfully enrolled an iPhone to the MDM and able to push profiles over the air.

However, using the server app provides us with an web interface which we believe to be not as flexible. As such I am wondering are there SDK or API which I can use to write some programs to automate the process. Currently, I do not have an Enterprise Account with Apple yet and I want to confirm if all these are available before signing up.

The iOS 7 Apple Event for the Enterprise (that never happened)

No votes yet

Why do the consumer features get all the attention? Join us in the land of make believe as we imagine what an enterprise focused Apple keynote event would have been like....

7 iPad Deployment Mistakes

Your rating: None (2 votes)

These are the slides from my presentation at the 2013 MacIT Conference and AirWatch Connect conference. Thanks to everyone who attended! A packed room each time!

Fact Sheet: iOS 7

No votes yet

Over at TechRepublic, Erick Eckel has created a concise list of what's new in iOS 7. Anything missing?

Apple Configurator 1.3.1 restores mass profile installation (if you know the secret key)

No votes yet

Apple Configurator 1.3.1, released a couple of weeks ago, improves stability on OS X Lion and partially restores the "mass profile installation" feature that had been removed from Configurator 1.3. However, this feature is hidden behind the "Option" key. Please allow me to explain.

When Configurator installs a configuration profile on an unsupervised iPad, the iPad will prompt you to confirm installation. (Supervised devices as assumed to be institutionally managed, so profiles are installed without protest.) This must have been confusing to some Configurator users, because Apple decided to simplify the feature. In Configurator 1.3, the process was changed to a sort of step-by-step wizard, where profiles could be installed only on a single iPad at a time. Now some would say that the entire point of Configurator is to scale iOS deployments, so this one-by-one approach was quite a step backwards.

Apple has read our bug reports, and Configurator 1.3.1 has restored the ability to mass install profiles on all your unsupervised iPads at once. Well, only one profile at a time, but it is a step in the right direction.

How to do it
So now, on the Prepare pane, click "Install Profiles..."

You'll need to connect an iOS device to get past the first screen of the wizard.

Now, create the profile to deploy. Alternatively, you can import previously saved profiles from your local drive.

When you are done, don't click "Next". Click "Cancel" instead to return to the Prepare pane. Now hold down the "Option" key on your keyboard, and click "Install Profiles..." again. The result is quite different from before.

You can use this popup menu to select the profile (one one at a time!) to install on all connected iPads.

That sly Option key
By the way, Configurator makes liberal use of the Option key to reveal secrets. Here are a few I know about.

Device Menu (normal / with Option). This allows you to import local copies of IPSWs.

Control-click on supervised device (normal / with Option). This one is great to remove any phantom devices from your supervision list.

Supervise > Restore > Edit Stored Backups... (normal / with Option). This allows you to import and export iosdevicebackup files.

Apple Configurator Mass Enrollment In Airwatch

inferno's picture
No votes yet

Currently conducting a large deployment of iPads utilizing Apple Configurator. Airwatch allows you to download a profile for enrolling devices silently by selecting a 'default enrollment user' and enabling 'shared enrollment user'.

Does anyone know a way these can be linked to actual Airwatch user accounts after a mass enrollment with the default enrollment user. I assumed creating a batch uploads of accounts with the specific UDIDs and serial numbers would link the devices that match that criteria with a user account but that doesn't seem to be the case.

Otherwise, anyone know the pros/cons of enrolling all devices under one user account in Airwatch as the 'default enrollment user' does? I am having a hard time accepting the fact that I can manage devices from a device perspective rather than from a user account perspective.

Thanks in advance for any input!

Apple promoting new iOS 7 features for Business & Education: Here's what used to be NDA.

No votes yet

Apple today added two new webpages highlighting the specific iOS 7 improvements for business and education. This is the great stuff we learned about at WWDC but weren't allowed to mention. And here it is for you!

Managed open in

The "Open In" button really means "Make a copy," and can be a nightmare for data security. iOS 7 allows admins to restrict the apps that appear in the Open In panel. This allows you to construct a security wall between business apps and personal apps. It's kinda like the "dual personality" feature that some phones have, but with both personalities active at once. Big win!

Per app VPN

Apps can phone home through a VPN tunnel as soon as they are launched, and send all their network traffic (and only their network traffic) through it. This is controlled by the MDM admin, not the app developer. It's like that dual-personality again, but for network traffic.

App Store license management

Huge improvements for Apps Store licenses. First of all, you now purchase licenses not apps. Using a MDM server, businesses can assign those licenses to employee. The apps then simply show up in the employee's purchase history in the App Store. It couldn't be simpler. And on a supervised device enrolled in MDM, VPP apps can be pushed to the device without user interaction. The licenses can be revoked at any time and re-assigned to another employee. And VPP now works for iBooks too.

New MDM configuration options

MDM now supports fonts, accessibility options, AirPrint printers, and AirPlay screensharing.

Streamlined MDM enrollment

IT can now specify MDM enrollment at the time of purchase. This is a game changer, and we'll be discussing this more as we get closer to launch.

Enterprise single sign on

This is just cool. Users can authenticate once and the credentials will be shared among multiple apps and Safari. (Of course Apple's not so dumb to actually share your password among apps. Standard authentication tokens are used, backed by Kerberos.)

Locally cache apps, iBooks, etc.

Put the $20 Mac OS X Server on any old(ish) Mac and you can have your own caching server. This bandwidth savior will be a must for anywhere more than a dozen iOS users congregate.

Additional features

  • Third-party app data protection (i.e., encryption) is now turned on by default for all retail apps.
  • Smart mailboxes in Main
  • View PDF annotations
  • Exchange 2010 note syncing

As you can see, the changes to iOS 7 are much more than skin deep.

About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Comparison of MDM Providers

Recent Activity

Who's New