I was wondering whether it's possible to interact with Profile Manager in an automated way (i.e. as a RESTful web service) to do things such as delete a device (i.e. as part of a de-provisioning workflow, or even do an "Update Info" periodically).
I did a basic search but nothing seemed to jump out.
Hi enterprise iOS community,
Anybody out there using a multi-platform (Android, iOS, Mac OS X, Windows) management/MDM software? Meaning, one application is managing desktops, laptops and handheld mobile devices. If so, please tell me the good and the bad of your chosen management platform.
Thanks in advance,
Jack Madden has written a helpful history of enterprise management improvements in iOS.
"As we gear up for Apple's WWDC in June (with fingers' crossed that we'll get even more enterprise management features in iOS 7), I thought it would be good to take a look at just how far Apple has come over the years when it comes to improving the enterprise management aspects of iOS."
Although it isn't their marketing focus, enterprise iOS is a significant part of engineering. Every major release of iOS has included some features useful only for people like us.
We are happy to announce the successor of the Batch Apple ID Creator AppleScript, "Apple ID Automation Builder," a self-contained app written by the Great iTunes Automator Greg Moore, aka Eight_Quarter_Bit.
Purpose & Features
Deploying a great quantity of iOS devices means creating a great quantity of Apple IDs. This script allows automated Apple ID creation from a spreadsheet. Apple IDs are created without a credit card, which is great for many deployments. There is a "dry run" feature to test the script without actually creating the Apple ID.
Enterprise iOS is hosting a forum for any comments or discussion.
The current version is downloadable here: http://bit.ly/AIDAB ... This file is a disk image (DMG) containing a bundled app.
There is also an RSS feed for when I upload new versions or additional files: http://bit.ly/AIDAB_RSS
- IMPORTANT: Apple uses a velocity check to prevent too many Apple IDs from a single IP address. You must contact your Apple business representative to request that your IP address is whitelisted for a short time.
- Being AppleScript, this runs only on Macs.
- UI Scripting allows us to script otherwise non-scriptbale interfaces. Turn this on in System Preferences > Accessibility and check "Enable access for assistive devices."
- Apple has strong password requirements. Account creation will fail if the passwords are too weak.
About Version 2.0
After many months of work (and almost as many of silence on my end, for which I do apologize) version 2.0 of this script is nearly ready for beta testing. I was never really happy with the version available here, because (as you have all seen) it's incredibly fragile and needy. The level of knowledge needed to fix this version is also high, the internal design ranged from poor to nonexistent, and major features were never fully developed.
In short, this version of the script was never intended for public consumption. It was an ugly hack from the get-go, barely "alpha" levels of quality, and really only designed to be used within my department. Heck, I never anticipated it would even leave my machine, much less be used all over the world. I'm glad it has served as a stop-gap in the meantime, but frankly I'm embarrassed to have put you through its numerous quirks. Time to give this guy a well-deserved retirement.
Version 2 is a complete from-the-ground-up redesign. 98% of the code has been freshly written (pretty much only a few portions of the CSV parser made it unscathed from v1,) weighs in at roughly 2500 lines, and the method of operation is completely new. In v2 the script builds the setup process itself, outputting the constructed process into an independent app, rather than relying on brittle, hard-set UI element references. When the ID setup process changes you just use the script's GUI to build a new process -no knowledge of AppleScript required! This also allows for constructing multiple setup processes, for instance one with no payment information and one with a payment method, or one method for operating on the CSV output from a user management system and a second for a different CSV source of user info.
Because v2 constructs the setup process, it is now fully system-language and Apple Store location independent by design. Finally you guys living outside the US can stop having to hack away at the script every time it is updated. I haven't forgotten about you.
Version 2 also outputs and updates three CSV files during operation: one containing the accounts that were created successfully, one with the accounts that encountered some sort of error (which the script is now vastly better at recovering gracefully from,) and one with the accounts that have yet to be run. Accounts that encounter an error report what step they encountered the error on, the time the error occurred, and even tries to record the error reported by Apple. All of these are in standard CSV output, so if something terrible happens and the script explodes in a giant fireball you can just re-launch, open the "pending accounts" CSV that the script was updating as it ran, and pick back up where you left off. Need to re-try the accounts that encountered errors? Just grab the CSV that recorded accounts with errors and pop it right back into the script.
Also planned for the new version is inherent support for being used as a library in a larger project, for those of you who are script-heads and want to work Apple ID creation into a larger workflow. This feature likely won't be ready by the first beta, but the groundwork is laid.
There are lots of little niceties as well, including some pretty icons, boatloads of error checking, a highly verbose GUI that walks you through every step of constructing a sign-up process, support for customizable pauses to avoid tripping Apple's velocity limit if need be, and more.
I hope to put the final spit-and-polish on version 2 beta this weekend, and be able to remove the beta tag within a month. Over the past two days I've successfully run roughly 2000 accounts through it, and just need to touch up a few remaining areas. I will get in contact with Mr. Freimark as soon as I have kiled the last few big issues, and see if we can't get a new post put up.
Your patience with v1, as well as your enthusiasm, have been astonishing. I thank you.
Here's to many more automatically created Apple IDs, in the days to come!
Enterprise iOS is hosting a forum for any comments or discussion.
In the recent years we all have seen the many revisions of iOS and with each one comes the famous "my battery is draining because of the upgrade" As we all do as techs and support we look for the usual, such as exchange settings and apps currently running. Recently, I came across a user that is claiming that he is losing battery so rapidly he can't get through a few hours, when on-site to evaluate this claim no such situation exists. So I have decided to start taking action as convincing Apple to swap out the phone may not actually be the answer. Wanted to hear what the communities strategy has been to evaluate, support and explain to a client "it might be you"
[Editor's note: This was originally posted on tekserve.com, but I thought it was useful enough to post here too.]
Apple recently enabled a new security feature for Apple ID accounts called “Two-Step Verification.” This is a form of multi-factor authentication that can help keep your account more secure. I am a huge fan of multi-factor authentication and have enabled it on almost every account that offers it. This post will explain just what the technology is, why it’s helpful, and how to use Apple’s implementation specifically.
What Is Multi-Factor Authentication?
In order to log in to an online service, such as my email, I need to authenticate with the server. When I go to Gmail, for example, Google does not intrinsically know that it’s me trying to connect. I need to first provide the server with proof that I’m the owner of the account before being allowed access to my data. My password is one possible “factor” for authentication. It proves to Google’s server that it is indeed me, and not someone else, who is trying to access my data, and allows me in to see it.
The Register has an article on an important but often overlooked aspect of iPads in business. Users want them working, all the time.
My iPad is more robust than most of the appliances in my kitchen never mind an enterprise data centre... As a result of this turnaround, the role of an IT architect has got even harder, especially in the small- and mid-enterprise sectors where arguably the pace of IT change has never been faster and the lack of IT governance has never been lower
Have you noticed this too?
We use x509 TLS certificates as part of our authentication to activesync. When the certificate renews, the way this works is the profile is removed from the device and re-added with the new credential.
Unfortunately, this means that the activesync account settings are reset to defaults (folders to sync, days, etc) as well as if the user had set the activesync as default account for mail, calendar, contacts.
Under the principle of least surprise, I'd like to force the activesync accounts to be default when provisioning or renewing. I haven't found any way of doing this with the standard AirWatch profile settings, so I was wondering if there's any MDM features I should be asking AirWatch for, or even if there's any custom XML that I can apply.
(Via travel blog Gadling.com)
We have developed an enterprise app as add on to our backend system, which our customers can download from the app store. The app is not working standalone, but requires the corresponding server. Of course our customer don't want to allow their users to install all app updates we provide (~1 update every 2 month), since every release must go through a comprehensive testing process (with their customized backend system) before internal rollout. They either have a mdm solution in place, or have built up their own company app store. Due we are not developing this app for a single customer, we cannot hand out the ipa file. So my question is, how our customers can organize their deployment process to prevent/control updates via the app-store? I really hope you can help me!! THANKS
Apple has added two-factor authentication to some Apple ID functions.
Two-step verification is an optional security feature for your Apple ID. It requires you to verify your identity using one of your devices before you can:
- Sign in to My Apple ID to manage your account.
- Make an iTunes, App Store, or iBookstore purchase from a new device.
- Get Apple ID-related support from Apple.
Turning on two-step verification reduces the possibility of someone accessing or making unauthorized changes to your account information at My Apple ID or making purchases using your account.
We've noticed that at least some users (including me) are subject to a three day waiting period before activating 2FA. This may be a smart idea to prevent someone else from locking me out of my account. (Or it is paranoid.)
Apple has more information in an FAQ about the feature.
Does it work for you?
About This Site
- Comparison of MDM Providers (500,945)
- Complete List of iOS User-Agent Strings (188,363)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (115,336)
- Apple Configurator vs. MDM (96,810)
- Mobile Device Management (66,199)
- AirWatch (53,997)
- Absolute Manage (51,098)
- Apple Profile Manager (51,055)
- Gartner Magic Quadrant for MDM (2014, 2012, 2011) (45,363)
- iOS Device Management Open Source Way (41,035)
Comparison of MDM Providers
Forum topic comment by cjackson 3 days ago
Forum topic comment by iCed 3 days ago
Forum topic comment by 960Design 3 days ago
Forum topic comment by HomeBru 3 days ago
Forum topic comment by HomeBru 3 days ago
Mobile Management Provider comment by Aaron56 5 days ago
Forum topic comment by Xalio 6 days ago
Forum topic comment by tsabicheck 6 days ago
Mobile Management Provider changed by JAMFSoftware 1 week ago
Story added by Aaron Freimark 1 week ago
Forum topic comment by HCCSC John H 1 week ago
Forum topic comment by caihl 1 week ago
Forum topic added by 960Design 1 week ago
Forum topic comment by BeerAdmin 1 week ago
Forum topic added by sathiskumar sub... 1 week ago
Forum topic comment by rogerhenson 1 week ago
Mobile Management Provider changed by amy01 1 week ago