over-the-air deployment

iOS 8.3 Change to "Require Password"?

Haxim's picture
No votes yet

I was hoping if someone could tell me if there were any changes in 8.3 to the way iOS requires passwords for installing apps. It seems like it's changed, but I may just be going crazy and I'm not sure.

Here's a quick overview of our setup

One itunes (we'll call it apple@school.org) account that is granted VPP licences from a "master" VPP account.
All 400 devices are signed in with the apple@school.org account with a restriction to prevent them from changing accounts.
A list of curated, installable apps are presented via the MDM app installed on the device (meraki in this case). We use the MDM to tailor the apps presented per site (site A may want different apps than site B, or have paid for different apps than site B). App installs are supposed to be initiated from the MDM app which then does a silent background install (this works).

The issue being is that I could swear in <8.3, if our users went to the "App Store" icon (instead of our MDM app) and tried to install an app that the apple@school.org had a license for, it would prompt them for a password. We don't divulge the apple@school.org password, as it's really our only means for keeping devices compliant considering that account is shared across all devices. However in 8.3, that password prompt seems to have disappeared. If a user tries to initiate an install from the "App Store" for an app that already shows as "purchased" the install immediately begins, no password required.

If I attempt to set the "require password for all purchases" profile option, the users are prompted for the account password even when attempting a silent push via the MDM app.

Is this behaviour new to 8.3? Seeing as how Meraki doesn't let one specify a baseline and notifications to be sent when out of compliance with said baseline, is my only real option creating individual itunes accounts for every device?

Thanks!

Beyond the Keynote: Apple's Detailed Enterprise Presentation Videos from WWDC 2014

Your rating: None (4 votes)

WWDC has always been the one time each year when Apple peels back the curtain of secrecy and previews what is to come. That is if you were one of the lucky ones to score a ticket. But in 2014, in what I think is an unprecedented display of openness, Apple has released every video of every WWDC session online and to the public. Last year, you needed to be at least a member of the developer program to view these. This year everyone can see.

Here are the three most directly focused on Enterprise. I hope you take the time to watch and comment. They really are worth your time.

Managing Apple Devices


Learn about the latest developments in managing Apple devices in an enterprise environment. Learn how MDM can be used to wirelessly configure settings, monitor compliance with policies, install apps, and remotely wipe devices, and how these capabilities can be integrated with in-house or third-party server solutions.

Building Apps for Enterprise and Education


Learn about data security, enterprise authentication, integration with back-end systems, app configuration methods, and the latest technologies for interacting with documents, accessories, and more. Get helpful tips for constructing your apps to meet the needs of schools and educators, as well as key requirement from IT. Perfect for everyone looking to get their apps in the hands of business professionals, educators, and students worldwide.

Distributing Enterprise Apps


Learn how to provision and deploy apps across your enterprise. Leverage key Apple programs such as the Volume Purchase Program and the iOS Developer Enterprise Program to get the right apps in the hands of your employees, contractors, and partners. Learn how to manage certificates and provisioning profiles to deploy your apps, and take advantage of mobile device management (MDM) tools to provide a seamless experience for your users. Gain insight into the complete app management lifecycle; from signing your in-house apps in Xcode, to distributing, managing, and revoking apps across your workforce.

Can MDM push-install apps over-the-air?

eizymeizy0809's picture
No votes yet

Can you push install apps over-the-air with MDM on supervised devices (if you have activated supervision via Apple Configurator, not using Device Enrollment Program)?

Meraki Whitepaper (Deploying Apple iOS in Education - https://meraki.cisco.com/lib/pdf/meraki_whitepaper_ios.pdf - chapter 10) says that on “[s]upervised devices [you] must be re-connected to Apple Configurator for app updates and [...] to remove any unsanctioned apps on the device.”

Does this mean MDM (and specifically Meraki) can't deploy apps over the air? And if so, is it just a limitation to them, or can MDM in general not do this unless they are using Device Enrollment Program?

Recent Activity