Resolution of conflicting restrictions or email settings

lorrin.ferdinand's picture

lorrin.ferdinand

Joined: Tue, Jan 15, 19:51
WWW
Submitted by lorrin.ferdinand on January 14, 2013 - 2:25pm

How and where does resolution of conflicting restrictions or multiple email settings take place?

In theory, the resolution could take place on an MDM server or on the device. So where does it take place? I have seen reference to a file called the ProfileTruth.plist. What do people know about this file and where is it generated?

thx

‹ Windows Domain password changed, but iOS wifi still works with old password Need a New MDM/MAM Solutions in 2013 - Start Your Search Here with a Free MDM/MAM Buyers Guide download ›
Top
lprmcnit's picture

lprmcnit

Joined: Wed, Jan 16, 15:41

Conflicting restrictions

Post by lprmcnit, Wed, Jan 16, 15:41

My experience in general has been that the most restrictive settings apply. Apple also states this is the way it is supposed to work. As an example if an IPCU profile set the passcode lock timeout at 30 minutes, and an Exchange Server policy set it at 15 minutes, the 15 minute setting would apply. I believe resolution occurs on the device. To my knowledge Exchange server doesn't have a way of resolving conflicts like that, and lets that be handled by the device. We also were interested in password expiration settings. We found they are stored on the device, so if the device were hard reset (erase all content and settings) the password expiration clock would be reset under certain conditions. In general it seems that the server only provides the device with the requirements it must conform to in order to maintain access to the Exchange account, but it is left to the device to implement the requirements it supports. Hope this helps a bit.

Top

Who is online?

There are currently 0 admins, 0 users and 19 guests online. Connected users: .