This week Apple updated iPCU for Windows to V3.6, but iPCU for OS X is still at V3.5. I cannot locate release notes for 3.6 so I don't know exactly what has changed.
However, there is now a new field in the General payload called "Consent Message," and has a description "Brief message that will be displayed during profile installation."
I tried this with our MDM solution, on an iOS 6 device, but the message was not displayed.
Does anyone know of any other changes in iPCU 3.6?
In addition to shared photo streams, AirPlay out, icon repositioning, and subtitles, the update allows for "advanced network configurations" using configuration profiles. There is a knowledge base article on installing the configurations using Apple Configurator. I suppose this could be used to deploy dozens of Apple TVs within a large school or company. Or maybe it could provide access to restrictions and hidden features?
This addition continues to raise the profile of Configurator, if ever so slightly. The tool is clearly becoming Apple's go-to solution for iOS deployment.
I'm hosting two executive lunches next week in New York City for organizations that are working on iPad integration challenges.
Tuesday, September 25th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
The Institute of Culinary Education will share their experience deploying iPads to teachers and students for training and teaching. You will learn:
- How to empower your teachers to dynamically display lessons using HDTVs connected to the iPad wirelessly with Apple TV.
- How to create iPad compatible training materials.
- How to stage the release of training materials so that students don't receive materials they aren't ready for (or haven't paid for).
- How to outsource Help Desk support and training on how to use the iPad.
- How to implement a mobile device management solution that adapts to your organization's evolving device policies and practice.
- How using the iPad enhances The Institute of Culinary Education's credibility as innovative and forward thinking with partners and potential students.
Thursday, September 27th at Noon (SD26, 19 East 26th Street at Madison Square Park, NYC)
Showtime Networks will share 2 years of experience integrating iPads bought for employees as well as current challenges with personal devices. You'll learn:
- How to empower your staff to work smarter, more creatively, and move flexibly with the iPad (beyond just replying to email).
- How to create iPad compatible resources that save time and money, plus allow employees to be more productive while traveling.
- How to work with your internal IT department to enable productivity instead of stifle it.
- How to implement a mobile device management solution that adapts to your organization's evolving device policies and practices.
- The challenges of employees bringing in their own iPads and upgrading faster than your organization.
- How using the iPad enhances Showtime's credibility as innovative and forward-thinking with affiliates and partners.
Please email jazmin [at] tekserve dot com with your name, title, company name, and phone number. Space is limited to 30 participants.
Is there a way an mdm policy can be applied and disable the use of 3G while roaming?
Users device is working on 3G and when the user is notified that they are roaming the policy will restrict 3G and only allow use of a 2g connection. When the user returns to their home country the policy is removed automatically.
This is purely for cost saving measures.
iOS 6, released today, brings several under-the-hood features geared specifically to businesses. And if you use Apple Configurator to lock down your iPads and iPhones with "Supervision," there are even more benefits. Supervision can lock down iOS and restrict much more than traditional MDM, and is a great solutions for schools, kiosks, Point-of-Sale, and other shared-use environments.
The information below comes from the just-updated Configuration Profile Key Reference in Apple's Developer Library. I've also been aided by my employer Tekserve and MDM provider AirWatch, who provided a most helpful iOS 6 press release.
New MDM Features for all iOS 6 Devices
- disableMailRecentsSyncing -- iOS 6 mail leverages iCloud to synchronize not only your address book, but also the email addresses you recently wrote. In iOS 6, this feature may be disabled for a particular account.
- allowDiagnosticSubmission -- When false, this prevents the device from automatically submitting diagnostic reports to Apple. Defaults to true.
- allowPassbookWhileLocked -- If set to false, Passbook notifications will not be shown on the lock screen. This will default to true.
- allowSharedStream -- If set to false, Shared Photo Stream will be disabled. This will default to true.
New MDM Features for all iOS 6 Devices Supervised by Apple Configurator
- allowGameCenter -- When false, Game Center is disabled and its icon is removed from the Home screen. Default is true.
- allowBookstore -- If set to false, iBookstore will be disabled. This will default to true.
- allowBookstoreErotica -- If set to false, the user will not be able to download media from the iBookstore that has been tagged as erotica. This will default to true.
- allowUIConfigurationProfileInstallation -- If set to false, the user is prohibited from installing configuration profiles and certificates interactively. This will default to true.
- App Lock Payload -- Leverage Guided Access to lock the device into a specific app. The home button is disabled, and the device returns to the specified application automatically upon wake or reboot. Only one app can be locked at any time. When the payload is removed the behavior reverts to normal.
- Global HTTP Proxy -- This payload allows you to specify global HTTP proxy settings, so all HTTP traffic passes through the proxy.
- Also an AirWatch video shows the ability to change the background a lock screen images on supervised devices, but we haven't yet been able to confirm that.
Regular readers know that I'm a big fan of Configurator. Far from being a cheap substitute for Mobile Device Management, I've thought about the two as complementary. And it seems with iOS 6 we are glimpsing Apple's big plans for the two.
[Update 3:17 PM] added Global HTTP Proxy.
Fortune's Philip Elmer-DeWitt says iOS 6 will be available at 1 PM Eastern Time (US), 10 AM Pacific. The free update should be available over the air, from Settings > General > Software Update. Even if you don't rush to update, expect your device to prompt you within the next day or so.
Using MDM queries, you ought to be able to chart upgrades of your users. Are any Enterprise iOS readers willing to collect and share this data? That could be one mighty interesting chart.
Hi Im not a developer,but gradually becoming one in my seemingly impossible quest to discover whether its posible to delete an ibook from ibooks remotely.
The problem: clients want to make in-house ibooks documents and then using MDM, make them available to a group of "in-house" ipads (which will be geographically separated).
This is easy. They then want to be able to ensure that users have the latest and ONLY the latest ibooks on their ipads - which would necessitate having the ability to DELETE ibooks from the ibooks library on the ipad, as all forms of MDM seem to leave a copy in ibooks, which is not just undesireable in this case but actually potentially illegal (medical information).
So far none of the MDM providers I have consulted can offer this functionality which leads me to my question: is it actually possible at all?
I will patiently await your collective beneficence and wisdom...
We are mulling what should go into an end user agreement/acceptable use policy that users will have to agree to to be enrolled in MDM. Would anyone be willing to share your policy/agreements (thoroughly scrubbed for corporate specific information) here? Just looking for some boiler plate content; curious to see if they use more legal verbiage or if they are more in 'plain English'.
I'm looking for an app to mediate meetings and presentations. I haven't done much research yet, but thought the Enterprise iOS community may be a great place to start. The features I have in mind are:
- slides from presenter's iPad display on projector and also on attendees' iPads. Old slides may be reviewed during presentation. But new slides not revealed in advance.
- slides can be annotated by attendees (but annotations not shared) and saved for later
- attendees can share contact information with other attendees
- questions may be submitted to the presenter
- groups set up via bonjour with option of a simple remote access (like a PIN code)
Any suggestions and mini-reviews?
Hi , we are just starting deployment after having bought mobileiron. We have a requirement from itsec of 2 factor authentication for external ios devices , one being windows credentials and nr 2 being a certificate
We can generate easily a certificate via scep tied to the user automatically via mobileiron. And distribute it to the ipads as an user certificate. The mdm acts here as a proxy for the ca.
The problem is the citrix receiver app will not pick up a certificate saved on the device. the only way to get the certificate is to fill in an url within the citrix receiver app.
I think it should be possible for the program to pick up the certificate from the mdm.
Does anyone have experience with such a setup?
Not before time. Fantastic news.
Apple's Unique Device Identifier, or UDID, is an alphanumeric string uniquely identifying each Apple iOS device. According to SecurityLearn.net, the UDID is calculated based on unique hardware properties:
UDID = SHA1(Serial Number + ECID + LOWERCASE(WiFi Address) + LOWERCASE(Bluetooth Address))
As discussed in a paper by Eric Smith, hardware-locked device identifiers can be used to "track" a user across various sites and services. They are therefore considered a bad idea.
Apple deprecated developer access to UDIDs in iOS 5, and is removing access in iOS 6.
On September 4, 2012, the hacker group AntiSec released a file containing UDIDs, APNS keys, and device names for 1,000,001 iOS devices. AntiSec says these were liberated from an FBI laptop, and the original file contained around 12 million devices and personal information. (TheNextWeb has a tool for checking if your device is in the leaked list.)
About This Site
- Comparison of MDM Providers (434,248)
- Complete List of iOS User-Agent Strings (154,349)
- Apple Configurator vs. MDM (85,394)
- How to get remote viewing/control of the IPAD screen via internet or preferably 3G? (84,833)
- Mobile Device Management (58,055)
- Absolute Manage (48,208)
- AirWatch (48,038)
- Apple Profile Manager (42,730)
- Gartner Magic Quadrant for MDM (2012, 2011) (35,353)
- iOS Device Management Open Source Way (35,061)
Comparison of MDM Providers
Forum topic comment by vdrdad 18 weeks ago
Forum topic added by jlscott 18 weeks ago
Forum topic comment by jlscott 18 weeks ago
Forum topic comment by Xalio 18 weeks ago
Story added by Aaron Freimark 18 weeks ago
Forum topic comment by georgekkim 18 weeks ago
Forum topic comment by Aaron Freimark 18 weeks ago
Forum topic comment by iosomg 18 weeks ago
Forum topic comment by Amy Wilson 18 weeks ago
Forum topic comment by iosomg 18 weeks ago
Forum topic comment by clifhirtle 18 weeks ago
Forum topic added by Amy Wilson 18 weeks ago
Story added by Aaron Freimark 18 weeks ago
Story comment by paulf 19 weeks ago
Mobile Management Provider changed by peter.havens 19 weeks ago
Forum topic added by studiobrain 19 weeks ago
Forum topic comment by studiobrain 19 weeks ago
Mobile Management Provider changed by creamdm 19 weeks ago
Wiki Page changed by T. Reid Lewis 19 weeks ago
Forum topic comment by eto 19 weeks ago