iOS MDM policy workflow

bhsgsh's picture
No votes yet

Can please anybody tell me what the policy workflow for any of the MDM policies is? eg; how does the "allow youtube" policy works (the complete workflow)

Changing an MDM Mid-Stream? Ouch!

No votes yet

I wanted to pass on an experience we recently had in our school that may be helpful to others.

We made the decision to switch our Students to LightSpeed’s MDM from Casper Suite about a month and a half ago. I am currently down to about 100 devices yet to move. 

There were many reasons we decided to make the move:

  • By using the MDM solution that is from the same company as our filter and LMS we gain loads of integration. The most compelling integration we wanted was the ability for our filter to know the user on each device and store that information so a single sign on was enough. We are now able to filter and monitor each iPads internet traffic by individual user! Very important at a private Christian school.
  • The integration also made the move to global proxy that much easier. 
  • Additionally, when I go to our MDM management console the users are automatically linked to our LMS were I can go and easily message them. 
  • In the future I hope to see, and have heard they are woking on, the ability for a teacher, through our LMS (my big campus) to lock a class of students into an app for a time. (single app mode) The UI would be in the LMS but the actual implementation of the lock can only happen via a supervised device and some kind of MDM. So in this case the teacher would make the request via the LMS that would then send that to the MDM and the MDM would send the profile locking the device into single app mode. Then reverse the process at the teachers request.  PRETTY COOL STUFF that could only happen with and integrated LMS = MDM. 
  • I am aslo very please with the ability of the LS MDM to manage our VPP and Free Apps wirelessly removing the need to use Apple Configurator for App management. We use the personal model in grades 5-8 and the institutional model in grades k-4. In both cases I am able to “suggest” an app wirelessly via the MDM and the end users will be prompted to install. Most importantly in the institutional model it is possible to have them never need to enter the institutional password. It just installs and opens without ever asking them to enter a password at all. VEYR NICE! (I will post more on how this is working, and details on setup later)

The move has been A LOT of work but I am on the home stretch now with only 1st and 2nd grade left.

It has required myself or the end users interaction with every device! That has been the OUCH!!! but it seems to have been worth it.

The LS MDM is less mature that the Casper MDM but it is making strides in the right direction. We have had a number of issues with the LS MDM but the support has been very good (Thanks Kevin). I still highly recommend Casper and we still use it for our adult users. The reasons listed about, along with a few others, however prompted this huge undertaking. I think it has been worth it!! I will give a more definitive answer once it’s DONE!!!  SOON!!


Achieve 'Apple' like device lockdown (no stock apps)

Charles.B's picture
No votes yet

I have a rather large question, and so far nobody has been able to provide me with an answer.

I would like to know how to replicate the experience Apple provide shoppers at their stores, by locking down the devices more than usual and having a 'screensaver' that essentially bypasses the lockscreen when tapped.

Normally I would accept the answer "It can't be done" except it has been done, specifically by a company called OTG Experience, who deploy iPads in airport terminals.

OTG PR Video:

In the video (I have another recorded by a colleague at LaGuardia) you can see a screensaver running, the standard springboard, there are no stock iOS apps, no settings icon etc. From what I have heard, this is all done using Configurator, undocumented features and help from Apple.

It's also clear that Tekserve (who's CTO Aaron Freimark created this site) had a hand in this deployment:

You can listen to Mr. Freimark talking about the deployment here, and he specifically says that these "Are Not Jailbroken":

Thanks in advance...

VentureBeat: Apple owns enterprise: 5 of the top 5 devices activated last quarter…

T. Reid Lewis's picture
No votes yet

This seems noteworthy.

VentureBeat: Apple owns enterprise: 5 of the top 5 devices activated last quarter…

Seventy-seven percent of all new smartphones and tablets activated in the enterprise last quarter were Apple devices, according to a new report from Good Technology.

The most popular device was Apple’s new iPhone 5, with 32 percent of all activations. The top five devices activated also included the iPhone 4S, iPhone 4, iPad 3, and iPad2. Out of the top 10, eight were Apple devices, including the iPad 4, the aged iPad 1, and the equally venerable iPhone 3GS.

Essentially, it’s utter enterprise domination by Apple’s iOS.

See the graphs and read the complete article at

How to update apps purchased via VPP?

arthurmzee's picture
No votes yet

Hello all!
Is anyone here deploying iOS devices to remote sites with an app purchased via the App Store's Volume Purchasing Program (VPP) for Business? If so, how are you updating the app on the remote iOS devices?
Please let me know.
Thanks in advance,

Colorado iOS Admin User Group March Meeting

No votes yet

The Colorado iOS Admin User Group comes together to discuss the Deployment and Management of iOS devices in Education and Business. Join us for the March 13th meeting to discuss Deployment and Management of iOS devices. This event is hosted at Cherry Hills Christian School.

Our agenda will include:

  • Deployment Models
  • App Deployment Implementations
  • MDM
  • Apple Configurator
  • User Agreements and Compliance

At our last meeting we had over 60 in attendance from all across Colorado, Wyoming, and Nebraska. Space is limited so RSVP now!

Also, we have a sponsorship opportunity for this meeting. If your company is interested please contact me.

To register click this link: Eventbrite - iOS Admin User Group - March

BES 10 iOS and Android app stores?

ZinFab's picture
No votes yet


I am trying to understand what BES10 offers in the way of app stores for iOS and Android, from their web site I see they have limited MDM functionality however app stores on these platforms is not mentioned.

Anyone have any insight?


Apple Fixes Exchange Calendar Bug with iOS 6.1.2

No votes yet

Apple has released iOS 6.1.2, fixing the recently-acknowledged Exchange calendar bug. The bug manifested if you accepted an exception to a recurring calendar event.

The update is available Via software update. And as usual, has compiled links for direct download.

Several excellent MacIT presentations for your consumption

No votes yet

I was lucky enough to participate in the MacIT Conference in late January, and meet several first class iOS administrators. They have very generously agreed to share their presentations on Enterprise iOS, in order to reach a larger audience. Of course PDFs are no substitute for a real conference, so please consider attending next year!

If you have a presentation that I missed, please send me a message and we'll get it published.

MacIT: iOS Deployment Models Across Three Age Levels in Education

No votes yet

IT803: iOS Deployment Models Across Three Age Levels in Education
Nicholas McSpadden, Client Systems Manager, Schools of the Sacred Heart

This session will discuss the deployments of iPads to a 4th grade, 6th grade, and high school 1:1 program. Each model is slightly different - a cart model, a personalized device model, and a take-home individual device model. I will talk about how we manage & deploy the iPads themselves, as well as working through policies and parents to come up with an effective system. Since we use very different approaches across the three different age levels, this will be a good summary of the various ways of handling an iOS wide-scale deployment.

Presentation PDF: IT803_McSpadden.pdf

MacIT: The Changing Role of IT to Service Provider

No votes yet

IT882: The Changing Role of IT to Service Provider
Randy Saeks, District Network Manager, Glencoe School District 35

As technology has gotten more affordable, mobile technology has increased and organizations are facing a more dynamic workplace. As such, IT has to embrace these new changes and shift from a provider of hardware and a controlled environment to a provider of services and access to resources. This session will talk about trends and how a shift in management style is required as more Bring-Your-Own-Device scenarios emerge.

Presentation PDF: IT882_Changing-Role-of-IT.pdf

MacIT: Using Apple Configurator with your iOS Deployment Workflow

No votes yet

IT823: Using Apple Configuratior with Your iOS Deployment Workflow
Randy Saeks, District Network Manager, Glencoe School District 35

This session will look at how you can use Apple Configurator to speed up your iOS device deployment process. Using the tool for restrictions, MDM enrollment, and application management will be discussed. In addition, we will talk about a few use case scenarios and how Configurator fits into the management style.

Presentation PDF: IT823_Apple-Configurator.pdf

MacIT: App Deployment Strategies for iOS

No votes yet

IT813: App Deployment Strategies for iOS
Derick Okihara, IT Technician, Mid-Pacific Institute

Apple makes beautiful hardware, but it's the software that really makes devices like iPhones and iPads so popular. With over 700,000 apps available, how do we get these apps on to a user's device in a manageable fashion? This session will cover the different app ownership models, volume purchasing, and several different app deployment strategies with both Apple and third party solutions. At our organization, we deployed applications to 1600 iPads, and this session will cover exactly how we did it without breaking a sweat. Some of the tools we'll cover include iTunes, Apple Configurator, OS X Server's Profile Manager, and also the third party tool JAMF's Casper Suite. With these deployment strategies in hand, you'll still have time left over to play Angry Birds.

Presentation PDF: IT813_Okihara.pdf

Two bugs in iOS 6.1 affect Exchange servers, lock screen security

No votes yet

This week Apple has acknowledged two bugs in iOS 6.1.

First, accepting an exception to a recurring calendar event may cause excessive Exchange server activity. Says Apple:

Apple has identified a fix and will make it available in an upcoming software update. In the meantime, you can avoid this bug by not responding to an exception to a recurring event on your iOS device. If you do experience the symptoms described above, disable then reenable the Exchange calendar on your iOS device

The second bug allows access to parts of the iPad or iPhone even when the device is locked. Note that the hack described allows access only to the device's contacts, photos, and voicemail. Apple Data Protection is not broken, so data remains encrypted.

These issues are also present in the 6.1.1 update for the iPhone 4S.

Company owned and managed iPad deployment

gattmandoo's picture
No votes yet

I have about 40 company owned iPads. We are using for internal meetings only instead of printing paper hand outs. At the moment we manually manage all of these devices with iTunes. We manaullay add the documents for the meetings with iTunes file copy. Bring the iPads to the meetings then collect them after the meetings and manually remove the documents.

There are a few problems with this.

1. We do not have our MDM profile on the devices to keep them secure in teh event they get lost or stolen.

2. We individally configured each device one at a time.

I have recently started using Apple Configurator and like what it can do. Especially when we return the devices to the base station and restore a clean back up wiping all of the content from the device. I have been testing with integrating our MDM (MobileIron) with Apple Configurator and have it working but a few things I run into. We force an iOS lock screen passcode. I need to extend that passcode for longer than 15 minutes before the device locks for this group of iPads. Also, when I return the iPads to the Configurator station and restore it forces me to enter a NEW passcode every time on every device. I would like to try and keep the passcodes the same and never have them change or at least change them every few months instead of every day. Last is there a way to push the new dociuments for our meetings to the devices in the correct app from Configurator?

Any ideas, suggestions are welcome!


About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Comparison of MDM Providers

Recent Activity

Who's New