Customized MDM Apps

Mark.Spencer's picture
No votes yet

I am looking to deploy an MDM solution on IOS. One of the requirements is tracking of GPS. My research suggests that providers need to have an application on the device to collect this information. Does anyone know which vendors support customization of an MDM app with my companies logo and information?

- Mark

How to disable the iPad's home button, enable "Store Demo Mode" for kiosks

Your rating: None (9 votes)

Zach Christopoulos has published instructions to disable an iPad's home button. His method is very clean, and converts any app into a kiosk mode. The device does not need to be jailbroken.

The steps are very simple, using a custom mobile configuration plist.

  1. Install a special profile onto the iPad
  2. Reboot
  3. Launch any app

The iPad is now locked into the first app launched after reboot. To launch a new app, reboot first. To remove the profile, reboot, then launch Settings, then choose "Profiles", and remove the profile. Finally, reboot again.

[Update: Works on iPhones too, unsurprisingly.]

The identity certificate for mdm profile could not be found

zahidmaqbool's picture
No votes yet

I was trying to develop a MDM solution for iOS and I would like to test MDM with both methods of distributing device identity via PKCS12 and SCEP. Currently I am doing it using PKCS12, so here is what I am doing:

1. Send a Profile Service profile to the device asking its device id, IMEI, Version etc.
2. Device responds with the requested attribute - signed using the Apple Provided Certificate.
3. I now issue a PKCS12 certificate to the device using the credentials payload.
4. Device responds again with its attributes - this time signed using the above certificate.
5. I deliver an MDM payload setting the IdentityCertificateUUID to the payload UUID of the certificate issued in step 3.

I get profile could not be installed. Upon examining the logs, I found out the error The identity certificate for mdm profile could not be found.

If at Step 5, I issue the MDM profile with a new certificaate included in the payload everything works. I am not sure if this is the right way to issue another certificate. I was thinking to utilize the same certificate issued at Step 3.

I think I am doing something wrong here and this may not be the correct way. Any help would be much appreciated. Thanks.

Update Ipad Via 3G Network

danialmcgreevy's picture
No votes yet


We are predominantly a Microsoft house but we have just purchased 50 Ipad’s for our branches. We need to put new apps on the Ipad’s and currently this involved getting all 50 Ipad’s sent back to HO for us to update via a USB. This is a tiresome solution and hopefully this forum may be able to shed some light on how we can do this remotely. Therefore the question i have is this, can a Ipad’s be updated remotely via a 3G network?

Some things to consider when answering this:

The Ipad’s have not been made domain members
We do not have WIFI in the branches
We do not have any "fat client" machines in branch with iTunes installed
The Ipad’s is locked down for our branch users

Many thanks is advance


App query of MDM

maloninc's picture
No votes yet

Have you ever get any troubles when you queried app installed in devices by MDM
because MDM get only app name and app bundle ID such as iBooks and
In fact what we really want to know is not app name and bundle ID but URL of the app in AppStore.

Therefore, I made search system for that.

MDM App Search

Please free to use it, and I'm welcome your feedback.

Lion Server APNS Certificate

fatbas's picture
No votes yet


I'm making a PHP MDM server and I have a concern about the CSR signing process (Vendor Action).

I would like to know if I can sign a customer CSR with the APNS Certificate that I got with OSX Lion Server and return the encoded plist to the customer?

I tried but I got an "invalid signature" from .

I don't know if it's caused by my signing code or the Certificate itself.

Currently I'm not enrolled in the Enterprise Program. I'm enrolled as Individual so I can't create a MDM Certificate from the portal that's why I used the MDM Certificate created with OsX Lion Server.

Thank you

Mix-and-match MDM and container vendors

Baires's picture
No votes yet

Does anyone know if you can mix and match a best-of-breed MDM solution with a "container" product like Good? If, for example, you like the MDM features of Airwatch, but want to take advantage of the sandboxing features of Good, can you deploy those without using Good for MDM, and use Airwatch instead? I don't know if Good would require that you load an MDM profile on the IOS device, or if you can have more than one loaded.

TechRecess: Supervising Devices with Apple Configurator

Your rating: None (2 votes)

Randy Saeks has posted his second installment on Apple Configurator. Here's the video (but his site is work visiting for his introduction).

How (not) to promote your MDM solution

Aaron Freimark's picture
No votes yet

Attention all MDM marketing interns. Congratulations!

It seems like only yesterday when you were fetching Starbucks for the boss. But today you've given an awesome responsibility: you're to promote your flagship product on the web. Trust me, the boss has given you this task only because he really trusts you. This is your BIG SHOT! Not only that, but you've discovered Enterprise iOS, a site like no other, and this is going to be a HUGE win for your company. Between you and me, your boss hasn't heard of this site, and will be so PROUD when he finds out!!

But wait! What to post?

Let's see. It is a technical community of professionals, and the readers would really appreciate deep knowledge and insight into this new industry. You could get the product manager to write some content, create some clean visuals to accompany the piece, and make sure it is all clearly branded. That would show your company's thought leadership in the field.

Nah, too much work. And you don't understand that geek speak anyway.

Much easier to pretend you're a customer, and talk about how your company in the third person. Yeah.

Sure, it is sleazy, and displays a stunning lack of confidence in your employer and their technology. But only if we find out, right?

TechRecess: First look video of Apple Configurator

Your rating: None (2 votes)

Randy Saeks has posted a fantastic First look at Apple Configurator on his edutech blog TechRecess.

He'll be posting more in this series in the next few days, and we'll be sure to link.

iPhone Configuration Utility updated to 3.5

Your rating: None (2 votes)

Apple has updated its iPhone Configuration Utility to version 3.5. We haven't yet found release notes for this version. But a glance show the following changes:

New Restrictions

  • Allow Siri
  • Allow Siri while device locked
  • Allow voice dialing
  • Force user to enter iTunes Store password for all purchases
  • Allow Photo Stream
  • Allow diagnostic data to be sent to Apple

New VPN Types

  • SonicWALL Mobile Connect
  • Aruba VIA

There may be more. We'll post when we figure it out! Expect these settings to come to an MDM Provider near you soon.

Apple Releases Apple Configurator App

Your rating: None (2 votes)

As part of the new iPad announcement, Apple sent a message to resellers about an "Apple Configurator App":

Apple Configurator makes it easy for anyone to use a Mac to mass configure and deploy iPhone, iPad, and iPod touch in a school, business, or institution.

Apple Configurator can be used to quickly and easily configure up to 30 devices at a time with the latest version of iOS, device settings (such as user accounts), security policies, and Wi-Fi settings, as well as apps and data.

A First Look will be available in March.

However, the same email says "Now available as a free download on the Mac App Store." We'll post an update when we know more.

Update: User Pyby found it on the app store at this link. We'll take a closer look and post more very soon.

Apple announces the new iPad — HD display, 4G data, Siri dictation

Your rating: None (2 votes)

Apple today announced a new iPad, available March 16. The device (in Apple's fashion named simply "iPad") costs the same as the current iPad 2. Key features include:

  • A new 2048 x 1536 display, with four times the pixels of the current iPad
  • 4G LTE data, over multiple carriers
  • Hotspot capability (if allowed by carrier)
  • Siri dictation, as an alternative to keyboard input
  • 10 hours of battery life, 9 hours when on LTE
  • Quad-core A4X processor

The iPad 2 will remain available at a discount: $399 for the 16GB WiFi model, and $529 for the 16GB 3G.

Apple also announced iOS 5.1, which should be available today, over the air.

We'll add more when we know more. Please post comments and observations below.

Using MobileIron in a managed scenario (no self-service)

Clark Kent 1974's picture
No votes yet

Hi everybody !

I have a case to share with you.

The situation is the following. iPads are supposed to serve for kiosk activites. The users should not have to deal with an Apple ID, the App Store... They will only use in-house apps regularly pushed to the devices by the MDM (users only have to accept the installation).

I have two questions in such a situation.

As soon as no App Store apps should be installed on the devices, what about the MobileIron MyPhone@Work app ? Is it possible to bypass it (to not install it) and only use the Web portal to enroll the devices.

The idea is to deliver the iPads ready to use. So the iPads are supposed to be enrolled at the main location, then sent to the users locations. My problem is that if they opt-out, they will have to enroll them again. At the main location, it would be quicker to use the same account to do the enrollment... don't know if it's a bad idea. If the user opts-out, one solution would be for him to contact the support who would give back a "maintenance" username/password to re-enroll.

I'm ok with the idea that these problems would not exist in self-service situation.

Hoping that someone of the forum would like to share experience !

Best regards.

Android MDM Agent Administration Problem

bksnmz's picture
No votes yet

I'm working on an MDM project and comparing, nearly all of them, MDM softwares. I have a problem that couldn't be solved by any of MDMs. Is there any MDM which restricts force stop or uninstall the agent from android device. I want to learn if any of MDMs make this possible or not.

Recent Activity