When attempting to renew a certificate after December 18, 2023, an error may be displayed, preventing the renewal of the certificate. It seems that repeating the process multiple times can occasionally lead to success, indicating that there is no issue with the CSR file. This occurrence has been observed in multiple MDM services, including Intune, Work Space One, and various other MDM vendors, suggesting a malfunction with Apple's servers.
We hope that this issue will be promptly resolved and fixed.
Although unrelated to the previous issue, when pressing "Manage Certificates," it redirects back to the login screen instead of returning to the certificate list page. Please fix this so that it returns to the certificate list page.
Apple Business Manager
RSS for tagOffer custom apps to organizations. Manage your organization's devices, apps, and accounts.
Posts under Apple Business Manager tag
86 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
The request for command type 'InstalledApplicationList' and 'DeviceInformation' is successful, but there is no response from the device.
device udid:00008110-0002309A0A6A401E
mdm_task_uuids:['d3faa00d-5be9-48d7-a3ef-4ae57fd9e7ff', 'e396c93e-7c1c-455f-a1ad-33df4836626a']
Currently, the device is enrolled with our MDM server normally,
and the installation of the policy profile also succeeds successfully.
Which part should check more?
Please reply.
Thank you
On WWDC2023 support for Custom OIDC Identity Providers in Apple Business Manager was announced.
Currently I'm not able to configure this, only Azure and Google are available in the settings.
Is this already available? If not, is there a date when it will be available?
Thanks
I initiated a change in my account entity type from an individual to an organization about two weeks ago. However, the change doesn’t seem to have taken effect yet. Can anyone provide information on the typical duration for this process? Any insights would be appreciated. Thanks!
I'm encountering challenges deploying two unlisted applications via MDM to an iOS 17.2 device.
The first app successfully installed after presenting a user prompt upon distribution
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CommandUUID</key>
<string>InstallApplication</string>
<key>Command</key>
<dict>
<key>RequestType</key>
<string>InstallApplication</string>
<key>iTunesStoreID</key>
<integer>**********</integer>
<key>InstallAsManaged</key>
<true/>
<key>ManagementFlags</key>
<integer>5</integer>
<key>ChangeManagementState</key>
<string>Managed</string>
</dict>
</dict>
</plist>
Device Response for first app :-
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CommandUUID</key>
<string>InstallApplication</string>
<key>Identifier</key>
<string>*********************</string>
<key>State</key>
<string>Prompting</string>
<key>Status</key>
<string>Acknowledged</string>
<key>UDID</key>
<string>XXXXXXXXXXXX</string>
</dict>
</plist>
However, deploying the second app resulted in an error message from the device.
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CommandUUID</key>
<string>InstallApplication</string>
<key>Command</key>
<dict>
<key>RequestType</key>
<string>InstallApplication</string>
<key>iTunesStoreID</key>
<integer>**********</integer>
<key>InstallAsManaged</key>
<true/>
<key>ManagementFlags</key>
<integer>5</integer>
<key>ChangeManagementState</key>
<string>Managed</string>
</dict>
</dict>
</plist>
Device Response for second app :-
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CommandUUID</key>
<string>InstallApplication</string>
<key>ErrorChain</key>
<array>
<dict>
<key>ErrorCode</key>
<integer>9610</integer>
<key>ErrorDomain</key>
<string>ASDServerErrorDomain</string>
<key>LocalizedDescription</key>
<string>License not found.</string>
</dict>
</array>
<key>RejectionReason</key>
<string>NotSupported</string>
<key>Status</key>
<string>Error</string>
<key>UDID</key>
<string>XXXXXXXXXXX</string>
</dict>
</plist>
Can you confirm the iOS Devices support deployment of Unlisted apps without VPP app assignment ?
We are an MDM and are trying to migrate to the new App and Book Management APIs.
In this doc mentioned below it asking us to send the public key generated to my Apple contact in a plain-text file. https://developer.apple.com/documentation/devicemanagement/app_and_book_management/apps_and_books_for_organizations/generating_developer_tokens?language=objc
I'm not sure who my Apple contact is? I already understand how to generate JWT token for the api.ent.apple.com. I would like to know who can authorize the public key for the organization.
Thank you
Does any Apple API support the Location management for the business?
I am interested in if I am able to integrate an Apple business into my application.
The first thing I care about is business location management (I would like to create/edit the location via an API call)
I currently have four apps available for the general public on the App Store. However, our company is now looking to publish applications specifically for our employees. To achieve this, we need to create a new Business Manager account with Apple. Alternatively, if we already have an enterprise account, we would like to confirm whether the Business Manager feature is available within the same account.
We are working with MDM service using VPP API, and trying to migrate Legacy APIs to new App and Book Management APIs.
This document says
Send the public key you generate to your Apple contact in a plain-text file. Do not share the private key. Also provide a brief description of your use case and product.
I generated a key-pair and sent the public key to Apple Developer Program support, however they didn't know how to handle it.
What means "your Apple contact" here?
I already understand how to generate JWT token for the api.ent.apple.com. I want to know who authorize the public key for the organization.
Thank you,
Greetings,
As our company grows, we created an Apple Business Manager account to better manage company devices and staff iCloud accounts.
Business Manager detected there are pre-existing Apple IDs using our domain and offers to reclaim their usernames. Among those: our developer accounts which are used to manage and publish our apps.
Business Manager says that reclaiming the usernames will invite the users to pick a new username.
My questions, to anyone having experience or knowledge on the matter: Is there any chance that we find ourselves locked out of our Developer Account? Is there any recommendation against reclaiming the developer account addresses?
Thank you in advance for any insights and suggestions.
(Sadly, Business Manager does not allow picking which usernames to reclaim individually. It is an all or nothing kind of situation. It does not even list the usernames, merely the total count of them)
After assigning VPP application license and installing the app in device, I revoked the license while it was still installed.
However, I was able to use the app even after 30 days.
I think this app is not available in ASM(Apple School Manager) specification.
Is this specification applied in ABM(Apple Business Manager)?
I found this discription in ASM, but I couldn't find it in ABM.
https://www.apple.com/au/education/docs/VPP_Education_Guide_EN_Oct13.pdf
“When apps you’ve assigned are no longer needed by a user, you can revoke and reassign them to different users. The user gets a 30-day grace period to continue to use the app, save data, or buy a personal copy. ”
Hi,
My app is free-to-download but with an in-app purchase to unlock all the features for example.
I use Intune/VPP program and ABM for deploy it to all my users.
Can i manage in-app purchare also with Intune/VPP ?
Thanks,
Benoit
I'm about to start a new company and planning to create a corporate developer account. I know AppStore automatically displays the company's legal name as the seller name like ABC LLC, XYZ Corportation, etc. What I wonder is if it is possible to display only the company name by omitting the entity type like "ABC" or "XYZ".
Here an example:
https://ibb.co/ZHGb1dp
I don't if it is something that I should do during account creation or requesting a DUNS number.
Hello,
We are implementing Apple Business Manager in our organization. Previously, we had personal Apple accounts with our domain, and when synchronizing our Apple Business Manager account with Azure AD, we identified several conflicting accounts. The system suggested notifying users to switch from their personal accounts. Is there a way to transfer these accounts to Apple Business Manager without the need for a switch? If not, what are the recommendations for our scenario? We appreciate the assistance!
Hello!
We already have a public app on the AppStore. And we are trying to create another app to distribute to organizations privately.
Now, we did some digging and have some queries about the whole process which are as follows:
What type of account do we need as the developer team, meaning which programs we need to enroll to and what type of account does our customer organization need to use the app, privately?
We do not have a hundred or more employees which is an eligibility criterion for enrollment in the Enterprise Program. How can we proceed to distribute apps to organizations privately with out situation?
Do the customer organizations need Enterprise account for each app we publish?
Thanks!
Having trouble in signing in to iCloud when a managed supervised iPhone is restricted with few apps using “allowListedAppBundleIDs” restrictions key.
Only iPhone has this trouble, this issue is not reproducible in iPad.
Even after entering the Apple ID and password, the account seems to be not logged in.
Have attached screenshots for reference.
Tested device iOS Version : 17.1
Kindly explain this behaviour.
Feedback ID : #FB13318247 - Sysdiagnose logs attached here.
How to Re-sign a ipa file with our apple account and install on physical device for testing , as apps like BrowserStack does, Thanks.
Hi,
I would like to add custom app inside ABM, but i can only upload pkg. which is not enough for what i need.
Installation has some flags for install, like:
#sudo curl -so wazuh-agent.pkg https://packages.wazuh.com/4.x/macos/wazuh-agent-4.5.3-1.arm64.pkg && sudo echo "WAZUH_MANAGER='wazuh.domain.com'" > /tmp/wazuh_envs && installer -pkg ./wazuh-agent.pkg -target /
#sudo /Library/Ossec/bin/wazuh-control start
How to make this work?
thank you
Are the codes generated by the business portal always limited to the country in which the DUMS code is registered? I have clients who have only one office and therefore can request only one DUMS code but have employees in various countries. How can I generate codes, from the business portal, valid for all countries? Has it become possible to do this? What alternatives can I evaluate for distributing a private app?
We are creating our own server for MDM, we followed apple suggested approach with following link [https://it-training.apple.com/tutorials/deployment/dm055] After uploading .pem file in ABM portal, new server token is generating but my question is where we need keep that server token(.P7M) in our servers...is there any specific path we have...if we gone through apple documents they are suggesting to follow vendor documentation but in my case we did't take any third party server's...so we don't have any vendor document.
Can you please help me to achieve this scenario.