Dear Apple Team,
As an MDM (Mobile Device Management) service provider, we are writing to bring attention to an issue that is affecting many of our customers who manage large fleets of iOS devices. Specifically, we have encountered challenges with the app update process via MDM, which is impacting both kiosk devices and non-kiosk devices in a variety of use cases.
Issue 1: App Updates Delayed on Kiosk Devices
Many of our customers are deploying kiosk devices that are used 24/7 independently with no attendants. In these cases, when an app update is sent through MDM via the installApplication command, the installation does not begin immediately. Instead, the update starts only after the device is locked. However, since these kiosk devices are running continuously, they are rarely locked, preventing the app update from occurring.
To force the update, administrators need to manually remote lock or physically lock the device, which is a time-consuming process. This becomes even more challenging for devices like Apple TV, where remotely locking and unlocking the device to complete app updates is especially difficult, making it hard to keep the apps up to date in a timely manner.
Issue 2: User Cancellations of Critical Updates on Non-Kiosk Devices
In the case of non-kiosk devices, customers are encountering another challenge: when a critical update is pushed during business hours, users are often prompted to install the update. However, many users tend to cancel the update, leaving devices unpatched and potentially vulnerable. This behavior can delay the deployment of important security patches, which is a critical concern for organizations managing sensitive data or business-critical apps.
Request for a Solution
Our customers have expressed the need for a more reliable and forceful app update mechanism. Specifically, we are requesting the following features to improve the app update experience:
Scheduled app updates: The ability to schedule app updates, similar to the way OS updates are handled. If the user does not install the update within a specified timeframe, the update should begin automatically or prompt the user with a stronger reminder.
Force install option: A feature that would allow MDM administrators to force an app update immediately, without relying on user intervention. This would ensure that critical updates are installed promptly, improving security and system stability across all devices.
These features are essential for many of our customers who rely on timely and consistent app updates to maintain security, functionality, and compliance across their managed devices. Without these options, they face challenges in ensuring devices are kept up-to-date, which can result in security vulnerabilities and operational disruptions.
We kindly request that Apple consider adding these functionalities to improve the MDM app update process and provide a more reliable experience for both kiosk and non-kiosk device management.
Thank you for your attention to this matter. We look forward to your feedback and any potential improvements in future iOS updates.
Raised in the same manner as feedback: FB15910292
Business and Enterprise
RSS for tagDesign great apps that support companies and organizations of all sizes.
Posts under Business and Enterprise tag
34 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
Hi,
I am currently a Phd student from CMU working on a XR project with Vision Pro. I found the latest released enterprise APIs can be really helpful for our project, especially the configuration of the object tracking provider.
However, I found a personal developer account can not access those APIs. And also it requires me to be a founder of the organization of the university when I try to update my account to an organization(CMU). I wonder is there any way to let the student still have a chance to try those fantastic APIs and some research based on them?
I really need those functions and I believe what I am working on is also going to be a great demo of the Vision Pro.
Thanks,
Greetings,
We have been rejected in the review of our App for a code non-compliance with 4.3 Design guidelines. Our App appears to be similar to others, and indeed it is similar in functionality and appearance. The others that are similar have been developed by us as well, these being customisations that are specifically targeted at the companies or accounts we deal with.
The truth is that we have gone through several reviews of the other Apps before when we submitted them for publication at the time.
We know that there are other development companies that customise Apps for different brands and in these cases there has been no reason for rejection by the Apple Store.
We are beginning to think that there may be certain factors that are directly influencing the rejection of this App:
The mockups or screenshots we are using are similar to those of another App we have published with the same functionalities.
The backgrounds of the App have a gem of colours similar to that of the other App.
And now we wonder:
Is it possible that he rejected it solely because of design issues with the presentation screenshots and backgrounds of the App?
Apart from the appeal that can be submitted to the Store via the review form, is there any way to contact Apple by phone to determine exactly why the App was rejected?
How do other companies upload the same custom App and get it reviewed?
I got sent an activation code through one of these apple emails and it can’t access the code because I don’t know where to go. Please help if you can!
My name is Tom Shannon, a developer with Omnia (d.b.a Aequilibrium Inc.). We were recently approved for some of the Enterprise APIs for the Vision Pro.
You can reference the history through our Case-ID: 9237594
We are contacting you for assistance as we have downloaded the entitlement license provided and added it to our target for an application under the bundle id: com.omnia.spatialbrowser
Then under my project and with my developer account, which is under the Aequilibrium Inc. account (279PV9XKZ2), we tried to add the Barcode Scanner Enterprise API entitlement, but this does not show up as an option for us.
I am on XCode 16.1 beta (16B5001e) for reference! Any help would be greatly appreciated.
Best,
Hi,
I run a midsize business. Apple recommends for company owned devices and for other reasons to use Apple Business managed Apple IDs for the employees. After that, you have to use a MDM System for e.g. deploying apps and licenses.
Testflight is an app that can be deployed too. But....Testflight can not more than to say "Hello" on a managed device. The use of Testflight and to test our developed apps is not possible with a managed ID.
Can anyone explain to me this thinking or what is recommended than. Setting up a private Apple ID for that purpose...which on the other hand, Apple do not want or does not recommend.
Inquiry about Running Enterprise Apps in Killed State and MDM Payload Management:- I am developing an enterprise iOS application that needs to perform specific tasks or network calls even when the app is in a killed state (i.e., when it is not actively running in the foreground or background). I understand that standard iOS restrictions prevent apps from executing code while in this state, but I am exploring potential solutions within the scope of enterprise apps and MDM (Mobile Device Management) capabilities.
Inquiry about Running Enterprise Apps in Killed State and MDM Payload Management:-
I am developing an enterprise iOS application that needs to perform specific tasks or network calls even when the app is in a killed state (i.e., when it is not actively running in the foreground or background). I understand that standard iOS restrictions prevent apps from executing code while in this state, but I am exploring potential solutions within the scope of enterprise apps and MDM (Mobile Device Management) capabilities.
Dear Apple Developer Support Team,
We are seeking a solution that would allow us to include the CarPlay entitlement while distributing our app using an enterprise profile. Could you please provide guidance on how we might achieve this? Are there any alternative approaches or considerations that could help us navigate this limitation?
Your expertise and advice would be greatly appreciated as we work to ensure our app meets the needs of our users while complying with Apple’s guidelines.
Thank you for your time and support.
Like title, I want to ask how to use this APIs: CameraFrameProvider
I got the warning : Cannot find 'CameraFrameProvider' in scope
Xcode 16.0 beta 4
imported ARKit
imported Vision
Hello,
I am testing Configuration Profiles' Passcode policy in an MDM environment. After setting the 'maxFailedAttempts' property to 5 and deploying the Passcode payload via MDM to iPhones, some iPhones are not wiped after exceeding 5 failed passcode attempts. Could you please advise on the possible reasons for this issue?
Devices affected: iPhone 11 (iOS 16.4.1), iPhone 12 mini (iOS 16.5).
Can we get more information about the state of profile-driven user enrollment in iOS 18?
The only official statement seems to be this post here on the forums and nothing more.
1 Year deprecation and removal during the beta cycle is usually not the way Apple does this stuff - UIWebView was deprecated for 6 years.
Nothing in the wording during the WWDC Session indicates this is going to be removed in iOS 18, and none of the documentations we could find mentions profile-driven user enrollment is being removed this year.
Could we please get an official answer stating that yes, this is being removed, and that it's not just a bug in the Beta cycle?
Hi,
My employer has Apple developer account and they want to distribute the application through Microsoft Intune for employees only.
However when I checked the MS Intune distribution documentation they have mentioned we should have Apple Enterprise account and distribute the app as In house/ Ad hoc app.
To distribute the app through Intune we need to use their wrapping tools which needs IPA generated through enterprise certificate and profile.
Employer also has Apple Business Manager account and as per Apple documentation we can distribute the app in organization through ABM.
Its really confusing to finalize which path to follow. I need your help to guide me in right direction.
Hi,
We have our devices listed in Apple Business Manager but they are not enrolled in MDM. Some of the devices are locked in Activation Lock screen as employees logged in with their personal account .
Since devices are company owned and already available in ABM is there any way to remove activation lock easily without providing proof of purchase to apple?
In order to prevent devices getting into activation lock in future the only way is to Enroll the device in a MDM?
Are there anyways to bypass activation lock if we are not using MDM
My organization currently has an Enterprise account that we've been using for awhile. We now have an app that needs to be released to the public App Store, so need a regular Developer Account.
This account should be tied to our organization, not to a specific person (just like our enterprise account). Is there a way to add the developer account to our existing enterprise account? Or does it need to be a new account? And if it's a new account, how do we get it tied to the same organization and manager (we have a person authorized to manage this stuff, but he's already the account holder on our enterprise account).
We are considering developing our own MDM server for internal app distribution.
Is it necessary to enroll in the Apple Enterprise Developer Program to develop MDM server?
Currently, our company is only enrolled in the Apple Developer Program and Business Manager.
Additionally, since we have fewer than 100 employees, it is difficult for us to join the Enterprise Program. In this case, is it not possible for us to set up an MDM server?
Hello there:
On November 2023, I submitted enrollment ID 3BR28NV28U. I am responsible on behalf of my employer, Strathcona Resources, to submit this Apple Developer enrollment to advance in a custom app that we must implement to our iPads in our field sites. As you can probably tell, I have not received any advancement with this request, and seven months have passed, without any update or any notification regarding this enrollment.
I would appreciate it if you can please channel this request to the appropriate party, in order to provide a status update, escalation, and completion as appropriate.
Seven months without an update is a major delay, and we are behind schedule for the custom app that we need to implement in our organization.
Thank you for your attention to this matter.
Best regards,
**** Godoy
Strathcona Resources
In App Store Connect, is an organization's Legal Entity name separate from the App Store display name?
My organization currently has the same name for both App Store display name and Legal Entity name. It contains an apostrophe, which is desired on the App Store for brand consistency. However, an apostrophe is no longer permitted in the Legal Entity name (it was entered in before that restriction came into effect).
If I remove the apostrophe from the Legal Entity name to satisfy compliance warnings, will that update the App Store display name as well?
I ask here because I'm supposing that if I remove the apostrophe and it does update the display name, the input validation won't let me enter it back.
Any help would be appreciated - thanks!
Hi Folks,
We have a few local network sources for example a (NAS) with a hostname "NAS.local" and some printers where i want to do IPPS printing with "printerX.local"
For transport security i want to use SSL, but i don't want to have the frequent management so i want certificates to be valid as long as possible. After trying, i found out that on iOS client devices self-signed certificates does not work at all (cannot be trusted) without a CA.
To solve this, i created an own CA (10 year valid), tried and signed a lot of certificates for testing and found out that iOS can trust signed certificates with a maximum validity of 800 days!
I found an Apple Link that is describing the maximum validity of 398 days except for certificates from a own CA's. Can someone refer me to the documentation that is explaining the 800 days limit?
Hello,
as a company, we had an Apple Developer Enterprise account for many years. Last year, Apple denied us an extension on the grounds that we had less than 100 employees. They advised us to open a new Standard Developer account because it is not possible to transfer an account from Enterprise to Standard.
I created a new standard account that I want to convert to a business one (so that the name of the company is visible, not a specific person). I contacted support to request a change and was denied because "our company already has a developer account", which is the origininal Enterprise one we can no longer use.
Furthermore, the communication with the support is miserable. They keep telling me they don't know why would we want a new Business account when we already have an account. I wrote them, they didn't allow us to extend it and they advised us to start a completely new one and at that moment they stopped communicating completely. I have repeated this several time, the result is always the same.
Can anyone advise me what to do next, who to contact?