Device Management

RSS for tag

Allow administrators to securely and remotely configure enrolled devices using Device Management.

Device Management Documentation

Posts under Device Management tag

248 results found
Sort by:
Post not yet marked as solved
14 Views

MDM Lock command giving error MDMClientError:71 on Monterey 12.0.1

I registered MacOS 12.0.1 to my MDM server and installed MDM profiles successfully and when I send a lock command to the device it is not locking the device . The error message is as follows. (iOS, iPadOS devices operate normally.) CommandUUID "CommandUUID" ErrorChain ErrorCode 71 ErrorDomain MDMClientError LocalizedDescription Command received for: <User: 501>; but restricted to: MDMClientError:71 NotOnConsole Status Error UDID "UDID" UserID "UserID" UserLongName mdmremote UserShortName mdmremote I would appreciate it if you could let me know what to refer to.
Asked
by DaveKoh.
Last updated
.
Post not yet marked as solved
16 Views

Does a device channel mean enroll with DEP? (MacOS)

We are developing an MDM system for MacOS. Some protocols (e.g., DeviceLock) only operate in device channels. Does a device channel mean enroll with DEP? Can't I just install the profile? If I send 'Devicelock' command after installing the profile, I will get an error that you sent it to the user channel. Can you provide information to refer to? It is an issue that did not occur in IOS. Please reply.
Asked
by DaveKoh.
Last updated
.
Post not yet marked as solved
1.2k Views

iPhone 12 - IOS 15 - Bluetooth Issues

Hi, Will there be a solution to these bluetooth problems. My iPhone 7 worked well, till it died, so I upgraded and I was given a iPhone 12. Some times it will pair, make one call and then it fails until I switch the car off, restart the phone, sync and pair again and if I am lucky it will allow me to make one call. Also, it says synchronised, and when trying to make the call nothing happens. On my phone it says connected. Hope something or new IOS will be released. I have tried IOS 15 beta, but that does not work either
Asked
by Eddie1201.
Last updated
.
Post not yet marked as solved
1.2k Views

iOS 15 crash on MDM-Devices: "exhausted real (wall clock) time allowance of 20.00 seconds"

Since iOS15 most of our Enterprise-Apps do not launch anymore on MDM-devices. All fine in latest iOS14. Any idea why that happens? I guess it has something to do with the amount or size of included frameworks...maybe. {"app_name":"FiNAS","timestamp":"2021-09-21 11:24:12.00 +0200","app_version":"2.9.0.20210917-1106","slice_uuid":"a120fe26-2550-3039-9355-c2852c57ccc4","build_version":"169","platform":2,"bundleID":"com.schnulli.FiNAS2.internal.iOS","share_with_app_devs":0,"is_first_party":0,"bug_type":"309","os_version":"iPhone OS 15.0 (19A346)","incident_id":"8169FF8E-FEA9-48FC-8505-796AF63F2FFF","name":"FiNAS"} { "uptime" : 2900, "procLaunch" : "2021-09-21 11:23:51.6173 +0200", "procRole" : "Foreground", "version" : 2, "userID" : 501, "deployVersion" : 210, "modelCode" : "iPad5,4", "procStartAbsTime" : 69957265064, "coalitionID" : 578, "osVersion" : { "isEmbedded" : true, "train" : "iPhone OS 15.0", "releaseType" : "User", "build" : "19A346" }, "captureTime" : "2021-09-21 11:24:12.1732 +0200", "incident" : "8169FF8E-FEA9-48FC-8505-796AF63F2FFF", "bug_type" : "309", "pid" : 474, "procExitAbsTime" : 70450601166, "cpuType" : "ARM-64", "procName" : "FiNAS", "procPath" : "\/private\/var\/containers\/Bundle\/Application\/BF8A332E-4567-416F-BA1C-716EDF28CC1C\/FiNAS.app\/FiNAS", "bundleInfo" : {"CFBundleShortVersionString":"2.9.0.20210917-1106","CFBundleVersion":"169","CFBundleIdentifier":"com.schnulli.FiNAS2.internal.iOS","DTAppStoreToolsBuild":"12E507"}, "storeInfo" : {"deviceIdentifierForVendor":"B04DD374-A3C4-4921-8701-C951615784FE","thirdParty":true}, "parentProc" : "launchd", "parentPid" : 1, "coalitionName" : "com.schnulli.FiNAS2.internal.iOS", "crashReporterKey" : "4d203f3c26e70f0c9a5442f39df3402b663b7719", "basebandVersion" : "11.01.02", "isCorpse" : 1, "exception" : {"codes":"0x0000000000000000, 0x0000000000000000","rawCodes":[0,0],"type":"EXC_CRASH","signal":"SIGKILL"}, "termination" : {"flags":6,"code":2343432205,"namespace":"FRONTBOARD","reasons":["<RBSTerminateContext| domain:10 code:0x8BADF00D explanation:process-launch watchdog transgression: application<com.schnulli.FiNAS2.internal.iOS>:474 exhausted real (wall clock) time allowance of 20.00 seconds","ProcessVisibility: Foreground","ProcessState: Running","WatchdogEvent: process-launch","WatchdogVisibility: Foreground","WatchdogCPUStatistics: (","\"Elapsed total CPU time (seconds): 22.970 (user 22.970, system 0.000), 38% CPU\",","\"Elapsed application CPU time (seconds): 0.056, 0% CPU\"",") reportType:CrashLog maxTerminationResistance:Interactive>"]}, "faultingThread" : 0, "threads" : [{"triggered":true,"id":25662,"threadState":{"x":[{"value":1},{"value":0},{"value":6159718480},{"value":6159718480},{"value":0},{"value":0},{"value":0},{"value":0},{"value":6159718064},{"value":6159718072},{"value":4},{"value":1},{"value":1},{"value":576460752303505408},{"value":81920},{"value":23434228096446320},{"value":92},{"value":1034064},{"value":0},{"value":6159718096},{"value":4309237856},{"value":520552456},{"value":3},{"value":6159719800},{"value":6159718176},{"value":0},{"value":6159719392},{"value":6159719640},{"value":1}],"flavor":"ARM_THREAD_STATE64","lr":{"value":4311487112},"cpsr":{"value":536870912},"fp":{"value":6159718048},"sp":{"value":6159718032},"esr":{"value":1442840704,"description":" Address size fault"},"pc":{"value":4311293032,"matchesCrashFrame":1},"far":{"value":4311859200}},"frames":[{"imageOffset":72808,"imageIndex":0},{"imageOffset":266888,"imageIndex":0},{"imageOffset":70936,"imageIndex":0},{"imageOffset":137440,"imageIndex":0},{"imageOffset":97984,"imageIndex":0},{"imageOffset":150060,"imageIndex":0},{"imageOffset":51988,"imageIndex":0},{"imageOffset":21820,"imageIndex":0},{"imageOffset":90204,"imageIndex":0},{"imageOffset":59328,"imageIndex":0},{"imageOffset":136252,"imageIndex":0},{"imageOffset":21040,"imageIndex":0},{"imageOffset":61668,"imageIndex":0},{"imageOffset":135468,"imageIndex":0},{"imageOffset":82764,"imageIndex":0},{"imageOffset":43720,"imageIndex":0},{"imageOffset":135016,"imageIndex":0},{"imageOffset":60240,"imageIndex":0},{"imageOffset":89268,"imageIndex":0},{"imageOffset":210072,"imageIndex":0},{"imageOffset":21040,"imageIndex":0},{"imageOffset":38752,"imageIndex":0},{"imageOffset":145524,"imageIndex":0},{"imageOffset":103100,"imageIndex":0},{"imageOffset":98672,"imageIndex":0}]}], "usedImages" : [ { "source" : "P", "arch" : "arm64", "base" : 4311220224, "size" : 344064, "uuid" : "d7a0282e-93de-3a1e-9813-27e84517cc96", "path" : "\/usr\/lib\/dyld", "name" : "dyld" } ], "sharedCache" : { "base" : 6442926080, "size" : 2184413184, "uuid" : "8157e9d4-d94e-313e-8400-6216ea7efde8" }, "vmSummary" : "ReadOnly portion of Libraries: Total=2352K resident=0K(0%) swapped_out_or_unallocated=2352K(100%)\nWritable regions: Total=2128K written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=2128K(100%)\n\n VIRTUAL REGION \nREGION TYPE SIZE COUNT (non-coalesced) \n=========== ======= ======= \nSTACK GUARD 16K 1 \nStack 1008K 1 \nVM_ALLOCATE 1.0G 1 \nVM_ALLOCATE (reserved) 32K 2 reserved VM address space (unallocated)\n__DATA 176K 3 \n__DATA_CONST 112K 2 \n__LINKEDIT 416K 3 \n__TEXT 1952K 2 \ndyld private memory 1024K 1 \nmapped file 9568K 22 \n=========== ======= ======= \nTOTAL 1.0G 38 \nTOTAL, minus reserved VM space 1.0G 38 \n", "legacyInfo" : { "threadTriggered" : { } }, "trialInfo" : { "rollouts" : [ ], "experiments" : [ ] } }
Asked
by SupaBasti.
Last updated
.
Post not yet marked as solved
61 Views

How to simulate mouse/finger click on iOS?

Is it possible to trigger finger/mouse click in iOS app? Next question, is possible to call clicks from my app working in background to make some clicks in other apps/launcher? I want to make remote screen app for my purposes. Thanks in advance!
Asked Last updated
.
Post not yet marked as solved
45 Views

Apple Classroom remote devices

We have a custom MDM solution (we are registered as an MDM vendor) and provision the education payload. This is applied to student and teacher devices based on roster information synced from Apple School Manager. Both student and teacher devices are signed in with their managed Apple ID's on device and the ID's are configured in the education payload as well for each user. This is working perfectly for classes where teacher and device are in bluetooth range, but there is no option to send invites to remote students (they appear as offline in the class). What is required to allow teachers to run classes with remote devices?
Asked
by Livesey.
Last updated
.
Post not yet marked as solved
724 Views

MDM Enrollment Can't Be Completed on macOS Devices

We are experiencing an issue on several devices when attempting an enrollment to Mobile Device Management (MDM). The device is communicating, but it appears there is a problem with certificates that won't allow the enrollment to complete. Automated Device Enrollment (ADE, formerly DEP) enrollments do not work either. Failure to enroll in MDM is occurring on the following types of devices: Big Sur M1 Architecture Big Sur Intel Architecture Catalina Console log below of before, during, and after an attempt for MDM enrollment on a device experiencing this issue: language error 13:33:38.859611-0600 CertificateService Server capabilities lack support for 3DES but we're going to use it anyway error 13:33:39.240005-0600 CertificateService Error (-26275) decrypting response payload error 13:33:39.240183-0600 CertificateService ProcessRequestCertSignatureResponse: No certificate received error 13:33:39.240703-0600 CertificateService [ERROR] : [MDM_SCEP_Enroll] Calling SCEPCopyCertificate --  NSOSStatusErrorDomain:-25300 error 13:33:39.274025-0600 mdmclient [ERROR] PlugIn: InstallPayload [CertificateService] Error: Error Domain=NSOSStatusErrorDomain Code=-25300 "errKCItemNotFound / errSecItemNotFound:  / The item cannot be found." UserInfo={IsInternalError=true} error 13:33:39.292742-0600 kernel System Policy: WSDaemon(130) deny(1) file-read-metadata /private/var/db/ConfigurationProfiles/Store/ConfigProfiles.binary error 13:33:39.340017-0600 kernel Sandbox: coreaudiod(220) deny(1) file-read-metadata /Library/Keychains error 13:33:39.371452-0600 mdmclient CPProfileManager.installProfile returning error -25300 (private) error 13:33:39.392812-0600 kernel System Policy: WSDaemon(130) deny(1) file-read-metadata /private/var/db/ConfigurationProfiles/Store/ProfilePurgatory error 13:33:39.392968-0600 kernel System Policy: WSDaemon(130) deny(1) file-read-metadata /private/var/db/ConfigurationProfiles/Store/ProfilePurgatory/D1BA2076-4015-4062-BF9A-45474D415341_19975F4D-F21E-44C5-BC98-1F7F4A48AE70.mobileconfig.profilepurgatory
Asked
by FruitMan.
Last updated
.
Post not yet marked as solved
433 Views

Account per VPN

Hello, I hope I am in the right place. I have a question about "account via VPN" for my mobileconfig. I found this link on the internet (https://support.apple.com/de-de/guide/mdm/mdm2e7ee35ec/web) Account via VPN is advertised. However, I can not find anything in the VPN Payload Developer Guide. Also I can not find anything on the Internet. I find only App per VPN. But what about "Account via VPN"? (https://developer.apple.com/documentation/devicemanagement/vpn) does anyone know where I can find the VPN Payload? or does anyone have a piece of code please? Thanks a lot Best Regards Vetozzz
Asked
by Vetozzz.
Last updated
.
Post not yet marked as solved
2.2k Views

Apple configurator for iphone

Just wondering where we can download the new version of configurator for iphone? The WWDC keynote says it’ll be available for download in appleseed for IT. Just can’t seem to find it. want to start testing using it to add some macbooks to apple business manager
Asked Last updated
.
Post not yet marked as solved
68 Views

Macbook Air 2020 M1 Password issue

Hi There, I have been experiencing same issue on multiple Macbooks in our company, where MacOS fails to accept the password to authorise System wide changes in System Preferences. We didnot upgrade from catalina or any other version since our Macbooks came with Big Sur out of the Box. The same Admin account works fine to login to Mac but when it comes to make any changes in System Preferences it wont let me(even to update the MacOS version to Monterey). when I enter the admin password it shakes the windows and does nothing. Please do note, wiping and or erasing is not an option at the moment. I tried to search the issue on Google, and found some many other Mac users have this issue too and only few of them have this thing resolved by resetting their SMC, which is not possible because all we have in our school is M1 macbooks, which doesnot have any support to reset the SMC. I would appreciate any quick support on this issue. Thanks
Asked Last updated
.
Post not yet marked as solved
555 Views

Screen Time Guardian App Questions

WWDC21 session 10123 shows a screen that implies the guardian instance of your app is able to select apps on your child's device to encourage or to control. In my experience with the API so far I can't see a way to do this. The API only seems to work on the child's phone. Here are my questions: Is there a suggested way to determine whether the app is running on a guardian device? The only way I can see is to attempt AuthorizationCenter.shared.requestAuthorization and check for an error value of .invalidAccountType. But it seems you could get that error for other reasons too. Is there a way to present FamilyActivityPicker on the guardian device but have it show apps on the child's phone? I don't see any thing in the API for selecting a child account to access with `FamilyActivityPicker', it seems to only show the phone's user's apps (or no apps if it's the guardian's phone). After retrieving app tokens from 'FamilyActivityPicker' is there a recommended way to present to the user in the UI? The WWDC session shows an app icon and app name (i.e. "Books" and "Solar System"), but my understanding is that info is hidden from the developer for privacy reasons. So I'm wondering if the example in the session is really feasible.
Asked
by pinch.
Last updated
.
Post not yet marked as solved
73 Views

Custom distribution of enterprise apps that require communication with the with an MDM API

Looking for someone with experience in custom app distribution - submitting enterprise apps that require MDM API communication to Apple for review How does Apple run these apps. Do they have access to a testing instance of the MDM? Do they put the device that is running the app under MDM supervision? If the app requires a managed app configuration file that is configured in the MDM does Apple do it? Thanks Steven
Asked
by menashe.
Last updated
.
Post not yet marked as solved
77 Views

How to send f.e. install app to specified user channel?

I read Mobile User Logins and Users in macOS documentation and whole thing, but I still don't know, which key should I attach to send configuration like install app to specified user on Shared iPad. When user logs in first time I received: - Pushmagic always the same - Token - always different - UDID - always the same - UserID - FFFFFF-FF.... - UserShortName means AppleID What should I do to f.e. this plist to send app to user container? <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"> <dict> <key>Command</key> <dict> <key>ManagementFlags</key> <integer>0</integer> <key>Options</key> <dict> <key>PurchaseMethod</key> <integer>1</integer> </dict> <key>RequestType</key> <string>InstallApplication</string> <key>iTunesStoreID</key> <integer>1096834193</integer> </dict> <key>CommandUUID</key> <string>0001_InstallApplication</string> </dict> </plist> Thanks!
Asked Last updated
.
Post not yet marked as solved
71 Views

How to Change Enrollment?

I am have thousands of MacBook, these devices are manual installation (enrolled via a client application) I want to change to "Automated Device Enrollment", is anybody can help me? I do not konw what i need to do;
Asked
by dydy.
Last updated
.
Post not yet marked as solved
131 Views

Questions regarding an Apple API

Hi, We are reading from an Apple API - https://gdmf.apple.com/v2/pmv that we got from: https://developer.apple.com/business/documentation/MDM-Protocol-Reference.pdf. The API recently released a new entry: {"ProductVersion":"14.8","PostingDate":"2021-10-14"... despite having an entry for {"ProductVersion":"15.0.2","PostingDate":"2021-10-11" The documentation says: "The other list, PublicAssetSets contains the latest releases available to the general public". So, why is there an entry for a mathematically smaller version on a later date? Regarding the API, the leaf cert has gotten changed prior to it's expiration date a few times, is there any way we can find out in advance when this will happen so we can be prepared and take measures? Thank you!
Asked Last updated
.