We developing a app called Parentgeenee. It's a Parental control app having any limitations on app block from child mobile. Trying to block more than 500 apps but not blocking if any particular method to block a bulk apps.
Managed Settings
RSS for tagSet restrictions for certain settings, such as locking accounts in place, preventing password modification, filtering web traffic, and shielding apps.
Posts under Managed Settings tag
105 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
Hello,
I have an issue with DurationUntilRemoval—it never deletes my profile. I installed it via my MDM server and also tried installing it using Apple Configurator 2. The device is in supervised mode.
Here is my profile:
** DurationUntilRemoval**
** 3600**
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDescription</key>
<string>Configures restrictions</string>
<key>PayloadDisplayName</key>
<string>Restrictions</string>
<key>PayloadIdentifier</key>
<string>com.apple.applicationaccess.82B4587F-86F6-406B-9D27-03A799379EB5</string>
<key>PayloadType</key>
<string>com.apple.applicationaccess</string>
<key>PayloadUUID</key>
<string>82B4587F-86F6-406B-9D27-03A799379EB5</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>allowActivityContinuation</key>
<true/>
<key>allowAddingGameCenterFriends</key>
<true/>
<key>allowAirPlayIncomingRequests</key>
<true/>
<key>allowAirPrint</key>
<true/>
<key>allowAirPrintCredentialsStorage</key>
<true/>
<key>allowAirPrintiBeaconDiscovery</key>
<true/>
<key>allowAppCellularDataModification</key>
<true/>
<key>allowAppClips</key>
<true/>
<key>allowAppInstallation</key>
<true/>
<key>allowAppRemoval</key>
<true/>
<key>allowApplePersonalizedAdvertising</key>
<true/>
<key>allowAssistant</key>
<true/>
<key>allowAssistantWhileLocked</key>
<true/>
<key>allowAutoCorrection</key>
<true/>
<key>allowAutoUnlock</key>
<true/>
<key>allowAutomaticAppDownloads</key>
<true/>
<key>allowBluetoothModification</key>
<true/>
<key>allowBookstore</key>
<true/>
<key>allowBookstoreErotica</key>
<true/>
<key>allowCamera</key>
<true/>
<key>allowCellularPlanModification</key>
<true/>
<key>allowChat</key>
<true/>
<key>allowCloudBackup</key>
<true/>
<key>allowCloudDocumentSync</key>
<true/>
<key>allowCloudPhotoLibrary</key>
<true/>
<key>allowContinuousPathKeyboard</key>
<true/>
<key>allowDefinitionLookup</key>
<true/>
<key>allowDeviceNameModification</key>
<true/>
<key>allowDeviceSleep</key>
<true/>
<key>allowDictation</key>
<true/>
<key>allowESIMModification</key>
<true/>
<key>allowEnablingRestrictions</key>
<true/>
<key>allowEnterpriseAppTrust</key>
<true/>
<key>allowEnterpriseBookBackup</key>
<true/>
<key>allowEnterpriseBookMetadataSync</key>
<true/>
<key>allowEraseContentAndSettings</key>
<true/>
<key>allowExplicitContent</key>
<true/>
<key>allowFilesNetworkDriveAccess</key>
<true/>
<key>allowFilesUSBDriveAccess</key>
<true/>
<key>allowFindMyDevice</key>
<true/>
<key>allowFindMyFriends</key>
<true/>
<key>allowFingerprintForUnlock</key>
<true/>
<key>allowFingerprintModification</key>
<true/>
<key>allowGameCenter</key>
<true/>
<key>allowGlobalBackgroundFetchWhenRoaming</key>
<true/>
<key>allowInAppPurchases</key>
<true/>
<key>allowKeyboardShortcuts</key>
<true/>
<key>allowManagedAppsCloudSync</key>
<true/>
<key>allowMultiplayerGaming</key>
<true/>
<key>allowMusicService</key>
<true/>
<key>allowNews</key>
<true/>
<key>allowNotificationsModification</key>
<true/>
<key>allowOpenFromManagedToUnmanaged</key>
<true/>
<key>allowOpenFromUnmanagedToManaged</key>
<true/>
<key>allowPairedWatch</key>
<true/>
<key>allowPassbookWhileLocked</key>
<true/>
<key>allowPasscodeModification</key>
<true/>
<key>allowPasswordAutoFill</key>
<true/>
<key>allowPasswordProximityRequests</key>
<true/>
<key>allowPasswordSharing</key>
<true/>
<key>allowPersonalHotspotModification</key>
<true/>
<key>allowPhotoStream</key>
<true/>
<key>allowPredictiveKeyboard</key>
<true/>
<key>allowProximitySetupToNewDevice</key>
<true/>
<key>allowRadioService</key>
<true/>
<key>allowRemoteAppPairing</key>
<true/>
<key>allowRemoteScreenObservation</key>
<true/>
<key>allowSafari</key>
<true/>
<key>allowScreenShot</key>
<true/>
<key>allowSharedStream</key>
<true/>
<key>allowSpellCheck</key>
<true/>
<key>allowSpotlightInternetResults</key>
<true/>
<key>allowSystemAppRemoval</key>
<true/>
<key>allowUIAppInstallation</key>
<true/>
<key>allowUIConfigurationProfileInstallation</key>
<true/>
<key>allowUSBRestrictedMode</key>
<true/>
<key>allowUnpairedExternalBootToRecovery</key>
<false/>
<key>allowUntrustedTLSPrompt</key>
<true/>
<key>allowVPNCreation</key>
<true/>
<key>allowVideoConferencing</key>
<true/>
<key>allowVoiceDialing</key>
<true/>
<key>allowWallpaperModification</key>
<true/>
<key>allowiTunes</key>
<true/>
<key>forceAirDropUnmanaged</key>
<false/>
<key>forceAirPrintTrustedTLSRequirement</key>
<false/>
<key>forceAssistantProfanityFilter</key>
<false/>
<key>forceAuthenticationBeforeAutoFill</key>
<false/>
<key>forceAutomaticDateAndTime</key>
<false/>
<key>forceClassroomAutomaticallyJoinClasses</key>
<false/>
<key>forceClassroomRequestPermissionToLeaveClasses</key>
<false/>
<key>forceClassroomUnpromptedAppAndDeviceLock</key>
<false/>
<key>forceClassroomUnpromptedScreenObservation</key>
<false/>
<key>forceDelayedSoftwareUpdates</key>
<false/>
<key>forceEncryptedBackup</key>
<false/>
<key>forceITunesStorePasswordEntry</key>
<false/>
<key>forceLimitAdTracking</key>
<false/>
<key>forceWatchWristDetection</key>
<false/>
<key>forceWiFiPowerOn</key>
<false/>
<key>forceWiFiWhitelisting</key>
<false/>
<key>ratingApps</key>
<integer>1000</integer>
<key>ratingMovies</key>
<integer>1000</integer>
<key>ratingRegion</key>
<string>us</string>
<key>ratingTVShows</key>
<integer>1000</integer>
<key>safariAcceptCookies</key>
<real>2</real>
<key>safariAllowAutoFill</key>
<true/>
<key>safariAllowJavaScript</key>
<true/>
<key>safariAllowPopups</key>
<true/>
<key>safariForceFraudWarning</key>
<false/>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>papala</string>
<key>PayloadIdentifier</key>
<string>MacBook-Pro-Kyrylo-2.4A2954CA-57A5-44D9-8AD3-546407A0CAD4</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>BEED8448-8866-43EB-AC3C-1C3C652AADE4</string>
<key>PayloadVersion</key>
<integer>1</integer>
it's just test profile, without difficult stuff, but it doesn't work too
What is wrong?
After reading Apple documentation (FamilyControls, DeviceActivity, ManagedSettings, ManagedSettingsUI, ScreenTime) and testing the API, I do not find a way to get the child's device apps on the parent device in order to block them or disable them for a certain time.
Is there a way of doing it?
Or can it only be done locally on the child device?
Sometimes, when I close the lid using the MacOs version Sequoia 15.2, with the configuration to require a password for 5 seconds, the system does not ask for the password as expected.
This happens sometimes even though nothing preventing the system from sleeping when you close and open the lid, but it still seems like a security concern.
Is there some known issue related to this problem or a way to avoid it?
Result of command pmset -g:
Configuration:
I am developing a parental control app using Apple’s Screen Time API and FamilyControls Framework. My goal is to allow parents to remotely block apps on their child’s device from their own phone. Anyone have any idea how can i do that?
I am developing a parental control app using Apple’s Screen Time API and FamilyControls Framework. My goal is to allow parents to remotely block apps on their child’s device from their own phone. Does anyone have any idea how I can achieve that?
I'm creating an app which gamifies Screen Time reduction. I'm running into an issue with apples Screen Time setting where the user can disable my apps "Screen Time access" and get around losing the game.
Is there a way to detect when this setting is disabled for my app? I've tried using AuthorizationCenter.shared.authorizationStatus but this didn't do the trick. Does anyone have an ideas?
So what's the point of being able to block unto 50 apps per ManagedSettingStore via store.application.blockedApplications (which works fine) until removing the blocked apps or clearing the store. Where the following occurs
if you have a social networking group with more than 9 apps only 9 apps will go back into the group and all the others will go onto the springboard all jumbled
if you end up with an empty group then tap into the group, it is removed then during the reset all apps are placed back on to the springboard
Hello Apple development team, I have developed an App for screen time management, which mainly uses ScreenTimeAPI. Users can set certain Apps to be disabled during a certain period of time.
After the App is released, users often report that the settings do not take effect as expected. I have seen many developers on the forum reporting that the DeviceActivityMonitor extension sometimes does not trigger callbacks. Based on this background, I have the following questions:
Is it a known problem that the DeviceActivityMonitor extension sometimes does not trigger callbacks? If so, are there any means to avoid or reduce the probability of occurrence?
In addition to being killed by the system when the running memory exceeds (I just called some ScreenTimeAPI and accessed UserDefaults in the extension, which should not exceed the running memory), under what other circumstances will the DeviceActivityMonitor extension be killed by the system? Will it automatically recover after being killed? Will some callbacks be called when killing?
Does ManagedSettingsStore have a life cycle? How do you avoid conflicts when configuring the underlying operating mechanism of multiple stores?
This is a random problem. I have never encountered it during development and debugging, but users often report it.
thanks
Managed iOS/iPad devices are struck with no network under below conditions
Enrolling a Supervised iOS device
Send InstallProfile command with AppLock payload (https://developer.apple.com/documentation/devicemanagement/applock)
Now when the above managed device loses network connection with MDM server due to unknown network issues - the device is out of contact with MDM server and device is locked.
Since such AppLock payload installed devices are placed in remote locations, it becomes difficult for Admins to recover such devices with no network connectivity. The devices have to be brought in from remote location and recover them.
Under such conditions, it would be better to allow the end user to change the Network configuration manually to reconnect the device with MDM server.
This option can also be allowed only when the device can’t ping MDM server.
I'm using ShieldActionExtention to make a HTTP request to a server when a user selects one of the buttons on their app shield. The apps are shielded, but nothing happens when I press one of the shield buttons. There is no message on the server signaling an HTTP request and nothing is printed to the XCode console while in debug mode.
Here is my code for my Shield Action Extention
// ShieldActionExtension.swift
// ShieldAction
//
//
import Foundation
import UIKit
import SwiftUI
import ManagedSettings
// Override the functions below to customize the shield actions used in various situations.
// The system provides a default response for any functions that your subclass doesn't override.
// Make sure that your class name matches the NSExtensionPrincipalClass in your Info.plist.
class ShieldActionExtension: ShieldActionDelegate {
override func handle(action: ShieldAction, for application: ApplicationToken, completionHandler: @escaping (ShieldActionResponse) -> Void) {
print(action)
let deviceID = UserDefaults.standard.string(forKey: UserDefaultKeys.userID.rawValue)!
Task{
do{
print("sending to server")
try await PlayerLosesGame(playerID: deviceID)
completionHandler(.close)
} catch {
print("error occured on the shield")
completionHandler(.none)
}
}
}
override func handle(action: ShieldAction, for webDomain: WebDomainToken, completionHandler: @escaping (ShieldActionResponse) -> Void) {
print(action)
let deviceID = UserDefaults.standard.string(forKey: UserDefaultKeys.userID.rawValue)!
Task{
do{
print("sending to server")
try await PlayerLosesGame(playerID: deviceID)
completionHandler(.close)
} catch {
print("error occured on the shield")
completionHandler(.none)
}
}
}
override func handle(action: ShieldAction, for category: ActivityCategoryToken, completionHandler: @escaping (ShieldActionResponse) -> Void) {
print(action)
let deviceID = UserDefaults.standard.string(forKey: UserDefaultKeys.userID.rawValue)!
Task{
do{
print("sending to server")
try await PlayerLosesGame(playerID: deviceID)
completionHandler(.close)
} catch {
print("error occured on the shield")
completionHandler(.none)
}
}
//completionHandler(.close)
}
func PlayerLosesGame(playerID: String) async throws{
let url = URL(string: ServerConnection.GetWebsite() + "game/find?playerID="+playerID)!
var request = URLRequest(url: url)
request.httpMethod = "GET"
print("trying this out")
let (data, _) = try await URLSession.shared.data(for: request)
}
}
I believe all my targets are set up correctly and should be working. Why is nothing happening?
Hi there,
I am flagging for extra attention that it feels to me that something feels extra off about Screen Time tracking in iOS 18.3 Beta. There's been many days now where I can't reconcile the time spent (it's much higher than expected - by multiple hours).
Feedback is here with an image: FB16270245.
Not sure if happens on Beta 2 - just upgraded.
After setting up all permissions, family members not showing up on the device list
I have noticed that when I select the app token of the youtube app to be blocked via a ManagedSettingsStore, the youtube website is blocked as well (which is a good and intended behavior IMO).
But how do I know in the ShieldConfigurationDataSource’s override func configuration(shielding webDomain: WebDomain, in category: ActivityCategory) -> ShieldConfiguration to which ManagedSettingsStore the WebDomain’s token is related?
We use different ManagedSettingsStores for different block purposes, which differentiate in their ShieldConfiguration.
Thanks a lot and have a great day!
I recently encountered an issue with Xcode 16.2 while attempting to integrate Settings.bundle into a new app. I added Settings.bundle as a new file (using the provided template), but when I ran the app (the standard simple "Hello World" project), the expected three default controls (Name, Enabled, Slider) did not appear in the app's settings.
To troubleshoot, I downgraded my system to macOS Sonoma 14.7.2 and Xcode 15.4 (on a 2023 Mac Mini, M2). After this downgrade, everything worked as expected. With a new project, adding Settings.bundle, and running the app, the settings entry for the app appeared, including the three default fields.
This behavior suggests a potential issue or incompatibility with Xcode 16.2.
I am encountering an issue after transferring an app that uses the FamilyControls framework to a different app account. After releasing a new version of the app post-transfer, the following problems arose:
ApplicationTokens obtained in the pre-transfer version no longer function when used with ManagedSettingsGroup.ShieldSettings in the post-transfer version.
Using the same ApplicationTokens with Label(_ applicationToken: ApplicationToken) does not display the app name or icon.
These issues did not occur in the pre-transfer version and everything worked as expected. We suspect that ApplicationTokens obtained prior to the transfer are no longer valid in the updated app released under the new app account.
We are seeking guidance on the following:
Is this expected behavior after transferring an app to another app account?
What steps should we take to ensure that ApplicationTokens obtained before the transfer remain functional in the post-transfer environment?
If these tokens are invalidated due to the transfer, what are the recommended procedures for regenerating or updating ApplicationTokens for existing app users?
Maintaining a seamless user experience after transferring the app is critical. We would greatly appreciate any insights or guidance. Please let us know if additional information or logs would assist in investigating this issue.
Thank you!
I'm trying to accomplish the features in this video where the child device requests permission from parent to control scren time. Then the parent can choose apps on the childs phone from their phone.
Everything on the childs device is working exactly like in the video. However, on the parents phone, when the FamilyActivityPicker appears, it's only the apps on the parents phone and when an app is selected, nothing changes in the FamilyActivitySelection.
I found this forum post describe the same issue I am having. I have a physical device logged in the child and a simulator running as the parent.
Why can't I see the child's apps on the parents phone? Is it cause I'm running one of them on a simulator?
We provide a MDM product.
In our product, payloads and properties which require supervision display those requirements.
Two properties forcePreserveESIMOnErase and allowWebDistributionAppInstallation of the restriction payload don’t require a supervised device according to the descriptions in Apple Developer Documentation.
However, in our observation, those properties seem to require it.
Are those OS bugs or documentation errors?
(In which category should I submit a feedback?)
Steps to reproduce
Prepare a supervised device (I used an iPhone 12 mini with iOS 18.1) and a configuration profile contains the following restrictions:
<!-- Does not require a supervised device -->
<key>allowDiagnosticSubmission</key>
<false/>
<!-- Requires a supervised device -->
<key>allowESIMModification</key>
<false/>
<!-- Does not require a supervised device according to its description -->
<key>allowWebDistributionAppInstallation</key>
<false/>
<!-- Does not require a supervised device according to its description -->
<key>forcePreserveESIMOnErase</key>
<true/>
Then,
Install the profile with Apple Configurator.
Confirm 4 restrictions are shown in Settings > General > VPN & Device Management > PayloadDisplayName > Restrictions.
Punch Settings > General > Transfer or Reset iPhone > Erase All Content and Settings, to unsupervise.
Install the profile with Apple Configurator. It cannot be installed automatically because the device was not supervised.
Manually install the downloaded profile.
Check Settings > General > VPN & Device Management > PayloadDisplayName > Restrictions.
Expected results
3 restrictions—allowDiagnosticSubmission, allowWebDistributionAppInstallation and forcePreserveESIMOnErase—are shown.
Actual results
Only one restriction—allowDiagnosticSubmission—is shown.
Appendix: Restriction keys and their restricted message shown in Settings
allowESIMModification: eSIM modification not allowed
forcePreserveESIMOnErase: Preserve eSIM on erase enforced
allowWebDistributionAppInstallation: Web app distribution not allowed
allowDiagnosticSubmission: Diagnostic submission not allowed
Hello everyone,
I am a developer and admin on App Store Connect, and I'm experiencing some issues with my account. Here’s a summary of the situation:
Account Email: [Redacted]
Team ID: [Redacted]
Upon visiting the resources page, I encountered a popup stating:
Unable to find a team with the given Team ID to which you belong. Please contact Apple Developer Program Support.
When I sought assistance from a account holder, they attempted to log in using the account email but were unable to access it, despite entering the correct credentials multiple times. The login page prompted them to enter the email or phone number and password for the Apple account.
Currently, I admin can log into App Store Connect, but the account holder is unable to access their account.
We are facing difficulties because the Team ID appears to be disabled or unavailable in Xcode.
We still have an Individual Developer subscription, but we intend to upgrade to an Organization level.
I submitted a request for "Organization Membership" earlier this month.
After contacting Apple support helpline multiple times, we received inconsistent responses, including suggestions to create a new account or contact developer support via email.
Our main issues are:
The account holder is unable to log in.
The Team ID is not functioning.
If we cannot continue with the individual account, we are open to using a different email for the account holder, as he handle sensitive information such as verification and payments.
I have already submitted my request and am opening this thread in hopes of finding a speedy solution and guidance. I've seen multiple threads on this issue, but none have provided a resolution.
Any guidance or suggestions on how to resolve these issues would be greatly appreciated!
Thank you!
Phone glitchs a lot more my flashlight won’t turn on half the time even when it says it’s on its not on settings page likes to freeze randomly will restart my phone as well and controller has more issues connecting on certain games