Recently, we have encountered some users who have been unable to open the enterprise signature application after upgrading to version 18.3.2, without an IPS file. Through system logs, we found that signature verification has occurred SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-50 "rsa_pub_crypt failed, ccerr=-7" UserInfo={numberOfErrorsDeep=0, NSDescription=rsa_pub_crypt failed, ccerr=-7} Waiting for the information, I will provide the obtained system logs below. The application package name that crashed is com. mobile. moonew

I have 5-6 mac minis connected to my windows server 2022 and the accounts that connect to the mac are network account. How do I block the network users from accessing or using certain apps like terminal and passwords?

Is there a way to check if DDM(Declarative Device Management) is enabled on a device?

We have a development where we are MDM managing iOS devices and attempting to enforce mutual TLS for all interactions with the MDM. We are DEP provisionng an enrolment profile that utilises an ACME hardware attested Device Identity Certificate. All interactions with the MDM endpoints are correctly utilising the ACME certificate for the client mutual TLS handshake. The certificate has Client Authentication Extended Key Usage. Behind the same API gateway and on the same SNI we are also serving paths to Enterprise application manifests and IPAs. We can see from the phone log and from packet traces the iOS device doesn't offer the Device Identity Certificate for client authentication when retrieving these URLs. We have also tried adding non ACME client certificates from the root trusted by the server to the initial profile with exactly the same outcome. If we temporarily disable the mutualTLS we can see that the request for the manifest has a userAgent of "com.apple.appstored/1.0 iOS/18.2 model/iPhone17,3 hwp/t8140 build/22C5125e (6; dt:329) AMS/1" which is not the same as the mdm interactions. Is it actually possible to achieve mutualTLS to authenticate these downloads or is a different solution required ? Any advice greatly appreciated.

May I know the checking mechanism for the ios Provisioning profile? Is my Apple app distributed by MDM inside the organisation? If the Provisioning profile is expired , what is the behaviour when user run the App and how to perform the checking mechanism , is it performed at user client side device or Apple server via online access.

I work with https://developer.apple.com/documentation/devicemanagement/activationlockrequest?language=objc. The same codes work well on other devices, such as iphone, ipad, mac air. What causes? What can i do to resovle it?

Hello Apple Support, I'm reaching out in desperation, as my Apple Developer account was suddenly blocked without any prior notice. I'm writing from a different email address because I can't access my original account at all. I've dedicated years of hard work, energy, and resources to build my applications and support my users through this platform. The sudden blocking of my account has not only put my business in jeopardy but also significantly impacted my personal life, as my income and livelihood heavily depend on it. The potential loss of revenue and the disruption to my users is devastating. I’m deeply hurt and disheartened by the lack of communication and would appreciate any help to resolve this situation as quickly as possible. I kindly request guidance on how I can recover my account, or at the very least, understand why this action was taken. Thank you for your attention to this matter. I’m hopeful for a quick resolution.

I'm the IT Admin in my company. We use Microsoft Intune, which is a Mobile Device Management tool, to manage our devices and apps. I created an app protection policy, restricting the data can only be shared between the allowed apps. For example, if our user want to copy the content in Outlook for iOS to WeChat or personal memo, the action will be blocked. However, may be it's too strict, here is the scenario that we need to hadle: A user selected the content in the Outlook for iOS mail, and wanted to use the "translate" function to do translation. Before the app protection policy was deployed, he can do the translation successfully. And now, it's blocked. Therefore, we need to find a way to exempt the app "Translate" so that users can do the translation successfully. We put the value "com.apple.Translate"(this is a package ID listed in the official document of Apple) to the exemption, but it's not working. May I know what is the correct "value" for the iOS native Translate APP? I need to put this value to our app protection policy to exempt Translate app. Thank you so much.

Managed iOS/iPad devices are struck with no network under below conditions Enrolling a Supervised iOS device Send InstallProfile command with AppLock payload (https://developer.apple.com/documentation/devicemanagement/applock) Now when the above managed device loses network connection with MDM server due to unknown network issues - the device is out of contact with MDM server and device is locked. Since such AppLock payload installed devices are placed in remote locations, it becomes difficult for Admins to recover such devices with no network connectivity. The devices have to be brought in from remote location and recover them. Under such conditions, it would be better to allow the end user to change the Network configuration manually to reconnect the device with MDM server. This option can also be allowed only when the device can’t ping MDM server.

Apple iPad Air device failing to enroll through ABM with "failed to retrieve configuration" error. This error occurs while reaching Apple ABM for fetching MDM server enrollment details. When we checked console logs when enrolling the device we found following error: ​default 13:54:07.229022+1000 teslad Error: Error Domain=MCCloudConfigurationErrorDomain Code=34004 "The cloud configuration server is unavailable or busy." UserInfo={NSLocalizedDescription=The cloud configuration server is unavailable or busy., CloudConfigurationErrorType=CloudConfigurationFatalError} default 13:54:07.229120+1000 Setup Service completed default 13:54:07.230096+1000 Setup Could not retrieve cloud configuration. Error: <Error domain: MCCloudConfigErrorDomain, code 33001>\ Feedback raised along with screenshot and console logs as well : FB17785513. Please analyse this issue and reply back to us.

We have an enterprise app for which one of the Users is facing the below error. Unable to verify app Internet connection is required to verify trust of the developer "&lt;Enterprise_distribution_Profile&gt;". This app will not be available until verified. What could be the reason behind this error as only one user is facing the issue. Is there a way to fix it.

Hello, I am writing a research paper for my college marketing class and was hoping to get some insight as to the cost structure applicable to an online gambling app. The hypothetical app in question is an app in which users are able to use real money to bet on games but I can not find a cost structure besides the common in app purchase revenue sharing model of 30%. Is this still applicable in this hypothetical case or is an alternative revenue sharing model applicable due to this app's unique structure. Furthermore, would this fee be taken from bets (due to the apps losses) or from all realized profits?

Please help, I am trying to enter my bank account details (PKO Bank In Poland) but always get the error: "The IBAN number is invalid." I'm using account in PLN zl. account number: 52########0000########1123 (26 symbols) IBAN: PL52 ########0000########1123 (28 symbols) I've tryed other accounts, and I'm sure all of them are correct (information was given from the bank page and validated by IBAN checker services), but error blocks me. How to resolve this issue? Thanks.

I am trying to create a DNS over HTTPS and DNS over TLS server that requires authentication with a client certificate and configure it in the Device Management Profile for use from the iPhone. I have set the PayloadCertificateUUID in DNSSettings, but it appears that the client certificate is not being used. Is there anything I should check in advance when using a p12 file with PayloadCertificateUUID? Configuration Profile <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadType</key> <string>Configuration</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>295E68E5-39F0-46D1-94E4-4A49EC8392E2</string> <key>PayloadIdentifier</key> <string>com.example.dns</string> <key>PayloadDisplayName</key> <string>My DNS</string> <key>PayloadRemovalDisallowed</key> <false/> <key>PayloadContent</key> <array> <dict> <key>PayloadType</key> <string>com.apple.dnsSettings.managed</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>4CCEE94D-7B72-46AB-87AD-5A368F937339</string> <key>PayloadIdentifier</key> <string>com.example.dns.names</string> <key>PayloadDisplayName</key> <string>My DNS</string> <key>PayloadDescription</key> <string>DNS Settings</string> <key>PayloadCertificateUUID</key> <string>07A96080-5FAE-4026-937D-F578530E1444</string> <key>DNSSettings</key> <dict> <key>DNSProtocol</key> <string>TLS</string> <key>ServerName</key> <string><!-- my DoT server name --></string> </dict> <key>ProhibitDisablement</key> <false/> </dict> <dict> <key>PayloadType</key> <string>com.apple.security.pkcs1</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>260CC26A-2DD1-4B16-B8C0-AF1E655576AD</string> <key>PayloadIdentifier</key> <string>com.example.certs.intermediate-ca</string> <key>PayloadDisplayName</key> <string>Intermediate CA</string> <key>PayloadDescription</key> <string>Intermediate CA</string> <key>PayloadCertificateFileName</key> <string>ca-chain.cert.cer</string> <key>PayloadContent</key> <data><!-- contents of Intermediate CA certificate --></data> </dict> <dict> <key>PayloadType</key> <string>com.apple.security.root</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>E5DB74AA-3C5F-470B-AAE0-DF072095A2EC</string> <key>PayloadIdentifier</key> <string>com.example.certs.root-ca</string> <key>PayloadDisplayName</key> <string>Root CA</string> <key>PayloadDescription</key> <string>Root CA</string> <key>PayloadCertificateFileName</key> <string>ca.cert.cer</string> <key>PayloadContent</key> <data><!-- contents of Root CA certificate --></data> </dict> <dict> <key>PayloadType</key> <string>com.apple.security.pkcs12</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>07A96080-5FAE-4026-937D-F578530E1444</string> <key>PayloadIdentifier</key> <string>com.example.certs.client.iseebi</string> <key>PayloadDisplayName</key> <string>Client Certificate</string> <key>PayloadDescription</key> <string>Client Certificate</string> <key>Password</key> <string><!-- password of p12 --></string> <key>PayloadCertificateFileName</key> <string>Key.p12</string> <key>PayloadContent</key> <data><!-- contents of p12 --></data> </dict> </array> </dict> </plist> iPhone console log Connection 3742: enabling TLS Connection 3742: starting, TC(0x0) Connection 3742: asked to evaluate TLS Trust Connection 3742: TLS Trust result 0 Connection 3742: asked for TLS Client Certificates Connection 3742: issuing challenge for client certificates, DNs(1) Connection 3742: asked for TLS Client Certificates Connection 3742: received response for client certificates (-1 elements) Connection 3742: providing TLS Client Identity (-1 elements) Connection 3742: providing TLS Client Identity (-1 elements) Connection 3742: connected successfully Connection 3742: TLS handshake complete Connection 3742: ready C(N) E(N) Connection 3742: received viability advisory(Y) Connection 3742: read-side closed Connection 3742: read-side closed Connection 3742: read-side closed Connection 3742: cleaning up Connection 3742: done server log (stunnel) LOG5[9]: Service [dns] accepted connection from <IP> LOG6[9]: Peer certificate required LOG7[9]: TLS state (accept): before SSL initialization LOG7[9]: TLS state (accept): before SSL initialization LOG7[9]: Initializing application specific data for session authenticated LOG7[9]: SNI: no virtual services defined LOG7[9]: OCSP stapling: Server callback called LOG7[9]: OCSP: Validate the OCSP response LOG6[9]: OCSP: Status: good LOG6[9]: OCSP: This update: 2024.12.06 08:32:00 LOG6[9]: OCSP: Next update: 2024.12.13 08:31:58 LOG5[9]: OCSP: Certificate accepted LOG7[9]: OCSP: Use the cached OCSP response LOG7[9]: OCSP stapling: OCSP response sent back LOG7[9]: TLS state (accept): SSLv3/TLS read client hello LOG7[9]: TLS state (accept): SSLv3/TLS write server hello LOG7[9]: TLS state (accept): SSLv3/TLS write change cipher spec LOG7[9]: TLS state (accept): TLSv1.3 write encrypted extensions LOG7[9]: TLS state (accept): SSLv3/TLS write certificate request LOG7[9]: TLS state (accept): SSLv3/TLS write certificate LOG7[9]: TLS state (accept): TLSv1.3 write server certificate verify LOG7[9]: TLS state (accept): SSLv3/TLS write finished LOG7[9]: TLS state (accept): TLSv1.3 early data LOG7[9]: TLS state (accept): TLSv1.3 early data LOG7[9]: TLS alert (write): fatal: unknown LOG3[9]: SSL_accept: ssl/statem/statem_srvr.c:3510: error:0A0000C7:SSL routines::peer did not return a certificate LOG5[9]: Connection reset/closed: 0 byte(s) sent to TLS, 0 byte(s) sent to socket LOG7[9]: Deallocating application specific data for session connect address LOG7[9]: Local descriptor (FD=10) closed LOG7[9]: Service [dns] finished (0 left)

To refund money from Phone Pe for a wrong transaction, you should immediately contact Phone Pe's customer support:09738-149-306-and (available 24/7) report the issue.

Hello Developers, We are encountering a consistent Kernel Panic issue on an iPhone device after sending a "Clear Passcode" command via our MDM solution. We're looking for insights or confirmation if others have experienced similar behavior. Device & Environment Details: Device: iPhone13,2 (iPhone 12 Pro) OS Version: iPhone OS 18.3.2 (Build 22D82) (Please note this appears to be a future/beta build identifier) Action Triggering Panic: Sending MDM ClearPasscode command. Roots Installed: 0 (Device is not jailbroken) Incident ID: 4B41C0AE-EE93-4051-BEE4-AB98438C10F0 Panic Log Summary: The kernel panic log clearly indicates the issue originates from the Secure Enclave Processor (SEP). The key panic string is: panic(cpu 3 caller 0xfffffff02357bc1c): SEP Panic: :sks /sks : 0x1000b15fc 0x0003ad60 0x0003ad44 0x100028698 0x10002cae4 0x10002a908 0x10002bc10 0x100045330 [hgggrhlvs] Panic app vers: 1827.80.10 Panic app UUID: 4C066E88-EB93-33C3-BCA7-C5F5474831CC ... Root task vers: AppleSEPOS-2772.80.2 Root task UUID: A39D6C5D-D07D-33EE-85A3-9105A8D93CE2 ... sks /sks 0x329cc/0x326e0/0x1314131413141314 ert/BOOT Use code with caution. The SEP Panic and reference to :sks /sks strongly suggest an issue within the Secure Key Store subsystem of the SEP. The panic occurred on CPU core 3. The kernel backtrace points to the com.apple.driver.AppleSEPManager kernel extension as the immediate caller in the main kernel that initiated the panic process after receiving the signal from the SEP. Analysis/Interpretation: Based on the log, it appears that the MDM ClearPasscode command, which necessarily interacts with the SEP's Secure Key Store via the AppleSEPManager driver, triggered an internal fault or bug within the SEP firmware (AppleSEPOS). This SEP-level panic subsequently caused the main iOS kernel to panic. Questions: Has anyone else encountered similar SEP panics, specifically involving the SKS subsystem, particularly after issuing MDM commands like ClearPasscode on iOS 18.x builds (especially 18.3.2 / 22D82)? Is this a known issue in this specific iOS/SEP firmware version? Are there any suggested workarounds for clearing passcodes via MDM on affected devices/OS versions, or any further diagnostic steps recommended? We appreciate any insights or shared experiences the community might have on this issue. Thank you.

On October 4, 2024, the enterprise app we are using showed a "(app name) is no longer available" pop-up on certain devices and the app was not available. And if those users delete the app and reinstall it, "I can't install (app name) because I can't verify integrity, I can't install this app" pop up. The profile of the app was renewed in February this year, and membership, certificate, and profile were all not expired. Currently, the problem has been solved by re-deploying the app, Please tell me the cause of the phenomenon and how to take preventive measures.

I'm trying to use DDM manager Safari Extensins in macOS Sequoia. I generate json and load it by mdm and ddm , but it doesn't seems to work. The json I loading is the following: { "Type": "com.apple.configuration.safari.extensions.settings", "Payload": { "ManagedExtensions": { "*": { "State": "AlwaysOn", "PrivateBrowsing": "AlwaysOn", "AllowedDomains": [], "DeniedDomains": [] } } }, "Identifier": "com.test.safari" } macOS Sequoia response is the following: { "StatusItems" : { "management" : { "declarations" : { "activations" : [ { "active" : true, "identifier" : "com.example.act", "valid" : "valid", "server-token" : "5cc191206d1b1933" } ], "configurations" : [ { "active" : true, "identifier" : "com.test.safari", "valid" : "unknown", "server-token" : "29d3ec5ab48e6367" } ], "assets" : [ ], "management" : [ ] } } }, "Errors" : [ ] } you can see, The "valid" value is always "unknown" at ""identifier" : "com.example.act", but "Errors" is empty, Safari app don't load extensions , the SafariExtensionSettings" ddm don't work, Is there anything wrong with "SafariExtensionSettings" json? or how can I debug this bug .

We’re exploring the use of Apple’s Automatic Assessment Configuration entitlement for an iOS app currently in the proof-of-concept stage. We’re enrolled in the Apple Developer Program with an active subscription. Both the Account Holder and team members have accepted all relevant license agreements. However, when we try to access the entitlement request form at: 👉 https://developer.apple.com/contact/request/automatic-assessment-configuration/ We are immediately redirected to: 🚫 https://developer.apple.com/unauthorized/ This happens for all team members, including the Account Holder, so it doesn’t appear to be a role-specific permissions issue. The app is still in the proof-of-concept stage — there’s no App Store listing or App ID yet. We’re trying to confirm entitlement eligibility before proceeding further. Questions: Is an App Store listing or App ID required to access this request form? Are there any hidden prerequisites (account permissions, team roles, prior submissions, etc.) that need to be fulfilled? Has anyone here successfully submitted this form — and if so, what steps or conditions were required? Any guidance or shared experience would be greatly appreciated. Thanks in advance!

Is there or will there be an update to the depsim and vppsim simulator tools? The current version is significantly out-of-date in terms of features and fails to start due to the developer not being verified (ironically).