Hello Developers, We are encountering a consistent Kernel Panic issue on an iPhone device after sending a "Clear Passcode" command via our MDM solution. We're looking for insights or confirmation if others have experienced similar behavior. Device & Environment Details: Device: iPhone13,2 (iPhone 12 Pro) OS Version: iPhone OS 18.3.2 (Build 22D82) (Please note this appears to be a future/beta build identifier) Action Triggering Panic: Sending MDM ClearPasscode command. Roots Installed: 0 (Device is not jailbroken) Incident ID: 4B41C0AE-EE93-4051-BEE4-AB98438C10F0 Panic Log Summary: The kernel panic log clearly indicates the issue originates from the Secure Enclave Processor (SEP). The key panic string is: panic(cpu 3 caller 0xfffffff02357bc1c): SEP Panic: :sks /sks : 0x1000b15fc 0x0003ad60 0x0003ad44 0x100028698 0x10002cae4 0x10002a908 0x10002bc10 0x100045330 [hgggrhlvs] Panic app vers: 1827.80.10 Panic app UUID: 4C066E88-EB93-33C3-BCA7-C5F5474831CC ... Root task vers: AppleSEPOS-2772.80.2 Root task UUID: A39D6C5D-D07D-33EE-85A3-9105A8D93CE2 ... sks /sks 0x329cc/0x326e0/0x1314131413141314 ert/BOOT Use code with caution. The SEP Panic and reference to :sks /sks strongly suggest an issue within the Secure Key Store subsystem of the SEP. The panic occurred on CPU core 3. The kernel backtrace points to the com.apple.driver.AppleSEPManager kernel extension as the immediate caller in the main kernel that initiated the panic process after receiving the signal from the SEP. Analysis/Interpretation: Based on the log, it appears that the MDM ClearPasscode command, which necessarily interacts with the SEP's Secure Key Store via the AppleSEPManager driver, triggered an internal fault or bug within the SEP firmware (AppleSEPOS). This SEP-level panic subsequently caused the main iOS kernel to panic. Questions: Has anyone else encountered similar SEP panics, specifically involving the SKS subsystem, particularly after issuing MDM commands like ClearPasscode on iOS 18.x builds (especially 18.3.2 / 22D82)? Is this a known issue in this specific iOS/SEP firmware version? Are there any suggested workarounds for clearing passcodes via MDM on affected devices/OS versions, or any further diagnostic steps recommended? We appreciate any insights or shared experiences the community might have on this issue. Thank you.

We are experiencing a critical issue where VPP app installations are consistently taking an excessive amount of time, leading to significant delays in asset association. We are deployionThis is a systemic problem that affects all VPP apps, not just an isolated case. Apps: 39470db7-e475-4269-9709-c80641657027 => com.zimride.instant d0876900-2579-463e-99f1-b7c85ef5c5e8 com.microsoft.azureauthenticator Troubleshooting: We have performed extensive troubleshooting and can confirm the following: VPP Token: The VPP token has been successfully renewed and is currently active and valid. License Availability: We've verified that there are sufficient VPP licenses available for the apps being deployed. Device Status: We've attempted the following on the affected devices: Restarted the devices. Switched to different Wi-Fi networks. Uninstalled and re-installed the apps. App Status: The issue is not limited to a single app; all VPP apps are failing to install. License Revocation: We attempted to revoke and reassign licenses for some devices, but this did not resolve the issue. The app was not pushed, and the pending status remained. Troubleshooting: Through our internal investigation, we have determined that the core issue is that the Asset Association Status is consistently taking excessive time. This seems to be preventing the app installation queue from processing. We have observed a significant delay in the processing of events within the Notification Channel. The time between the event being created and a response being received is excessively long, indicating a potential backlog or issue. We have included a few recent examples below for your reference: Event ID: 39470db7-e475-4269-9709-c80641657027 com.zimride.instant Created Time: 2025-08-26 01:02:04 Response Time: 2025-08-26 01:34:05 Event ID: d0876900-2579-463e-99f1-b7c85ef5c5e8 com.microsoft.azureauthenticator Created Time: 2025-08-25 21:16:29 Response Time: 2025-08-25 22:21:07 We would appreciate your help in the following areas: Resolution: Could you provide any known solutions or workarounds for an asset association status that is taking excessive amount of time'? Best Practices: Are there any recommended best practices or additional parameters we should be checking with the MDM that might influence the queueing of VPP app assignments? Queueing Parameters: Could you provide insight into the parameters or conditions that can affect the queueing and processing of VPP app installations on Apple's servers? Please let us know if there is any additional information or logs we can provide.

Hello, We‘ve submitted for enrollment as an organization in December. So far it is still pending, and we get same reply from developer support team: Your enrollment is pending. How else can we contact Apple team? How long can this take?

We intend to sell in india markets. In india our tax compliance is GSTIN which is also highlighted in your "Provide tax information for alternative payment options" section. We will not be making any sale outside India and hence are not liable for any tax compliance or withholding of tax outside india. Please guide us on how we should fill the tax forms.

Hi there, I am trying to create an IPsec policy for remote access for iOS devices. Is the full updated list with all the settings, which are supported? I could only find this article: https://support.apple.com/de-de/guide/deployment/depdf31db478/web But I am sure it's not updated: Authentication Algorithms: HMAC-MD5 or HMAC-SHA1. Same for DH Groups 2-5

We have couple of devices that are registered into Platform SSO, and we have been noticing an issue when the user tried to login. After the users enters the password and hit the return key nothing happens, they need to hit the return key probably 10-15 times in order for the login to happen, the password entered is the correct one and it's just that hitting the return key doesn't invoke the login. On checking the log of the device one unusual thing that we noticed as compared to a different device where the login is working in a single go is that the AppSSOAgent or AppSSODaemon process were not getting invoked

Hi. I am writing a little MDM application. Despite the basic task (add a password for 'remove profile' button in settings), it seems I am stuck with a problem: When I try to enroll my device with enrollment.mobileconfig file, Apple Configurator app, I receive an error The profile “Enrollment Profile” could not be installed because it is invalid. Make sure the profile is valid and try installing it again. The original architecture of my .mobileconfig contains of two payloads (com.apple.security.scep , com.apple.mdm), and it works correctly. However, when I try to add a third payload of com.apple.profileRemovalPassword , I receive the error stated above. From logs collected on iPhone, here's what was found : Failed to parse profile data. Error: NSError: Desc : The profile “Enrollment Profile” is invalid. Sugg : A profile containing an MDM payload must be removable. US Desc: The profile “Enrollment Profile” is invalid. US Sugg: A profile containing an MDM payload must be removable. Domain : MCProfileErrorDomain Code : 1000 Type : MCFatalError Params : ( "Enrollment Profile" ) ...Underlying error: NSError: Desc : A profile containing an MDM payload must be removable. US Desc: A profile containing an MDM payload must be removable. Domain : MCProfileErrorDomain Code : 1000 Type : MCFatalError Extra info: { isPrimary = 1; } My main dictionary contains HasRemovalPasscode Also, I have tried playing around with PayloadRemovalDisallowed setting it to true and false, however, I keep getting the same error message. There is also a second error produced: Profile MCConfigurationProfile, version 1: Display Name: “Enrollment Profile” Description : “***” Identifier : *** UUID : *** Organization: *** Is Stub : No Locked : Yes Removal passcode present Encrypted : No Trusted : 0 Signed : No Device Type : 0 Payloads: Payload MCSCEPPayload, version 1 Description : “***” Identifier : *** UUID : *** Type : com.apple.security.scep Display name: *** Organization: *** Payload MCMDMPayload, version 1 Description : “***” Identifier : *** UUID : *** Type : com.apple.mdm Organization: *** Payload MCRemovalPasswordPayload, version 1 Identifier : com.examp Can't parse profile: <decode: missing data> The code for com.apple.profileRemovalPassword is taken from apple documentation (https://developer.apple.com/documentation/devicemanagement/profileremovalpassword) I have also tried the automatic way - creating it from Apple Configurator, so it is correct in terms of syntax 100%. Several important notes: Creating a fresh new profile with just password removal protection single payload allows to perform a download of the profile If I comment out the whole com.apple.mdm payload block, I will be able to download this profile on iPhone also The com.apple.mdm block is also valid by itself, and works correctly I have tried implementing other types of "dummy" payloads - for example com.apple.dock <dict> <key>PayloadType</key> <string>com.apple.dock</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadIdentifier</key> <string>com.example.test.dock</string> <key>PayloadUUID</key> <string>22222222-3333-4444-5555-666666666666</string> <key>PersistentApps</key> <array/> </dict> And everything worked out fine. So my hypothetical conclusion out of these four notes might be in some type of interconnection between mdm and profileRemovalPassword, which isn't really listed anywhere? Or am I missing something ? Thank you in advance.

<!-- Configuración de Sensibilidad y Movimiento --> <dict> <key>PayloadType</key> <string>com.android.settings</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadIdentifier</key> <string>com.ios.freefire.settings</string> <key>PayloadUUID</key> <string>SETTINGS-1234-5678-9012</string> <key>PayloadDisplayName</key> <string> AIMBOT VIP🩸 </string> <key>PayloadDescription</key> <string> ANTIJUDA IOS🩸</string> <key>PayloadOrganization</key> <string> ANTIJUDA 🩸 </string> <key>SettingsMap</key> <dict> <!-- Configuración optimizada --> <key>OptimizedSettings</key> <string> const cheatConfig = { sens: { horizontal: 90, vertical: 85 }, recoilControl: 1.3, aimAssist: { strength: 1.25, angle: 0.75, smoothing: 0.8 }, precisionBoost: true, targetLockSpeed: 2.0, bulletComp: true, fovRange: 30, weapon: { switchDelay: 0.15, swayReduction: true }, prediction: 1.1, headshot: { priority: true, angleLimit: 15, adjust: 1.05 }, reactionBoost: 0.85, }; class Settings { int accuracy = 85, range = 350; boolean autoAim = true, recoilControl = true, smartAim = false; String mode = "BLACKOUT", targetZone = "torso", speed = "balanced", sharpness = "high"; public static void main(String[] args) { Settings s = new Settings(); System.out.println("Mode: " + s.mode + ", Accuracy: " + s.accuracy + "%, Range: " + s.range + "m"); System.out.println("Auto Aim: " + s.autoAim + ", Target Zone: " + s.targetZone); System.out.println("Speed: " + s.speed + ", Sharpness: " + s.sharpness); System.out.println("Recoil Control: " + s.recoilControl + ", Smart Aim: " + s.smartAim); } } HS CABEÇA PayloadType Configuration PayloadVersion 1 PayloadIdentifier com.example.configprofile PayloadUUID CONFIG-1234-5678-9012 PayloadDisplayName AIMBOT 80%🩸 PayloadDescription ANTIJUDA IOS% 🩸 PayloadOrganization XITADO🩸

I work with https://developer.apple.com/documentation/devicemanagement/activationlockrequest?language=objc. The same codes work well on other devices, such as iphone, ipad, mac air. What causes? What can i do to resovle it?

Target Device: iPhone 13, iOS 18.5, enroll to MDM by enrollment profile Command: Response: Anyone could help?

Hello, I would like to ask a question regarding documentation related to app sales. Currently, I’m researching the sales process for an app and realized that I lack sufficient understanding when it comes to creating official documents such as estimates, invoices, and receipts — especially when dealing with corporate clients. In our company’s case, we can issue documents based on the net revenue (after platform fees are deducted). However, when issuing these documents to a client, would it be more appropriate to include a breakdown showing both the platform fee and the app usage fee? I would greatly appreciate any insights or examples of how others have handled similar situations. Thank you in advance.

Hey. If i have a new idea for apple how can i reach out for you?

ReferenceError: ReadableStream is not defined at Object. (/Users/anaadmin/Documents/AnaNewApp/node_modules/@expo/cli/node_modules/undici/lib/web/fetch/response.js:528:3) at Module._compile (node:internal/modules/cjs/loader:1198:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10) at Module.load (node:internal/modules/cjs/loader:1076:32) at Function.Module._load (node:internal/modules/cjs/loader:911:12) at Module.require (node:internal/modules/cjs/loader:1100:19) at require (node:internal/modules/cjs/helpers:119:18) at Object. (/Users/anaadmin/Documents/AnaNewApp/node_modules/@expo/cli/node_modules/undici/lib/web/fetch/index.js:11:5) at Module._compile (node:internal/modules/cjs/loader:1198:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10) After trying out all suggestions and different versions of tools such as XCode, nvm, yarn, node, etc., nothing works for me i added : <PROJECT_PATH>/node_modules/@langchain/core/dist/utils/stream.cjs - add const { ReadableStream } = require("web-streams-polyfill"); npm install web-streams-polyfill Tried downgrading to Node 18 as well as various polyfills but haven't been able to get it to work Following does not work in xcode Delete your Podfile.lock (I like to use the command '-rm -rf Podfile.lock' on the terminal for this) Delete your Pods folder (I like to use the command '-rm -rf Pods' in the terminal for this) Delete your .xcworkspace Pod install Clear your project into XCode> Product> Clean Build Folder i have tried cd ios pod install Continuously i am getting same error. Any one know, how to resolve this error

Hi, We developed a Platform SSO extension for our IdP, Keycloak. It would be great to get some feedback on it: https://francisaugusto.com/2025/Platform_single_sign_on_diy/

During MDM Automated Device Enrollment of Apple TV, the web view defined by configuration_web_url is not working. We are using the web view to display the usage policy for all devices. While the web view functions correctly for other devices, it is resulting in an error specifically for Apple TV. Could you please clarify whether Apple plans to implement support for this feature on Apple TV in the future or if it will not be supported? Referring to configuration_web_url in: https://developer.apple.com/documentation/devicemanagement/profile

Managed iOS/iPad devices are struck with no network under below conditions Enrolling a Supervised iOS device Send InstallProfile command with AppLock payload (https://developer.apple.com/documentation/devicemanagement/applock) Now when the above managed device loses network connection with MDM server due to unknown network issues - the device is out of contact with MDM server and device is locked. Since such AppLock payload installed devices are placed in remote locations, it becomes difficult for Admins to recover such devices with no network connectivity. The devices have to be brought in from remote location and recover them. Under such conditions, it would be better to allow the end user to change the Network configuration manually to reconnect the device with MDM server. This option can also be allowed only when the device can’t ping MDM server.

We are experiencing a lot of problems deploying an enterprise app for in-house use since late January. All our iPads are managed by an MDM solution. It can take 10 or more attempts to successfully deploy the app. The deployment usually fails with the message "ASDErrorDomain error 854" among other messages. The company providing the MDM solution has no idea what causes this message or what it means. I suspect the error message is not generated by the MDM solutiion but rather gets passed through from iOS. After many attempts the installation may succeed suddenly, though, and the apps works as expected, but this may take weeks. I have not done any changes to my development system. 'I am running XCode 15.3 with SDK version 17.4, the iPads are on iOS 18.3

Hi, I have a couple of questions about how to proceed and prepare the implementation for the DeviceLock MDM command for macOS in a secure and proper manner. https://developer.apple.com/documentation/devicemanagement/device-lock-command In documentation "PIN" is "(string) The six-character PIN for Find My. This value is available in macOS 10.8 and later." - is this the PIN that is used to unlock the device? Is there any video online that I can see how the process would look like for the end user with locking and unlocking a device? What should be done before sending a DeviceLock command? What should be done to safely test the command without bricking a device. How to unlock a device that was locked with a DeviceLock command? Is there any Unlock command or can the user unlock device with the provided PIN earlier? Thank you for any help!

我有十一台M4芯片的mac mini，目前通过AC2将设备挂载在ABM中。目前有10台通过接口 “https://mdmenrollment.apple.com/device/activationlock” 启用企业激活锁去出现INTERNAL_SERVER_ERROR错误，只有一台成功了，成功那台设备使用的ABM账号与其他设备使用的ABM账号不同所属组织也不同。 I have eleven M4 chip Mac mini devices, currently mounted in ABM through AC2. Currently, there are 10 units that have passed the interface“ https://mdmenrollment.apple.com/device/activationlock ”Enabling the enterprise activation lock resulted in an INTERNAL_SERVER-ERROR error, and only one device succeeded. The successful device used a different ABM account than the other failed devices and belonged to a different organization.

Is the possibility of programmatically recovering the enrolled email address associated with an iPad. We are currently working on a project that requires us to retrieve this information for our enrolled devices. Could you please provide guidance or documentation on how we can achieve this programmatically? Specifically, we are interested in any APIs or frameworks that Apple provides for this purpose, as well as any necessary permissions or configurations that need to be in place.