I am creating a prototype with the new Screen Time API introduced by Apple. The issue I am facing is, Applications installed in child device is not showing in parent device with FamilyActivityPicker. It is showing in Child device and apps can be shielded from child's device. Can some one describe, how to list the apps in parent's device.
Both Device are running in iOS 15.3.
Both falls in same family group
Child is under 13 yrs old
Screen Time enabled in both device and parent device can see child in Screen Time.
Explore the intersection of business and app development. Discuss topics like device management, education, and resources for aspiring app developers.
Post
Replies
Boosts
Views
Activity
Anyone know what the DeclarationType string values are for the Asset declarations?
UserIdentity asset defines the type as com.apple.asset.useridentity.
There is no such value for UserNameAndPasswordCredentials.
Has anyone been able to install this type of declaration?
Hi,
I am trying to enable declarative management on my device ( it is already enrolled as a sharedIpad with DEP).
When sendind the command, the device's response contains an error. It is not acknowledged. Either on the device channel or on the user channel.
The device channel returns :
'ErrorChain': [{'ErrorCode': 4, 'ErrorDomain': 'RMErrorDomain', 'LocalizedDescription': 'Feature Disabled: Device Channel.'}], 'Status': 'Error',
and the user channel returns :
'ErrorChain': [{'ErrorCode': 12021, 'ErrorDomain': 'MDMErrorDomain', 'LocalizedDescription': '“DeclarativeManagement” is not a valid request type.', 'USEnglishDescription': '“DeclarativeManagement” is not a valid request type.'}], 'Status': 'Error',
Does DEP device support declarative management?
Thanks.
Hi Team, The User Enrollment introduced by Apple back was really great I was trying to test out that .As per the implementation details provided by apple for Simple Authentication - User Enrollment Flow.
Below are the steps I followed to implement it.
Step 1) Making a /.well-known/com.apple.remotemanagement url and sending a json as for byod which apple has detected successfully.
Step 2) Apple making a POST request to BaseServer URL of MDM to get enrollment profile ( At this Step as there is not Authorization header I sent a 401 with WWW-Authenticate header with scheme and url as mentioned by apple)
Step 3) Apple has requested With GET to get the html page to show to the user from the url mentioned in WWW-Authenticate header.
Step 4) Here there is a tweak the HTML page I actually shown doesn't contains any form as it is for testing purposes. I Simply had a button which upon clicking sends a POST to my url with empty JSON using axios library where from the server I sent a 308 redirect with Location header as mentioned by apple apple-remotemanagement-user-login://authentication-results?access-token=dXNlci1pZGVudGl0eQ
Where after I expect the ASWebAuthenticationSession to end and apple to start Second Enrollment attempt with acces token as Authorization Bearer token But the Screen showing the HTML page doesn't go away and neither apple started any steps to get the Enrollment profile from MDM server . Am I commiting any mistakes here.Could you please help on going with it.
I am experiencing issues when pushing the "WiFi Lock" profile via MDM or the "Join only Wi-Fi networks installed by a Wi-Fi payload'" Restriction via Apple configurator 2.
I am pushing a WiFi Authentication profile along side it which means that the wifi lock profile is suppose to force the device to only be able to connect to the wifi authentication profile that was pushed to the device via MDM.
However, what end up happening, the device "forgets" or does not recognize the pushed wifi auth profile that it has after device reboot. It ends up not showing any available wifi networks and wont allow the device to connect to wifi.
The only way i can fix it, is if i push the wifi authentication profile to the device again via cellular. It then remembers it and will connect. But as soon as the device reboots and sometimes it does not even need to reboot it will forget it.
What could be going on with this?
Is there a way to check in code if a device is under Mobile Device Management? We want to show the users a different screen in the app if it is under device management. This is primarily for devices under Apple School Manager or something similar
IMAP is again broken... this has happened with many prior iOS betas
We are facing issue SSO from some days its was working fine few days before.
In apple devices, we are facing issue that once user enters the username and password, it is asking again when user logs in.
All things were fine no changes in system only thing, this issue started happening for may be iOS 16 updated.
We have implemented SSO using Microsoft AD.
Things working for all other OS (Windows, Android) except iOS.
We are working with MDM service using VPP API, and trying to migrate Legacy APIs to new App and Book Management APIs.
This document says
Send the public key you generate to your Apple contact in a plain-text file. Do not share the private key. Also provide a brief description of your use case and product.
I generated a key-pair and sent the public key to Apple Developer Program support, however they didn't know how to handle it.
What means "your Apple contact" here?
I already understand how to generate JWT token for the api.ent.apple.com. I want to know who authorize the public key for the organization.
Thank you,
We're trying to make our Content Filter solution work on Shared iPads. We leverage the Network Extension framework, more specifically the Content Filter Providers.
On regular, 1:1 iPads, this works perfectly fine. However, on Shared iPads we see some weird behaviour.
Upon logging in with a MAID everything initially seems fine. However, in about 5 to 10 seconds the user is automatically logged out and an error indicating "a connection to iCloud could not be made" is presented to the user.
After investigating the logs it turns out this is caused by the fact that the network is unreachable. For example:
Jan 19 00:33:04 cloudd(CFNetwork)[5867] <Error>: Task <F5DC7C46-422D-4265-A364-B3C859BF6291>.<1> finished with error [-1009] Error Domain=NSURLErrorDomain Code=-1009 UserInfo={_kCFStreamErrorCodeKey=50, NSUnderlyingError=0xefe89ffc0 {Error Domain=kCFErrorDomainCFNetwork Code=-1009 UserInfo={_NSURLErrorNWPathKey=unsatisfied (Path was denied by NECP policy), interface: en0[802.11], ipv4, dns, uses wifi, _kCFStreamErrorCodeKey=50, _kCFStreamErrorDomainKey=1}}, _NSURLErrorFailingURLSessionTaskErrorKey=<private>, _NSURLErrorRelatedURLSessionTaskErrorKey=<private>, NSLocalizedDescription=<private>, NSErrorFailingURLStringKey=<private>, NSErrorFailingURLKey=<private>, _kCFStreamErrorDomainKey=1}
Test device:
iPad Pro (11-inch) running iPadOS 17.2 (21C62)
My assumption:
It looks like the filter providers start "too late". In the meantime the device is trying to reach the network, but since there is a Content Filter configuration in place all traffic is denied until the extension is started (and the completionHandler has been called with a nil error).
I can see in the logs that, about 5 seconds after the home screen is visible, the Content Filter Providers are starting:
...
Jan 19 00:52:54 neagent(NetworkExtension)[7086] <Notice>: Extension request with data extension <our filterData bundle ID> started with identifier 63576D2C-A484-4D07-9753-ADC99BFDB7A6
...
Jan 19 00:52:55 neagent(NetworkExtension)[7086] <Notice>: Extension request with control extension <our filterControl bundle ID> started with identifier 51D19516-C860-48B8-AB83-0F43D5F613CB
...
Is my assumption correct? Are the Content Filter provider even officially supported by Apple on Shared iPads? Is there anything we can do to fix this issue?
The new profile added to manage the cellular private network is not getting installed on the device end - https://developer.apple.com/documentation/devicemanagement/cellularprivatenetwork?changes=_9
When we try to oinstall the profile we get these error messages.
{'Status': 'Error',
'CommandUUID': '556d4936-7514-4121-af8d-3f0bf855a9e6',
'ErrorChain': [
{'ErrorCode': 4001,
'ErrorDomain': 'MCInstallationErrorDomain',
'USEnglishDescription': 'Profile Installation Failed',
'LocalizedDescription': 'Profile Installation Failed'},
{'ErrorCode': 4001,
'ErrorDomain': 'MCInstallationErrorDomain',
'USEnglishDescription': 'Profile Failed to Install',
'LocalizedDescription': 'Profile Failed to Install'},
{'ErrorCode': 1009,
'ErrorDomain': 'MCProfileErrorDomain',
'USEnglishDescription': u'The profile \u201cprivate network policy\u201d could not be installed.',
'LocalizedDescription': u'The profile \u201cprivate network policy\u201d could not be installed.'},
{'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain',
'USEnglishDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.',
'LocalizedDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.'}],
'UDID': '00008101-001E1DCA3A81001E'}
We have a few development servers that implement MDM and I am trying to incorporate WatchOS Enrollment. I am having trouble connecting to our enrollment URL that is defined in the watch enrollment payload. The error I get indicates that the server certificate is invalid. I can see this error if I attempt to pair to an iPhone that has the WatchOS enrollment declaration on it and I also see if I send an iMessage with our server url and attempt to open the url using the messages app on the watch itself.
The certificate is valid, but the SAN does not define my particular domain but rather it uses a wildcard (i.e. DNS Name: *.domain.com and DNS name: domain.com).
The url opens fine on any other Apple device (iPhone, iPad, Mac, etc) as well as windows.
My question is, is there some problem with using an SSL server certificate that has a wildcard in place of a specific domain when attempting to connect using WatchOS?
Hello,
I could not find information in the doc (which is still beta, I understand) : how are app upgrade handled by DDM AppManaged ?
With MDM, sending InstalledApplication command will upgrade the app to the most suitable recent version ; HasUpdateAvailable flag tells MDM server (more or less accurately) if there is an update and then Organizations can keep apps up to date as quickly as possible if needed.
But with DDM, we just have a declaration where we tell the device to install a given app, and that's it. Is there any detail about how the device upgrades apps, and how frequently ?
Thanks.
I would like to know how secure the communication between the reseller and organisation. Because we are providing organisation id and getting the reseller id information. Post providing organisation id, did reseller able to see any information about the organisation or not? If reseller able to see the information then need to know what are all the information they able to see it. Thanks.
In the Apple Business Connect - When adding Attributes to the Place Card>Save>Address is wiped
This continuously happens when it clears data fields that were previously saved.
https://www.awesomescreenshot.com/video/25583267?key=adc1e136af1ba0b7cfa453dcd613f4b4
Please Apple...
its almost a month now, and I (we) haven't heard back from you. since we have been sending mails.. Consigning our Upgrade to an Organization.
I (we) provided all the necessary, Information needed to update our individual apple Developer account to an Organization developer account . and I (we) haven't heard back from you.
the error we are getting on our account
We’re processing your membership migration from an individual to an organization.
Please note that your membership benefits are temporarily disabled during this time.
Also... With this delay from getting response from you, we hope our expires for the apple Developer payment would be shifted , as we haven't been able to access our account for almost a month ?
Below are the case numbers, generated by apple hopefully fall are correct
{ 102228853402 }
{ 102243840694 }
{ 102245033626 }
{ 102241341764 }
{ 102236317557 }
{ 102229955599 }
Please tell me two things about "Safari Password Autofill Domains" in my domain settings.
Incident
The behavior of the following items in the Domains setting differs between "no setting" and "edit and delete setting values".
Subject: Safari Password Autofill Domains
Steps to Reproduce(Delete the setting value)
enter any value in "Safari Password Autofill Domains" in the domain settings and save it.
Delete the value entered in step 1.
Distribute to the terminal.
Result
If no settings: A pop-up window will appear asking if the password is to be saved in all domains. The key "SafariPasswordAutoFillDomains" is not present in the configuration profile.
Edited to remove the value: The "Save Password AutoFillDomains" popup does not appear for all domains. The key "SafariPasswordAutoFillDomains" exists in the configuration profile and an empty array remains.
Question 1.
Is it expected that the behavior is different when "Safari Password Autofill Domains" is not configured and when the configuration value is edited and removed?
Question 2
Is it expected that "" remains in the configuration profile when the setting value is edited and deleted?
I'm developing for DEP (Device Enrollment Program). Each time a new iPhone is added through the configurator, I have to call the API at https://developer.apple.com/documentation/devicemanagement/assign_a_profile to assign a predefined configuration profile to the device. Is there a way to automatically assign new devices to a default configuration profile?
Query: My ex colleague opened a individual apple developer account and we mutually published app there, but later on, he get separated, and move to an other town. I keep on using same account but he stopped. I don't have his contact detail as he have changed is contact and all details.
Now I want to transfer account holder role to my name, where as apple says one can only do it in below scenario.
""Account Holder transfers for individual members are granted when a minor reaches the age of majority and can receive the Account Holder role from their guardian, or when the Account Holder is deceased. Assistance is required from Apple Developer Support.""
Any Solution to my Problem?
We're currently facing an issue with Intune not automatically updating/downloading the updated build/app to end-user ios devices. It's worth noting that we've recently migrated the Xamarin project to a .NET-style SDK in this version. Previously, the app used to update automatically without any problems. We'd appreciate it if you could help us understand what might be causing this issue.