Hi, I am developing an iPad application which will run in guided access mode. This will be an Enterprise app. the use case is we will provide iPad to our customers with the application installed in it and guided access mode is on and wi-fi is also on. Now I want users to connect to their own wifi setup at their home (SSID name and password as input field within the app) So is there any way user can connect to their wifi from within the application entering SSID and password in Guided access mode ? Or is there is any way user can scan the wifi at their home and connect to on of them by providing password from inside the application. Application will run in Guided access mode only.

My employer has several MDM restrictions enabled for security reasons. Particularly, they disable Handoff in order to disable Universal Clipboard, since the two are coupled together in the MDM restrictions. This has the unfortunate side-effect of disallowing Mac Virtual Display on the Vision Pro, since it requires Handoff in order to work. Is there another way for them to disable only Universal Clipboard using MDM restrictions? If not, how could I go about requesting that the MDM restrictions be more granular?

Hi, I'm looking into ACME Managed Deice Attestation and was wondering about one of the values in the payload - AllowAllAppsAccess. From the documentation: "If true, all apps have access to the private key" but what is the case that you would have this set to true? seems like it opens up the device to potentially malicious software. Also, if this were set to true, how would an app access this private key when it is stored in the Secure Enclave? is there a specific tag that it is stored with?

Since the 14.4 latest beta update Chrome Remote Desktop is broken. The screenshot below says it all. This message pops up after each reboot of a headless Mac Mini M2 and has to be explicitly allowed before Chrome Remote Desktop will connect.

I am experiencing difficulties in fully integrating my Apple Watch with a supervised iPhone under MDM control. While I have successfully paired the watch with the iPhone, I am facing issues with some apps not syncing or appearing on the Apple Watch. This issue persists despite having allowed their bundle IDs in the MDM’s whitelist. Could anyone provide guidance on which specific Apple bundle ID is crucial for maintaining the connectivity and functionality between the iPhone and the Apple Watch? Understanding this would help in ensuring that the necessary bundle ID is whitelisted in the MDM settings, thus resolving the app visibility and functionality issues on the Apple Watch.

Is there a way to check if DDM(Declarative Device Management) is enabled on a device?

The new profile added to manage the cellular private network is not getting installed on the device end - https://developer.apple.com/documentation/devicemanagement/cellularprivatenetwork?changes=_9 When we try to oinstall the profile we get these error messages. {'Status': 'Error', 'CommandUUID': '556d4936-7514-4121-af8d-3f0bf855a9e6', 'ErrorChain': [ {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': 'Profile Installation Failed', 'LocalizedDescription': 'Profile Installation Failed'}, {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': 'Profile Failed to Install', 'LocalizedDescription': 'Profile Failed to Install'}, {'ErrorCode': 1009, 'ErrorDomain': 'MCProfileErrorDomain', 'USEnglishDescription': u'The profile \u201cprivate network policy\u201d could not be installed.', 'LocalizedDescription': u'The profile \u201cprivate network policy\u201d could not be installed.'}, {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.', 'LocalizedDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.'}], 'UDID': '00008101-001E1DCA3A81001E'}

Hi Team, We have Apple's OS Update for Mac machines in our fleet . Where some Macs are Silicon previously at 14.2.1 and we updating them to 14.3 using Command ScheduleOSUpdate with InstallAction key set to Default. We also have set restriction set with keys forceDelayedSoftwareUpdates set to true and enforcedSoftwareUpdateDelay set to 1 For Updating at earliest. FYI, These machines already have FileVault Encrypted with them and also has Admin User After Restart We can see that the device automatically boots to Recovery Mode asking for a "Recovery Key" to continue , Even When we have given the personal recovery key (or) Trying to unlock the disk using Admin user's Credential in Startup Disk Things not working. FYI , The machine have asked for BootStrap Token After ScheduleOSUpdate Command And MDM have given them in Response Can We please know where there is a issue and why this behaviour is occurring

Hello Apple Community, Issue encountered during the installation of an app via DDM (Declarative Device Management) on iOS 17.3 devices. When applying an app configuration and managed app list status event through declarative management, the configuration is successfully applied, but the configured app is not being installed on the device. Upon closer inspection, we have identified that the error "ManagedAppDistribution.ManagedAppDistributionError" is being logged during this process. My Configuration: { "Type": "com.apple.configuration.app.managed", "Identifier": "com.mdm.1740e623-4361-498d-af02-b433500d58bd.ManagedAppDDM", "ServerToken": "1706282674113", "Payload": { "AppStoreID": "361309726", "InstallBehavior": { "License": { "VPPType": "Device" }, "Install": "Required" } } } { "Type": "com.apple.configuration.management.status-subscriptions", "Identifier": "com.mdm.9c70c80f-406a-425a-8829-1025652f05c6.ManagedAppListStatus", "ServerToken": "1706282673976", "Payload": { "StatusItems": [ { "Name": "app.managed.list" }, { "Name": "mdm.app" }, { ... } ] } } DDM Response: { "StatusItems": { "management": { "declarations": { "activations": [ { "active": true, "identifier": "DEFAULT_ACT_0", "valid": "valid", "server-token": "1706282674113" } ], "configurations": [ { "active": true, "identifier": "DEFAULT_STATUS_CONFIG_0", "valid": "valid", "server-token": "3" }, { "active": true, "identifier": "com.mdm.1740e623-4361-498d-af02-b433500d58bd.ManagedAppDDM", "valid": "valid", "server-token": "1706282674113" }, { "active": true, "identifier": "com.mdm.9c70c80f-406a-425a-8829-1025652f05c6.ManagedAppListStatus", "valid": "valid", "server-token": "1706282673976" } ], "assets": [], "management": [] } } }, "Errors": [ { "Reasons": [ { "Code": "ManagedAppDistribution.ManagedAppDistributionError.0", "Description": "The operation couldn’t be completed. (ManagedAppDistribution.ManagedAppDistributionError error 0.)" } ], "StatusItem": "app.managed.list" } ] } Note : The ManagedAppDistribution framework extension appears to not be implemented in this context. Kindly help us with this issue. Thanks in advance.

Please tell me about the NotNow status returned by the MDM command for Apple devices. ◾️I would like to check I am aware that there are some MDM commands that return a status NotNow when the device is locked and the command cannot be executed. I am aware of InstallProfileCommand and SecurityInfoCommand. https://developer.apple.com/documentation/devicemanagement/installprofilecommand https://developer.apple.com/documentation/devicemanagement/securityinfocommand Please answer the following two questions. ◾️Question I would appreciate an answer with the official name of the command and the URL of the command's reference, if possible. Question 1 Please tell us if there are commands other than InstallProfileCommand and SecurityInfoCommand that return status NotNow because the command cannot be executed if the terminal is locked. Question 2 Please tell us if any of the following commands return the status NotNow because the command cannot be executed if the terminal is locked. DeviceConfiguredCommand AvailableOSUpdatesCommand ScheduleOSUpdateCommand OSUpdateStatusCommand

I need help pairing apple watch to Supervised iPhone with MDM. Need to know which apple bundle id is the one resposable for the connection. By now the watch does pair with the iPhone but some of the apps dont appear on the apple watch though I've already allowed those bundles in my MDM. Thank you!

Hello, Dear Engineers I have distributed a management profile from Aplle Configurator to my terminal with reference to the following document https://developer.apple.com/documentation/devicemanagement/cellularprivatenetwork Situation: We tested the device in an environment where both Wi-Fi and cellular connections were available, Wi-Fi seemed to have priority in the operation. This is because CellularDataPreferred, which is set in the distributed management profile, is enabled, I would like cellular to be given priority. I am using iPhone 15 (iOS 17.1.2). Question： ・Is there anything else missing besides the Profile Example to make CellularPrivateNetwork's Device Management Profile work properly? ・Has anyone confirmed that CellularPrivateNetwork's Device Management Profile works correctly? BestRegards

hi! https://developer.apple.com/documentation/devicemanagement/applayervpn I have a question about AssociatedDomains in the AppLayerVPN reference above. From the description, I believe that this property triggers the VPN when the app is launched with a universal link and connects to the domain specified in AssociatedDomains. Is that correct in your understanding? I specified "twitter.com" as a test, and the VPN was not triggered when the universal link was executed from safari, etc. How can I make a VPN connection with the domain connection specified in the AssociatedDomains property? If you could please let us know with some real life examples. I will pass on your thanks in advance. Thanks.

When attempting to renew a certificate after December 18, 2023, an error may be displayed, preventing the renewal of the certificate. It seems that repeating the process multiple times can occasionally lead to success, indicating that there is no issue with the CSR file. This occurrence has been observed in multiple MDM services, including Intune, Work Space One, and various other MDM vendors, suggesting a malfunction with Apple's servers. We hope that this issue will be promptly resolved and fixed. Although unrelated to the previous issue, when pressing "Manage Certificates," it redirects back to the login screen instead of returning to the certificate list page. Please fix this so that it returns to the certificate list page.

https://developer.apple.com/documentation/managedappdistribution As stated in the above documentation, to use this framework, App should be enabled the following entitlement . The Managed App Installation UI entitlement is required to use this framework. But in developer portal it is not found .Is there any other requirements Apple will expect in order to use this entitlement.? Any help will be appreciated.