I am trying to automate the installing procedure of iPhone apps (i.e) installing apps for around 5000 phones. For this I am planning to deploy an MDM server in Windows Server 2008 containing Active Directory. Once the successful registration of handsets is established the complete control of iPhone can be taken by the admin. I have following doubts:
1) My main objective is to push the apps that are available in the app store, hence Apple Push Notification Certificate will be sufficient to set up my MDM server and install apps?
2) Once the user registers his iOS device will I be able to install/uninstall applications into the device?
3) Can I implement payload mechanisms like AppLock Payload by just having Apple Push Notification Certificate?
To answer further to your questions in comment.
1) Is it is sufficient if i dig more and implement MDM server with the enrolment in Enterprise Developer Program?
Anyway you will need an Enterprise developer program to distribute apps. So go for it.
2) At once, I setup my own MDM solution,will I be able to achieve my goal (Installing Apps Without prompting user)?
Yes indeed. Its just a feature from set of valuable features offered by MDMs. Definitely you can.
3) Will Apple give me more documentation on MDM server and implementing methods when I enrol in Enterprise Developer Program?
No. Enterprise developer program is to distribute your in house apps. That doesn't mean that you can distribute silently without your consent. Thats where the MDM comes into picture. When devices are provisioned to a MDM server you can do MDM operations on enrolled devices. So you need to do a MDM vendor signing request. Thats if you developing such a solution. Otherwise go for MDM solutions already available.
Please see my comments inline.
1) My main objective is to push the apps that are available in the app store, hence Apple Push Notification Certificate will be sufficient to set up my MDM server and install apps?
No you still need MDM solution for that.
2) Once the user registers his iOS device will I be able to install/uninstall applications into the device?
Yes as long as the MDM vendor supports app installa and uninstalls.
3) Can I implement payload mechanisms like AppLock Payload by just having Apple Push Notification Certificate
I think you have to really read the MDM architecture. Its a separate implementation. Please read on that.
Related
How can we distribute iOS build, which is built by using Enterprise Account? Is there any possible to distribute via testflight account? Any help much appreciate.
Thanks!
There's a couple of different ways to do this. Once you've got a .ipa file for the app, you can:
Distribute via iTunes, if your employees can sync their iOS devices with their laptops (Apple Docs)
By using the iOS Configuration utility, though this means you have to physically have the device (Apple docs)
Over-the-air (iOS 4+), using an app store. You can do this through TestFlight, but the license restrictions on the Enterprise agreement don't go well with this kind of deployment. You'll need to either create and secure your own app store (like I've done for my employer) or use a third party service. Have a Google around for some good ones. There's plenty of documentation on how to do the deployment here
Some MDM suppliers like MobileIron have app stores available. Some will even allow you to push apps onto enterprise devices (iOS 5+) without any need for human intervention.
Other options are via email or putting it on the web for download (suggest you would want a website with a login to access it).
I'm talking with a client who is abroad and I'm wondering whether I will be able to send him versions of the iPad app for testing before it's on iTunes.
Is there a solution (e.g. Ad-Hoc?) I could rely that doesn't require jailbreak or anything?
If so, could you please provide me with a link to a guide?
Thank you !
Yes Ad-hoc is what you need, basically you will need to associate your client device identifier (UDID) to a certificate that you will use to sign application.
This is a standard procedure (no jailbreak required) that is fully documented on Apple provisioning portal in User Program Guide (you have to apply ($99) for the developer program and be logged to access this... and it is limited to 100 devices)
Another good thing is to use an "Ad-Hoc" updater such as HockeyKit to ease your client updates and installation procedure...
Yes, indeed, there is an ad-hoc distribution method:
here is its mention on the Apple Developer website. As far as details, I think you have to be in the developer program in order to get direct documentation for that, and sadly I allowed my developer account to lapse. A few key points can be found here
Essentially, you can distribute to up to 100 other iOS users who have your group's apple developer credentials installed on their phone, and the app will remain live for 90 days
Essentially, it's the same headache on the remote side with certs, keys, etc... that you have to do with XCode when developing on the device, but you can put the app on a website somewhere where the remote party can install it on their phone.
EDIT: I found this guide that is presented on a forum if you want to look through the steps.
Can any one help me to give me some answers on the below mention
Queries:
(i) Do we need to enroll for Enterprise Developer Program to
implement MDM for iOS4.0. We also have some client agent . But I found
some applications like "MobileIron" in AppStore which provides the MDM
service.
(ii) I have used the iPhone Configuration utility and tried to
install the MDM payloads, it gives out error in installation. So i
tried hosting the file in the secure web server and hit the link in
the safari browser, but it gives out a error like "Safari Could not
install the profile due to unknown error".
(iii) I have checked and couldn't find any information on pushing the
Configuration profile from server to device through Push Notification.
But in your blog under iPhone MDM topic , it has been mentioned that
through push notification service, remote commands and querying the
device is possible. So can you give any format that we have to follow
in order to push the configuration profiles to the device so that the
MDM service running in the background does the rest without user
intervention.
I am looking forward to hear from any one and I will be highly obliged if
anyone can guide me with answers for the above.
Thanks.
I can hopefully answer your questions.
i) Can you use the MDM features without an APNS Certificate (Joining the Apple Developer Program)?
Ron>> No, unfortunately to use the MDM features of any MDM Vendor you need an APNS certificate. However you only need the Enterprise one if you want to push down your own applications (applications signed with your certificate). If you just want to manage policies on the device you can use the standard APNS certificate ($99 vs $299).
ii) Once you have your APNS certifiacte you can use products like MobiControl (www.soti.net) to deploy policies that would be in the iPhone Configuration Utility.
iii) Again with products like MobiControl this can be done silently. MobiControl just released their software and the big advantage is that it's relatively low cost (about $660USD for 10 devices for life) and there is no re-occuring costs unlike Mobile Iron etc...
Best of Luck!
Lets say I have a client that wishes me to build a business app for the iphone. I would still need to enroll to the standard developer program so that the app can be installed on real devices and the only way for my client to install the app is through the app store? I cannot just distribute it to my client directly?
I'm just reading about how to start developing for iphone, so i'm a total noob. Any information is appreciated.
Thanks,
Yes you do need a developer license. No you can distribute it directly if you have each device setup on your account to do so. I am also pretty sure apple has a special license that makes it easier for handling enterprise applications you might want to send them an email to ask about it.
EDIT
Ok I found a link. It is more expensive the normal but this is definitely what you want for your company. It lets you do adhoc distribution across your company.
http://developer.apple.com/programs/ios/enterprise/
You need a developer certificate to put an app on any iOS device with a stock OS.
What kind of certificate and how many you need depends on the type and amount of distribution you require, and the size of your client's company.
You most likely will need to join the iOS developer program ($99/annum) yourself to install and test your apps as you develop them. In addition you can deploy Ad Hoc installations for up to 100 devices (including your own, your testers, your clients, plus, very importantly, including all repair replacements and upgrade devices).
Your client may not need any license if they only want a few copies and are willing to have you renew your Ad Hoc installs a few times per year.
If your client wishes to deploy an app in their own name outside their company or through the iTunes App store, then they need to apply to the iOS developer program themselves.
If your client is large enough to have a published Dunn & Bradstreet rating, and wishes to deploy only to their employees, then they can apply to the more expensive Enterprise iOS Developer program, and run their own internal app store.
i need to develop an iPhone application that is a Client of serverside application. This application is not for customer but for sell agents. I know that if i try to send to Apple to put on Apple Store they reject it because the application have no sense for Apple Store. The company is small so i can't use the Enterprise program. The only way i can use now is to use Ad Hoc mode but in this case if i made an update you need iTunes and i must find a way to avoid this.
Thanks for the help.
I'm not sure your application would be rejected by the Store.
For my employer, I developed a client side application that uses an appliance (server side) that my employer sells.
We provided a public appliance (with a public IP) to Apple in order to enable them to test our client application by entering the public IP of the server into the settings of the application.
They tested it, approved it, and our application is now "ready for sale" even if such application is useless for most of the appstore clients who don't own one of our appliance server.
The only option you have is ad hoc distribution, as you mentioned, which will allow you to provision up to 100 devices that can install the application.
As for updating, there is no automated way for you to do this. A new version of the app will nee to be emailed to each device owner and installed manually via iTunes and sync.
Maybe you should try this:
http://www.fancyfon.com/index.php/famoc.html
Ciao Grassino87,
there's a formal way created by Apple: your client must register as a enterprise company.
They will not able to sell application to AppStore, but they can deploy their application to their employees: it's called "In-House Distribution".
You can find more details here: http://developer.apple.com/programs/iphone/enterprise/
Using standard AdHoc method will limit potential sell agents to 99 device...
May be it's not the true way, but you can use testflight. There you could target your sales persons as testers and provide new update via weblink-shortener. For us it work seamlessly. Plus there's a nice API to find problems in your app.