Can any one help me to give me some answers on the below mention
Queries:
(i) Do we need to enroll for Enterprise Developer Program to
implement MDM for iOS4.0. We also have some client agent . But I found
some applications like "MobileIron" in AppStore which provides the MDM
service.
(ii) I have used the iPhone Configuration utility and tried to
install the MDM payloads, it gives out error in installation. So i
tried hosting the file in the secure web server and hit the link in
the safari browser, but it gives out a error like "Safari Could not
install the profile due to unknown error".
(iii) I have checked and couldn't find any information on pushing the
Configuration profile from server to device through Push Notification.
But in your blog under iPhone MDM topic , it has been mentioned that
through push notification service, remote commands and querying the
device is possible. So can you give any format that we have to follow
in order to push the configuration profiles to the device so that the
MDM service running in the background does the rest without user
intervention.
I am looking forward to hear from any one and I will be highly obliged if
anyone can guide me with answers for the above.
Thanks.
I can hopefully answer your questions.
i) Can you use the MDM features without an APNS Certificate (Joining the Apple Developer Program)?
Ron>> No, unfortunately to use the MDM features of any MDM Vendor you need an APNS certificate. However you only need the Enterprise one if you want to push down your own applications (applications signed with your certificate). If you just want to manage policies on the device you can use the standard APNS certificate ($99 vs $299).
ii) Once you have your APNS certifiacte you can use products like MobiControl (www.soti.net) to deploy policies that would be in the iPhone Configuration Utility.
iii) Again with products like MobiControl this can be done silently. MobiControl just released their software and the big advantage is that it's relatively low cost (about $660USD for 10 devices for life) and there is no re-occuring costs unlike Mobile Iron etc...
Best of Luck!
Related
I am trying to automate the installing procedure of iPhone apps (i.e) installing apps for around 5000 phones. For this I am planning to deploy an MDM server in Windows Server 2008 containing Active Directory. Once the successful registration of handsets is established the complete control of iPhone can be taken by the admin. I have following doubts:
1) My main objective is to push the apps that are available in the app store, hence Apple Push Notification Certificate will be sufficient to set up my MDM server and install apps?
2) Once the user registers his iOS device will I be able to install/uninstall applications into the device?
3) Can I implement payload mechanisms like AppLock Payload by just having Apple Push Notification Certificate?
To answer further to your questions in comment.
1) Is it is sufficient if i dig more and implement MDM server with the enrolment in Enterprise Developer Program?
Anyway you will need an Enterprise developer program to distribute apps. So go for it.
2) At once, I setup my own MDM solution,will I be able to achieve my goal (Installing Apps Without prompting user)?
Yes indeed. Its just a feature from set of valuable features offered by MDMs. Definitely you can.
3) Will Apple give me more documentation on MDM server and implementing methods when I enrol in Enterprise Developer Program?
No. Enterprise developer program is to distribute your in house apps. That doesn't mean that you can distribute silently without your consent. Thats where the MDM comes into picture. When devices are provisioned to a MDM server you can do MDM operations on enrolled devices. So you need to do a MDM vendor signing request. Thats if you developing such a solution. Otherwise go for MDM solutions already available.
Please see my comments inline.
1) My main objective is to push the apps that are available in the app store, hence Apple Push Notification Certificate will be sufficient to set up my MDM server and install apps?
No you still need MDM solution for that.
2) Once the user registers his iOS device will I be able to install/uninstall applications into the device?
Yes as long as the MDM vendor supports app installa and uninstalls.
3) Can I implement payload mechanisms like AppLock Payload by just having Apple Push Notification Certificate
I think you have to really read the MDM architecture. Its a separate implementation. Please read on that.
We have an application which will be used only by customers nationwide and for this reason we do not want to put the application on appstore. Shortly we want to publish it on one of our servers like a zip file then the customers will connect to that server and download the application. Yesterday when I called to apple support, one of the customer represantatives said to me that this is not possible even if we choose the enterprise license. But today I found a link which it says it can be possible. http://developer.apple.com/library/ios/#featuredarticles/FA_Wireless_Enterprise_App_Distribution/Introduction/Introduction.html
Now, I want to know that is there anybody had same problem in here? What are the differences between enterprise license and company license? And the most important is that how can we do what we want to do if it is possible?
It's not officially possible.
You could try Enterprise distribution as others have mention, though it's not designed for distribution outside your company. I'm not saying it will happen, but if Apple find you're doing it they might close your developer account. I've never heard of that happening; only you can decide whether it's an acceptible risk.
Apple would say that you should put the app in the App Store. Unless Apple would reject your app I don't see why this wouldn't work. You don't have to make it easy to find and you don't have to make it cheap.
You can limit it to your customers by requiring a log in. Many, many apps do this, from Salesforce to Skype to Twitter.
Your options are:
Use solutions like TestFlight (free AFAIK) and HockeyApp (paid
service / 1 month free trial) which use UDIDs for app distribution - they
allow seamless ad-hoc distributions.
Use Apple's corporate license ($99/yr) + enterprise license
($299/yr) at the same time and use the latter to distribute your
betas/products without managing UDIDs (i.e. anyone with a link to
your server can install the app, but you can introduce serial numbers etc.).
NOTE: using enterprise license obliges user to not share the app
outside the company, but most companies breach the license agreement
(sharing the apps outside company is not traceable AFAIK).
If you plan to distribute your app outside App Store, option 2 with enterprise license is a way to go, but mind the license agreement on other hand.
The Apple representitive was wrong.
With an enterprise account you can sign an application using an enterprise distribution certificate and provisioning profile, which lets the app run on any device with no restrictions.
You can also use Over-The-Air distribution which lets people install the app through a simple http link in Safari (for example).
We use this a lot at my workplace. We have hundreds of people around the world using our (private) apps, all installed via safari.
The standard Corporate license only lets you manage a maximum of 100 devices on your developer account, but if you take this route you can still use Over-The-Air distribution with an ad-hoc distribution certificate/profile. But you have to manage each device id yourself.
If the cost of the enterprise account is not too much for you, that is definitely the route to take.
It's like Apple said, not possible.
You can add device to the ad-hoc profile, this will allow your app to run on 100 device maximum.
You can use the Enterprise license but you will still need to register the device before the app can be installed and there is still a a maximum.
See the comment of Mike Weller.
Mustafa
you can generate your OTA(Over-The-Air) file in which you set your appropriate profile(with client`s UDID) and send that link to your client and easily provide your update.with using little bit help of your web-developer.check here.
hope this is helpful to you mate...
I'm talking with a client who is abroad and I'm wondering whether I will be able to send him versions of the iPad app for testing before it's on iTunes.
Is there a solution (e.g. Ad-Hoc?) I could rely that doesn't require jailbreak or anything?
If so, could you please provide me with a link to a guide?
Thank you !
Yes Ad-hoc is what you need, basically you will need to associate your client device identifier (UDID) to a certificate that you will use to sign application.
This is a standard procedure (no jailbreak required) that is fully documented on Apple provisioning portal in User Program Guide (you have to apply ($99) for the developer program and be logged to access this... and it is limited to 100 devices)
Another good thing is to use an "Ad-Hoc" updater such as HockeyKit to ease your client updates and installation procedure...
Yes, indeed, there is an ad-hoc distribution method:
here is its mention on the Apple Developer website. As far as details, I think you have to be in the developer program in order to get direct documentation for that, and sadly I allowed my developer account to lapse. A few key points can be found here
Essentially, you can distribute to up to 100 other iOS users who have your group's apple developer credentials installed on their phone, and the app will remain live for 90 days
Essentially, it's the same headache on the remote side with certs, keys, etc... that you have to do with XCode when developing on the device, but you can put the app on a website somewhere where the remote party can install it on their phone.
EDIT: I found this guide that is presented on a forum if you want to look through the steps.
i have enterprise developer account.
Now i m having 2 queries
1. I m getting code sign error while i use this profile and requested certificate.
2. How to distribute app with this account - enterprise account
Reply asap
Thanks
There are two ways to distribute your app. One is to deliver the files (users will need both the app and a provision profile) to your users' computers by whatever means you like (e-mail, web server, thumb drive, etc.) and have your users install the app by dragging those files into their iTunes library. The other way is to host your app on a web server and distribute it directly to users' devices. Apple's instructions for both methods are here.
It's hard to say what's causing your code signing error. What's helped me in the past is to read the error carefully for clues, and sometimes Google the exact error message. Make sure you've got your Entitlements file set correctly -- requirements for this seem to have changed at some point.
An alternative way of deploying apps wirelessly which requires almost zero setup on your end (in case you don't want to spend the time needed for that) is to use something like TestFlight.
does Apple offer developers to test their application on real devices without publishing if they haven't certificates?
It is necessary for me in education purposes.
Sorry to this but you CANNOT install an application on your device without Apple's Certificate.There is only one exception where the certicate can be availed for free and that is for higher educational institutions.
For more details follow this link