We are doing application assignment to personal iOS devices that are enrolled in MDM via User Enrollment. However, we're experiencing some odd behavior when assigning licenses.
We are getting back errors from the devices when doing assignments:
code: 12064, domain: MDMErrorDomain, description: Could not retrieve licence for the app with iTunes Store ID 422689480.
code: 2605, domain: DeviceManagement.error, description: No licence was found for app "com.google.Gmail".
However, we are not seeing license exhaustion on the Apple Business Manager side for our location.
We are not clear what would cause the 12064 or 2605 errors.
We have tried re-sending the command to install the app, and we have tried un-enrolling devices and re-enrolling, as well as updating the VPP Token for the location.
We have gathered sysdiagnoses from affected devices, but it's not clear what causes this. What other causes are there for 12064 and 2605 errors? How can we work around these?
Explore the intersection of business and app development. Discuss topics like device management, education, and resources for aspiring app developers.
Post
Replies
Boosts
Views
Activity
Context: I’m not an app developer, but I’m doing some research in order to gain a high level understanding of an app that I want some developers to build for me.
Basically I need a navigation app built (integrated with Google Maps) that works pretty much like Google Maps. This app will connect to and stream live navigation data to a car HUD (heads-up-display) device using WiFi direct (to facilitate high bandwidth streaming). The purpose of the streaming from the mobile app to the HUD is so that the driver can see the live map without having to look at their phone.
This leads me to my QUESTION: this functionality (streaming from app to HUD) is similar to what AirPlay does & I’ve read that Apple rejects apps that replicate AirPlay’s screen mirroring function. I’ve also read that in order to work around this, my app should limit the information that is sent to & displayed by the HUD device (basically, shouldn’t mirror the whole screen). So, would Apple still reject my app if it only streamed the live map onto the HUD device & left out all the other information displayed on the app (ETA, turn signals, distances etc.) and thus refraining from streaming the entire screen?
I am trying to set up a workflow where Apple Vision Pro users in my organization can install a signed enterprise .ipa file from an internal web page.
The relevant link looks something like this:
<a role="button" href="itms-services://?action=download-manifest&url=https://my.example.com/path/manifest.plist">Click here to download</a>
After verifying that all the mime types were correct on the server and the certificate was valid, I finally attached my AVP headset to my Mac's console app and saw that the errors look like this:
[com.example.myapp] Skipping due to incompatible platform: com.apple.platform.xros
Could not load download manifest with underlying error: Error Domain=ASDErrorDomain Code=752 "Not compatible with this platform: com.apple.platform.xros" UserInfo={NSDebugDescription=Not compatible with this platform: com.apple.platform.xros}
This manifest.plist was made by the "Distribute App" workflow in Xcode 16.0.
Multipart question:
Is installing VisionOS apps via manifest+ipa over a web connection a supported way of installing apps?
If the issue is with com.apple.platform.xros, what should be the platform-identifier for VisonOS apps?
We use managed Apple accounts for all users in our environment. One of these accounts is associated with an App Store app. Currently the developer console has a banner that says:
"There's no credit/debit card on the Apple Online Store associated with your Apple ID to auto-renew your membership."
This account, as well as my own admin account, are unable to add a payment method to our Apple account. We're missing the "Payments & Shipping" button on the Manage Account page.
How can we renew our developer subscription to keep our app on the App Store? It's critical for us that the account that owns this app is managed. TIA
Hi,
I have a question regarding reading the configuration of a managed app deployed via an MDM system. The application has an Action Extension and can receive shared files via this extension.
The problem I am facing is that I can read the managed configuration in the host app by accessing the UserDefaults.standard.object(forKey: "com.apple.configuration.managed") dictionary. With this, I can configure the host app. However, I am unable to read this configuration key in the Action Extension part of the application.
My question is whether there is any possibility to read the managed configuration even in the extension. So far, I have been unable to figure out how to read it.
I found the sample code, but it was not very helpful since it is very basic and does not deal with extensions at all.
Any hints are appreciated.
Hello:
The App Store provides https://developer.apple.com/help/app-store-connect/configure-in-app-purchase-settings/enter-server-urls-for-app-store-server-notifications When the server interfaces with this interface, it is found that the specific user account cannot be found. How should I know which user initiated the subscription, or which user automatically subscribed during automatic renewal? Do you have a user account or ID?
I hope to receive your complete answer as soon as possible.
Best wishes.
https://support.apple.com/en-gb/guide/deployment/dep6fa9dd532/web dangles a carrot about being able to facilitate "A list of domains that the Shared iPad sign-in screen displays. The user can pick a domain from the list to complete their Managed Apple ID." - this sounds ideal!
In the absence of this seemingly being supported by Apple Configurator or iMazing Profile Editor at the time of writing, I have tried to create my own but I fall foul of knowing what PayloadIdentifier or PayloadType to use?
This is the draft/work in progress/doomed to failure config so far (which doesn't - as expected - work):
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>HasRemovalPasscode</key>
<false/>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDescription</key>
<string>Configures Managed Domains</string>
<key>PayloadDisplayName</key>
<string>Domains</string>
<key>PayloadIdentifier</key>
<string>com.apple.domains.DE12211A-CFDD-4F8C-8D7B-72E569CE3B6C</string>
<key>PayloadType</key>
<string>com.apple.domains</string>
<key>PayloadUUID</key>
<string>DE12211A-CFDD-4F8C-8D7B-72E569CE3B6C</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>WebDomains</key>
<array>
<string>domain.com</string>
</array>
</dict>
</array>
<key>PayloadDescription</key>
<string>For Shared iPad login convenience</string>
<key>PayloadDisplayName</key>
<string>DefaultDomain</string>
<key>PayloadIdentifier</key>
<string>Tom.77CF3CA5-4A48-41DD-9179-EF6F4C5E786E</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>A5594F17-155B-4A1C-8696-3F502D118C37</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
The support article is probably ~2-year old information so I'd have thought that by now that this would be documented somewhere - am I just not looking hard enough?
中文:
大家好,我通过https://mdmenrollment.apple.com/session获取到了auth_session_token,并能正常使用device/activationlock、devices、profile/devices这些接口,但是不能正常使用devices/disown(https://mdmenrollment.apple.com/devices/disown)这个接口,接口返回401 UNAUTHORIZED,请问应该怎么处理?
English:
Hi, I have passed https://mdmenrollment.apple.com/session Obtained auth_dession_token and can use interfaces such as device/activationlock, devices, and profile/devices normally, but cannot use devices/disown normally( https://mdmenrollment.apple.com/devices/disown )How should I handle this interface, which returns 401 UNAUTORIZE?
I am looking into bypassing the following popup when setting up an iPhone 15 Pro:
Would the SkipKey SIMSetup allow to bypass having the following window popup upon initial setup? So far all settings are bypassed during the initial setup of the phone and the application of Wi-Fi. The only issue present in the setup I want to achieve is prohibiting this window regarding eSIM set up.
We are in the process of replacing the TripleDES algorithm with AES in our MDM solution. However, after switching the encryption algorithm, we encountered the following error on Apple devices during enrollment:
Error: "-26275 error decrypting response payload (mdmclient(SCEP))"
Do Apple devices support AES encryption during the enrollment process, or are there any known limitations that prevent its use?
Technical Details:
During enrollment, when the device attempts to install the Management Profile, it requests the MDM server to retrieve the device certificate from the SCEP URL.
We send the certificate by creating Enveloped CMS content, using TripleDES as the algorithm identifier. If we switch the algorithm to AES, we observe the error mentioned above.
We are also using TripleDES when preparing the CMS content for the enrollment profile, which works without issues.
A profile that contains setting of allowVPNCreation is false was installed duiring activation in my requirements.
The iOS version is 18.
AllowVPNCreation is first, setting the app's network is second, the app can't use network.
Setting the app's network is first, AllowVPNCreation is second, the app works well.
For example:
Scene 1
Step 1: Install a profile that contains a setting where allowVPNCreation is false during activation.
Step 2: Complete activation and enter the main screen.
Step 3: Tap App Store, the screen displays network unavailable, needs to be set in Setting.
Step 4: Open the network setting for App Store, but still closed.And the network settings for other apps are all closed;
Step 5: Remove the profile.
Step 6: After a minute, opening the network setting for App Store is work.
Result: AllowVPNCreation effects app's newtork after entering the system for the first time. It don't happen below iOS 18.
Scene 2
Step 1: The app's network setting is ok.
Step 2: Install a profile that contains a setting where allowVPNCreation is false.
Result: No effect。The same result below iOS 18.
Is this a bug or new features, how to handle?
Phone Pe's customer support:09798-179-306
Could you please provide guidance on what is required to set up an Apple MDM server from scratch? Specifically, I would like to understand the necessary steps, tools, certifications, and best practices involved in the process. Any resources or documentation you could recommend would also be appreciated.
I recently upgraded my Apple Developer account from a personal account to a business account. However, I would like to revert back to a personal account. The reason is that I plan to create a separate developer account for a company using a different company email, and I want to use my original account for publishing personal apps.
Is it possible to change the account type back to personal? If so, what steps do I need to follow? If not, are there any other options I should consider?
Thank you for your help!
**Hi Apple Developer Community,
Good Morning **
My Personal MacBook Air M1:
Mac OS: Sequoia, Version 15.0
Please note, this is my personal MacBook and I am the only one who is using it.
I can see System Configuration, Configuration Profiles and Kerberos on my personal MacBook Air M1
System Folder ---&amp;amp;amp;amp;amp;amp;amp;amp;gt; Library ----&amp;amp;amp;amp;amp;amp;amp;amp;gt; Configuration profile, System Configuration folders ?.
Attaching herewith the snapshot of the same.
Can some throw light on the same.
Do I need to remove the configuration profile, system configuration from my personal MacBook Air M1 which is seen in
System Folder ---&amp;amp;amp;amp;amp;amp;amp;amp;gt; Library ----&amp;amp;amp;amp;amp;amp;amp;amp;gt; Configuration profile, System Configuration folders ?
Also, I cannot edit the user in my name.
**Kindly assist me with the same.
Thanks and Regards,**
Omkar
Hi everyone,
I maintain an app that is developed and distributed with an Apple Developer Enterprise subscription and delivered via my institution’s private site, where users download the .ipa file after logging in. From what I see, we use automatic signing in Xcode where possible.
On the 1st of January 2024, the provisioning profile expired, and the developer before me had to rush to renew it because the app stopped working.
Now, I have some questions about how to prevent this from happening again:
When should I renew the provisioning profile?
Can I renew it before the expiration without blocking the current app version that users have already downloaded?
How do I renew it? If I need to download a certificate, does it need to be converted into a different format?
Do we need to build a new .ipa file that users will have to download before the expiration date?
here a screenshot clearance and guide:
On October 4, 2024, the enterprise app we are using showed a "(app name) is no longer available" pop-up on certain devices and the app was not available.
And if those users delete the app and reinstall it, "I can't install (app name) because I can't verify integrity, I can't install this app" pop up.
The profile of the app was renewed in February this year, and membership, certificate, and profile were all not expired.
Currently, the problem has been solved by re-deploying the app,
Please tell me the cause of the phenomenon and how to take preventive measures.
To refund money from Phone Pe for a wrong transaction, you should immediately contact Phone Pe's customer support:09738-149-306-and (available 24/7) report the issue.
Please help,
I am trying to enter my bank account details (PKO Bank In Poland) but always get the error: "The IBAN number is invalid."
I'm using account in PLN zl.
account number: 52########0000########1123 (26 symbols)
IBAN: PL52 ########0000########1123 (28 symbols)
I've tryed other accounts, and I'm sure all of them are correct (information was given from the bank page and validated by IBAN checker services), but error blocks me.
How to resolve this issue?
Thanks.
Hello All,
My team and I are developing a mobile application (offgrid) to help combat screen addiction. Our application will allow users through gamification, to challenge each other to stay off certain predetermined apps on their phone for a set amount of time and risk their own money. The money will act as a reinforcement to stay focused and off the application. Example: Jon challenges Jen to stay off Instagram for 1 hour for $5. If Jen accepts the challenge, she and Jon cannot go on Instagram. If Jen or Jon decides to click the Instagram app within the hour, the $5 automatically goes to the winner via Apple Pay or another service. If they complete the challenge and stay off Instagram then there is no exchange of money. I will also give the option for users to challenge each other and risk their money for a charity cause if someone loses.
My question is, will the exchange of money count as an in-app purchase, or will the winner receive the full amount? Also, if the money goes to charity, will that count as an in-app purchase?
Thanks!