Explore the intersection of business and app development. Discuss topics like device management, education, and resources for aspiring app developers.

All subtopics

Post

Replies

Boosts

Views

Activity

Please MR cook , Save the Apple Vision PRO
Dear Mr. Cook, I am writing to you today to urge you to take action to save the Apple Vision PRO and turn it into a revolutionary flight simulator. I believe that the Vision PRO has the potential to completely transform the world of flight simulation, but it needs your support to reach its full potential. Unleashing the Vision PRO's Potential: A Game-Changer in Flight Simulation The Vision PRO is a unique and powerful device that holds immense promise for delivering an unparalleled level of immersion and realism in flight simulation. However, current sales figures indicate that it is not yet reaching its full potential. I believe this can be attributed to several factors, including: Limited Marketing and Promotion: The Vision PRO has not been effectively marketed to its target audience, comprising pilots, flight schools, aviation enthusiasts, and gamers. Lack of Dedicated Flight Simulation Software: Currently, there is a scarcity of high-quality flight simulation software specifically designed for the Vision PRO. Absence of Strategic Partnerships: Apple has not formed partnerships with major aviation or flight simulation companies to promote and develop the Vision PRO. Transforming the Vision PRO into a Flight Simulation Powerhouse I am confident that by addressing these issues, Apple can transform the Vision PRO into a resounding success. Here are some specific recommendations: Invest in a Comprehensive Marketing Campaign: Apple should target its marketing efforts towards pilots, flight schools, aviation enthusiasts, highlighting the Vision PRO's unique capabilities. Partner with Leading Flight Simulation Software Developers: Apple should collaborate with developers to create top-notch flight simulation software tailored specifically for the Vision PRO, maximizing its potential. Forge Strategic Partnerships with Industry Leaders: Apple should partner with major aviation and flight simulation companies to promote and develop the Vision PRO, leveraging their expertise and reach. A Call to Action: Unleashing the Vision PRO's Revolutionary Potential I am convinced that by implementing these steps, the Vision PRO can become the premier flight simulator on the market, revolutionizing the way people train to become pilots, hone their skills, and simply enjoy the thrill of flight. I urge you to give this matter your serious consideration. The Vision PRO is a truly exceptional product that has the potential to make a real difference in the world. With your support, it can reach its full potential and become a groundbreaking product. Thank you for your time and consideration. Sincerely, Pascal
2
0
593
Jul ’24
MDM ReturnToService not working as expected on iOS 18 Beta 3
just upgraded my local iPhone 15 to iOS 18 Beta 3, and I enrolled the device to MDM server. Then ran EraseDevice command with ReturnToService as enabled. https://developer.apple.com/documentation/devicemanagement/erasedevicecommand/command/returntoservice MDM command request body: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Command</key> <dict> <key>DisallowProximitySetup</key> <false/> <key>PreserveDataPlan</key> <true/> <key>RequestType</key> <string>EraseDevice</string> <key>ReturnToService</key> <dict> <key>Enabled</key> <true/> <key>WiFiProfileData</key> <data>WiFi Profile Base64</data> <key>MDMProfileData</key> <data>MDM Profile Base64</data> </dict> </dict> <key>CommandUUID</key> <string>0001_EraseDevice</string> </dict> </plist> MDM executed the command successfully. The device erased itself, and opened Hello Screen after few secs, but device did not went to the Home Screen, however same works fine on iOS 17.
0
0
434
Jul ’24
WPA2-Enterprise Wi-Fi on Login Page
We need to do some operations in a login screen, but when the user uses a WPA2-Enterprise network, the authentication to this network is only possible after the login process has already been completed. Is there a way to change the network on login screen or a way to authenticate on the WPA2-Enterprise network before a completed login? STEPS TO REPRODUCE 1 - Use a WPA2-Enterprise 2 - Set WPA2-Enterprise as Auto-Join/Principal 3 - Reboot the Machine 4 - On the logon screen it's impossible to authenticate on the enterprise network even then type the username and password.
0
0
504
Jul ’24
IKEv2 vpn profile with self-signed certificate
I am having two issues with an IKEv2 VPN profile and certificates, and I am using Apple Configurator to create the profile. We have a self-signed CA that consists of an intermediate/root chain. The first issue is that when I load the intermediate and/or root into the Certificates section, then, in the VPN section, select Certificate for Machine Authentication, the VPN doesn't connect, and from Console, we get the error "Trust evaluate failure: [leaf MissingIntermediate]." If I load the server cert, the profile connects. I am lost as to why this works, I would assume we would need only the intermediate and/or root. Second issue I am running into, is that when I put the Intermediate CA name into "Server Certificate Issuer Common Name" the VPN does not connect at all. With the server cert or not. If I can provide any more information at all, please let me know. With this being a public forum, I didn't want to include much from my organization but can send it privately. Thank you in advance for any assistance. Screenshot of the console error is attached
0
0
494
Jul ’24
Clarification on ‘org_email’ Response in ABM Account API
When making a GET request to the ABM Account API at https://mdmenrollment.apple.com/account, we receive a response that includes an org_email field. However, we’ve noticed that the value of org_email varies. Sometimes it corresponds to an account with the role of Administrator, while other times it comes from account with roles Device Enrolment Manager, Content Manager and People Manager. We seek clarification on the following points: Which roles determine the org_email sent in the response? Is the org_email coming in API response always same or does it change when we hit the APIs in multiple times. org_email in this response: https://developer.apple.com/documentation/devicemanagement/accountdetail
0
1
471
Jul ’24
Password prompt for CardDAV policy on re-installing the same profile
Enrol Supervised iOS device. Push an CardDAV policy for the above device, the contacts gets synced in the native Contacts app as expected. (https://developer.apple.com/documentation/devicemanagement/carddav) When the above same profile is re-installed in the above device, the synced contacts are lost and password prompt is shown to enter the password - even though the installed profile contains password for the CardDAV policy. Password prompt from the device Re-Installed configuration <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>35ee541b-fec0-46b0-bd48-bcc0702ab60b</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadOrganization</key> <string>MDM</string> <key>PayloadIdentifier</key> <string>com.mdm.ec89620f-2905-4c14-b09d-7e9f17944468.CardDAV</string> <key>PayloadDisplayName</key> <string>CardDAV</string> <key>PayloadRemovalDisallowed</key> <true/> <key>PayloadContent</key> <array> <dict> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>07c423b5-8ae2-4e6e-9336-aa9ca850d6c9</string> <key>PayloadType</key> <string>com.apple.carddav.account</string> <key>PayloadOrganization</key> <string>MDM</string> <key>PayloadIdentifier</key> <string>07cV423b5-8ae2-4e6e-9336-aa9ca850d6c9</string> <key>PayloadDisplayName</key> <string>CardDAV Policy</string> <key>CardDAVAccountDescription</key> <string>****</string> <key>CardDAVHostName</key> <string>www.googleapis.com</string> <key>CardDAVPassword</key> <string>****</string> <key>CardDAVPort</key> <integer>443</integer> <key>CardDAVPrincipalURL</key> <string></string> <key>CardDAVUseSSL</key> <true/> <key>CardDAVUsername</key> <string>****</string> </dict> </array> </dict> </plist> Feedback ID : FB14250521
0
0
492
Jul ’24
Screentime restriction interfering with MDM passcode policy
Enrol Supervised iOS device Turn ON screen time restriction by opening Settings app -> Content & Privacy restrictions -> Passcode & Face ID -> Don’t Allow. Now install a Passcode policy profile via MDM with the key “forcePIN” set to “true”, such that the device is needed to change the passcode in device. By following above steps, the profile fails. The failure response from the device states that passcode restriction is applied in the device, “The profile ‘Profilename’ may require a passcode change but the passcode cannot be modified.” This is an incorrect behaviour as MDM should have more control over the screen-time restriction as well. Error response from the device <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallProfile</string> <key>ErrorChain</key> <array> <dict> <key>ErrorCode</key> <integer>4001</integer> <key>ErrorDomain</key> <string>MCInstallationErrorDomain</string> <key>LocalizedDescription</key> <string>Profile Installation Failed</string> <key>USEnglishDescription</key> <string>Profile Installation Failed</string> </dict> <dict> <key>ErrorCode</key> <integer>4026</integer> <key>ErrorDomain</key> <string>MCInstallationErrorDomain</string> <key>LocalizedDescription</key> <string>The profile **** may require a passcode change but the passcode cannot be modified.</string> <key>USEnglishDescription</key> <string>The profile **** may require a passcode change but the passcode cannot be modified.</string> </dict> </array> <key>Status</key> <string>Error</string> <key>UDID</key> <string>****</string> </dict> </plist> Feedback ID : FB14249704
0
0
517
Jul ’24
OTA installation
I'm having an issue on ad-hoc OTA installation. I get my app archive via distribution (being automatically signed) with manifest.plist for OTA and upload it to dropbox account. However itms-service's action=download-manifest does not work for me with the dropbox URLs. I get the download link and add it to the manifest.plist. And then goes the link to download the manifest itself: itms-services://?action=download-manifest&url=https://www.dropbox.com/scl/fi/rzzlmbgx0duvd5gjb84uf/ManifestName.plist?rlkey=9j96n42qq8t1vwhcf3e7gxj8c&st=2hbhkidc&dl=1 I put the link on another web-site but it's not working. Nothing happens by pushing an install button with redirection link inside. And if I just copy the link and paste it in new page URL Safari asks me if I want to open it via iTunes and then still goes nothing. I'm not sure this is an issue either on apple and my app or dropbox with their links generation. Like a year ago it worked with the old link-generation. There was not rlkey parameter and the link ended with .../manifest.plist. Please suggest me if I miss something and maybe should re-check some options on my app or distribution or something. Or I should ask for dropbox's support help
0
0
409
Jul ’24
One of four In House enterprise apps won't install after downloading
I appreciate any suggestions on a problem we're having. Here's what's happening: We use Visual Studio to create Xamarin and MAUI apps. We have several apps that all have In-House provisioning profiles attached to the same certificate. Developers upload ipa files to our internal website, so our QA team can install and test them. We have done this in this way for several years. As of a month or so ago, one of these apps will not install after download. Under the app icon on the device there is a download icon before the app name, and tapping the icon receives in the error message, "This app cannot be installed because its integrity could not be verified." Something else that stated around the same time is that while the name of our enterprise certificate "iPhone Distribution OurCompanyName" shows in the Signing Identity dropdown. When we select it and open the list again, the list now also has "Unknown (iPhone Distribution OurCompanyName)" as a selection. Timing can't be a coincidence. It must be connected to the problem. I have made new certificates and provisioning profiles (Ad-Hoc and In-House) several times, but nothing I have tried over the past three days has worked. And, as I mentioned, we have many other apps that work just fine.
1
1
439
Jun ’24
Need info on Password change reminder on macOS
We are configuring a passcode policy through MDM where the password expiration is set to 2 months for local accounts (not domain joined). Occasionally, we receive prompts to change the password a few days before it expires. Please refer to the image below. We would like to clarify the following: What is the default timing for these reminders? Specifically, how many days before the password expiration do these prompts typically start appearing? Can we adjust the number of days before these reminders appear? If yes, can this adjustment be made through MDM settings or via a script?
0
4
478
Jul ’24
How to create a user account without a password?
Long time ago, probably more than 10-15 years ago, I could create a user account without a password. I have since migrated my whole setup through many generations of hardware and updates to MacOS and still have an account that doesn't have a password (you just click on it and it logs in directly alternatively you enter the name and press enter, no password needed). However, since many years the UI used to create a new user doesn't allow you to leave the password field empty. How can I, using a current version of MacOS, create another account like my old password-less account? From the command line or the UI. Alternatively, can I remove the password from an existing account? I have looked into this before and found instructions, which I think I followed, unsuccessfully, to use the Netinfo Manager (this is oooold!), dscl etc, so far to no avail
0
0
454
Jul ’24
PAC url configuration through JAMF breaks Captive Portal Login
We are using JAMF profile to configure automatic proxy configuration URL on macOS. The configuration looks as following: #scutil --proxy &lt;dictionary&gt; { BypassAllowed : 0 ExceptionsList : &lt;array&gt; { 0 : https://exception.com } FTPPassive : 0 FallBackAllowed : 0 HTTPEnable : 0 HTTPSEnable : 0 ProxyAutoConfigEnable : 1 ProxyAutoConfigURLString : https://pac.com/FailbackWithExclusionsENDUSERS.pac SOCKSEnable : 0 } This configuration works fine with normal network. When user tries to connect to a Captive Portal Network, the captive portal login page does not appear but an error page appears as shown below We need help to identify what is wrong with this configuration causing this error.
0
0
389
Jul ’24
Package installation on macOS is failing due to a com.apple.appstored.xpc exception - MDM
When a package is published via MDM using the Install Enterprise app command provided by Apple On one of the devices, this command is failing with com.apple.appstored.xpc exception but works fine on other macOS devices having the same restrictions and OS version. We tried restarting the device and also the appstored process via Activity Monitor but it was in vain. I am attaching system logs that contain the exception and stack trace when the command failed. ExceptionLogs
1
6
608
Jul ’24
Intune SCEP User Certificates deploy only to System Keychain
I am working with Microsoft Engineers regarding an Intune SCEP User certificate always defaulting and deploying to System keychain. I have MobileIron in my environment and it is able to deploy SCEP User certificates to the User keychain without issues. Is there any insight that Apple or anyone else can provide on how to overcome this limitation with Intune SCEP and iOS/iPadOS? Microsoft has made it clear to me this is by design with Apple on Intune and deferred the SME insight to Apple. The only documentation I have found from Microsoft related to this is below and see the Note it only mentions macOS but it also applies to iOS/iPadOS. https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep Note Storage of certificates provisioned by SCEP: o macOS - Certificates you provision with SCEP are always placed in the system keychain (System store) of the device.
0
0
365
Jul ’24
App installation failed with error code - 12026
Im experiencing an error code 12026 when trying to install an app with iTunes Store ID 1163307568 and has tried various solutions but is still unable to install the app. Tried revoking the licenses and pushing the apps again but the error prompt persists. We have also tried syncing VPP, checking the app license, and purchasing a mild surplus, but still getting the error.
1
0
561
Jul ’24
App Custom URL to be blocked to Managed Apps only
My application supports Custom URL Schema which is used to perform an open operation. My application is used as a helper app for MDM, hence it will be installed as a Managed Application. I want only the other Managed Applications to be able to invoke the Custom URL Schema and not allow it for unmanaged applications. Is there any such provision provided by Apple MDM protocol?
1
0
449
Jun ’24