I am attempting to apply the softwareupdate.enforcement.specific declaration on a device. The first time it is processed it is applied successfully.
I then generate a new set of declarations for the device and send a sync command to the device with the new server token. The management.status-subscriptions declaration and the activation.simple declaration are both applied successfully, even though the contain the same content and server token, but a different identifier than the original declarations. For some reason, the softwareupdate.enforcement.specific declaration fails to be applied and the reason is reported as
[kSUCoreErrorDDMInvalidDeclarationFailure] New declaration is a duplicate
The original softwareupdate.enforcement.specific identifier is not included in the new declaration-items response, only the new identifier. I would expect the device to remove the existing declaration and apply the new one, even if it is a duplicate of a declaration no longer specified for the device.
Has anyone else run across this issue?
Explore the intersection of business and app development. Discuss topics like device management, education, and resources for aspiring app developers.
Post
Replies
Boosts
Views
Activity
Process: Bluebook [801]
Path: /Applications/Bluebook.app/Contents/MacOS/Bluebook
Identifier: org.collegeboard.bluebook
Version: 1.13.1 (1077)
App Item ID: 1645016851
App External ID: 867444785
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: Bluebook [801]
User ID: 501
Date/Time: 2024-08-05 02:29:59.241 +0500
OS Version: macOS 11.7.10 (20G1427)
Report Version: 12
Anonymous UUID: C3EAD369-FD01-83EA-E8E5-9651AF86A6B6
Time Awake Since Boot: 1000 seconds
System Integrity Protection: enabled
Crashed Thread: 1 Dispatch queue: com.apple.root.utility-qos
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [801]
VM Regions Near 0:
-->
__TEXT 108d70000-108e5f000 [ 956K] r-x/r-x SM=COW /Applications/Bluebook.app/Contents/MacOS/Bluebook
Thread 0:: Dispatch queue: com.apple.root.user-interactive-qos
0 libsystem_kernel.dylib 0x00007fff206689ce __ulock_wait + 10
1 libdispatch.dylib 0x00007fff204f2fd7 _dlock_wait + 44
2 libdispatch.dylib 0x00007fff204f2e67 _dispatch_thread_event_wait_slow + 40
3 libdispatch.dylib 0x00007fff205040d4 _dispatch_apply_invoke_and_wait + 264
4 libdispatch.dylib 0x00007fff20503b97 dispatch_apply_f + 787
5 com.apple.CoreFoundation 0x00007fff20899e5c __104-[CFPrefsSearchListSource synchronouslySendDaemonMessage:andAgentMessage:andDirectMessage:replyHandler:]_block_invoke.81 + 97
6 com.apple.CoreFoundation 0x00007fff2074bfcf CFPREFERENCES_IS_WAITING_FOR_SYSTEM_AND_USER_CFPREFSDS + 74
7 com.apple.CoreFoundation 0x00007fff2074be6f -[CFPrefsSearchListSource synchronouslySendDaemonMessage:andAgentMessage:andDirectMessage:replyHandler:] + 181
8 com.apple.CoreFoundation 0x00007fff2074a915 -[CFPrefsSearchListSource alreadylocked_generationCountFromListOfSources:count:] + 220
9 com.apple.CoreFoundation 0x00007fff2074a64f -[CFPrefsSearchListSource alreadylocked_getDictionary:] + 391
10 com.apple.CoreFoundation 0x00007fff20787dfd -[CFPrefsSearchListSource addPreferencesObserver:] + 125
11 com.apple.CoreFoundation 0x00007fff2074298a __108-[_CFXPreferences(SearchListAdditions) withSearchListForIdentifier:container:cloudConfigurationURL:perform:]_block_invoke + 361
12 com.apple.CoreFoundation 0x00007fff2089a621 -[_CFXPreferences withSearchListForIdentifier:container:cloudConfigurationURL:perform:] + 372
13 com.apple.CoreFoundation 0x00007fff20787cf5 -[_CFXPreferences registerUserDefaultsInstance:configurationURL:] + 142
14 com.apple.CoreFoundation 0x00007fff20787c35 _CFPrefsRegisterUserDefaultsInstanceWithCloudConfigurationURL + 84
15 com.apple.Foundation 0x00007fff214db2f2 _NSKeyValueReplaceObservationInfoForObject + 125
16 com.apple.Foundation 0x00007fff214da481 -[NSObject(NSKeyValueObserverRegistration) _addObserver:forProperty:options:context:] + 471
17 com.apple.Foundation 0x00007fff214d981a -[NSObject(NSKeyValueObserverRegistration) addObserver:forKeyPath:options:context:] + 93
18 com.apple.WebKit 0x00007fff3c8f49bb -[WKWebInspectorPreferenceObserver init] + 147
19 com.apple.WebKit 0x00007fff3c8f491f +[WKWebInspectorPreferenceObserver sharedInstance] + 29
20 com.apple.WebKit 0x00007fff3c6c0e55 WebKit::WebProcessPool::WebProcessPool(API::ProcessPoolConfiguration&) + 2185
21 com.apple.WebKit 0x00007fff3c56ed8f -[WKProcessPool _initWithConfiguration:] + 91
22 com.apple.WebKit 0x00007fff3c56edcd -[WKProcessPool init] + 44
23 com.apple.WebKit 0x00007fff3c58621e -[WKWebViewConfiguration processPool] + 27
24 com.apple.WebKit 0x00007fff3c585dd9 -[WKWebViewConfiguration copyWithZone:] + 145
25 com.apple.WebKit 0x00007fff3c57b541 -[WKWebView initializeWithConfiguration:] + 86
26 com.apple.WebKit 0x00007fff3c57c936 -[WKWebView initWithFrame:configuration:] + 98
27 org.collegeboard.bluebook 0x0000000108d78be2 0x108d70000 + 35810
28 org.collegeboard.bluebook 0x0000000108d89a56 0x108d70000 + 105046
29 org.collegeboard.bluebook 0x0000000108d7250b 0x108d70000 + 9483
30 com.apple.SwiftUI 0x00007fff4282d3f5 FallbackDelegateBox.delegate.getter + 63
31 com.apple.SwiftUI 0x00007fff422b35e0 AppDelegate.init(appGraph:) + 196
32 com.apple.SwiftUI 0x00007fff427ee154 runApp(:) + 154
33 com.apple.SwiftUI 0x00007fff423d7d31 static App.main() + 61
34 org.collegeboard.bluebook 0x0000000108d74216 0x108d70000 + 16918
35 libdyld.dylib 0x00007fff206b7f3d start + 1
what is the solution?
Process: Bluebook [801]
Path: /Applications/Bluebook.app/Contents/MacOS/Bluebook
Identifier: org.collegeboard.bluebook
Version: 1.13.1 (1077)
App Item ID: 1645016851
App External ID: 867444785
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: Bluebook [801]
User ID: 501
Date/Time: 2024-08-05 02:29:59.241 +0500
OS Version: macOS 11.7.10 (20G1427)
Report Version: 12
Anonymous UUID: C3EAD369-FD01-83EA-E8E5-9651AF86A6B6
Time Awake Since Boot: 1000 seconds
System Integrity Protection: enabled
Crashed Thread: 1 Dispatch queue: com.apple.root.utility-qos
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [801]
VM Regions Near 0:
-->
__TEXT 108d70000-108e5f000 [ 956K] r-x/r-x SM=COW /Applications/Bluebook.app/Contents/MacOS/Bluebook
Thread 0:: Dispatch queue: com.apple.root.user-interactive-qos
0 libsystem_kernel.dylib 0x00007fff206689ce __ulock_wait + 10
1 libdispatch.dylib 0x00007fff204f2fd7 _dlock_wait + 44
2 libdispatch.dylib 0x00007fff204f2e67 _dispatch_thread_event_wait_slow + 40
3 libdispatch.dylib 0x00007fff205040d4 _dispatch_apply_invoke_and_wait + 264
4 libdispatch.dylib 0x00007fff20503b97 dispatch_apply_f + 787
5 com.apple.CoreFoundation 0x00007fff20899e5c __104-[CFPrefsSearchListSource synchronouslySendDaemonMessage:andAgentMessage:andDirectMessage:replyHandler:]_block_invoke.81 + 97
6 com.apple.CoreFoundation 0x00007fff2074bfcf CFPREFERENCES_IS_WAITING_FOR_SYSTEM_AND_USER_CFPREFSDS + 74
7 com.apple.CoreFoundation 0x00007fff2074be6f -[CFPrefsSearchListSource synchronouslySendDaemonMessage:andAgentMessage:andDirectMessage:replyHandler:] + 181
8 com.apple.CoreFoundation 0x00007fff2074a915 -[CFPrefsSearchListSource alreadylocked_generationCountFromListOfSources:count:] + 220
9 com.apple.CoreFoundation 0x00007fff2074a64f -[CFPrefsSearchListSource alreadylocked_getDictionary:] + 391
10 com.apple.CoreFoundation 0x00007fff20787dfd -[CFPrefsSearchListSource addPreferencesObserver:] + 125
11 com.apple.CoreFoundation 0x00007fff2074298a __108-[_CFXPreferences(SearchListAdditions) withSearchListForIdentifier:container:cloudConfigurationURL:perform:]_block_invoke + 361
12 com.apple.CoreFoundation 0x00007fff2089a621 -[_CFXPreferences withSearchListForIdentifier:container:cloudConfigurationURL:perform:] + 372
13 com.apple.CoreFoundation 0x00007fff20787cf5 -[_CFXPreferences registerUserDefaultsInstance:configurationURL:] + 142
14 com.apple.CoreFoundation 0x00007fff20787c35 _CFPrefsRegisterUserDefaultsInstanceWithCloudConfigurationURL + 84
15 com.apple.Foundation 0x00007fff214db2f2 _NSKeyValueReplaceObservationInfoForObject + 125
16 com.apple.Foundation 0x00007fff214da481 -[NSObject(NSKeyValueObserverRegistration) _addObserver:forProperty:options:context:] + 471
17 com.apple.Foundation 0x00007fff214d981a -[NSObject(NSKeyValueObserverRegistration) addObserver:forKeyPath:options:context:] + 93
18 com.apple.WebKit 0x00007fff3c8f49bb -[WKWebInspectorPreferenceObserver init] + 147
19 com.apple.WebKit 0x00007fff3c8f491f +[WKWebInspectorPreferenceObserver sharedInstance] + 29
20 com.apple.WebKit 0x00007fff3c6c0e55 WebKit::WebProcessPool::WebProcessPool(API::ProcessPoolConfiguration&) + 2185
21 com.apple.WebKit 0x00007fff3c56ed8f -[WKProcessPool _initWithConfiguration:] + 91
22 com.apple.WebKit 0x00007fff3c56edcd -[WKProcessPool init] + 44
23 com.apple.WebKit 0x00007fff3c58621e -[WKWebViewConfiguration processPool] + 27
24 com.apple.WebKit 0x00007fff3c585dd9 -[WKWebViewConfiguration copyWithZone:] + 145
25 com.apple.WebKit 0x00007fff3c57b541 -[WKWebView initializeWithConfiguration:] + 86
26 com.apple.WebKit 0x00007fff3c57c936 -[WKWebView initWithFrame:configuration:] + 98
27 org.collegeboard.bluebook 0x0000000108d78be2 0x108d70000 + 35810
28 org.collegeboard.bluebook 0x0000000108d89a56 0x108d70000 + 105046
29 org.collegeboard.bluebook 0x0000000108d7250b 0x108d70000 + 9483
30 com.apple.SwiftUI 0x00007fff4282d3f5 FallbackDelegateBox.delegate.getter + 63
31 com.apple.SwiftUI 0x00007fff422b35e0 AppDelegate.init(appGraph:) + 196
32 com.apple.SwiftUI 0x00007fff427ee154 runApp(:) + 154
33 com.apple.SwiftUI 0x00007fff423d7d31 static App.main() + 61
34 org.collegeboard.bluebook 0x0000000108d74216 0x108d70000 + 16918
35 libdyld.dylib 0x00007fff206b7f3d start + 1
Hello Everyone,
I want to get into the Apple Intelligence space where I work on LLM and other AI models that can run on the edge. I am en route to get a MAC for this work. but till then can do any development with another non-apple laptop. I want to contribute to the work and is there any way that I can do it till then? I have a NVIDIA compatible laptop for other dev purposes with Windows.
I would like to inquire if I can use screenshots from maps for specific areas in my application. I plan to add various markers to the screenshots, which can be clicked to identify different types of areas, such as restaurants and bars. Do I need a separate permission for this, and if so, where can I obtain it? Is it possible to implement this, and what copyright considerations do I need to take into account for my business idea?
Currently system extension need to be activate through an .app, and then need to manual allow in System Settings, Privacy and Security Pane with root user password
How to install driver extension/system extension without any manual user click and just to install and allow all the permission using script?
The Check-in API is now used for declarative device management in addition to MDM authentication and token updates.
We would like to set a different endpoint for DDM requests only than for MDM authentication
So is it possible to configure different Check-in API endpoint for MDM and DDM?
For example, we would like to split the endpoints as follows
Endpoints for MDM authentication and token update
yourmdmhost.example.com/checkin
Endpoint for DDM
yourmdmhost.example.com/ddm-chcekin
Check-in API Documentation
https://developer.apple.com/documentation/devicemanagement/check-in
Hi.
I'm trying to use the following command to set a wallpaper on an iPhone :
/usr/local/bin/cfgutil -K "/Users/ladmin/Downloads/privateKey.der" -C "/Users/ladmin/Downloads/publicCert.der" --ecid 0xE64120151001E set-wallpaper -s home "/Users/ladmin/Downloads/mickey-iPhone-12-Pro-12-wallpaper.png"
The answer is always :
--- Summary ---
Operation "set-wallpaper" failed on 1 devices.
cfgutil: error: An internal error occurred. Unknown service request error.
(Domain: ConfigurationUtilityKit.error Code: 100)
The same type of command works with an iPad.
Apple Configurator 2 can set the wallpaper on the iPhone.
Is there something different to do with cfgutil when setting a wallpaper on an iPhone ?
Thanks for your insights !
Franck
I use then interface https://developer.apple.com/documentation/devicemanagement/device_assignment/activation_lock_a_device/creating_and_using_bypass_codes#3734453
to remove Activation Lock。
request url:https://deviceservices-external.apple.com/deviceservicesworkers/escrowKeyUnlock?serial=***&productType=***&imei=***&meid=***
then body is escrowKey、orgName、guid
and use APNs certificate when establishing the SSL connection
but return me:<ns:escrowKeyDeviceServicesResponse version="1" xmlns:ns="http://www.apple.com/cds/mdmescrowKeyDeviceServices/xml"></ns:escrowKeyDeviceServicesResponse>
We have encountered an issue while developing our own Apple MDM solution. The issue occurs in the activation lock scenario.
We have implemented the activation and deactivation of the activation lock feature in accordance with the following documentation.
1:https://developer.apple.com/documentation/devicemanagement/activation_lock_a_device
2:https://developer.apple.com/documentation/devicemanagement/device_assignment/activation_lock_a_device/creating_and_using_bypass_codes#3734453
Activationlock
Request URI : https://mdmenrollment.apple.com/device/activationlock
Request Method : POST
Request Headers : [Accept:"text/plain, application/json, application/*+json, /", X-ADM-Auth-Session:"1723449441118O1O649496FAD285FDC77565EC075E770547O90695212BB76419F8E43B2F68BE7A6C6O67033512O11Op1OA0EA85747E70D2D6941C4F6662166CAF22C2193COC298C61ECC7B9E9C14EB2A20305F7E41", X-Server-Protocol-Version:"3", Content-Type:"application/json", Content-Length:"133"]
Request Body : {"device":"K2LP4HQXJ4","escrow_key":"QRV7D-JPPMQ-Z90N-1VN8-L1PN-45Q2","lost_message":"xxxxx"}
Response : {"serial_number":"K2LP4HQXJ4","response_status":"SUCCESS"}
escrowKeyUnlock
Request URI : https://deviceservices-external.apple.com/deviceservicesworkers/escrowKeyUnlock?serial=K2LP4HQXJ4&imei=357174298879232&meid=35717429887923&productType=iPhone14,2
Request Method : POST
Request Headers : [Accept:"text/plain, application/json, application/*+json, /", Content-Type:"application/x-www-form-urlencoded", Content-Length:"189"]
Request Body : orgName=xxxxx&guid=xxxxx&escrowKey=QRV7D-JPPMQ-Z90N-1VN8-L1PN-45Q2
Response : 404 <ns:escrowKeyDeviceServicesResponse version="1" xmlns:ns="http://www.apple.com/cds/mdmescrowKeyDeviceServices/xml"></ns:escrowKeyDeviceServicesResponse>
Who can help me check if there are any errors in the way I'm calling these two APIs, and how to correct them?
Hi all,
We've been given the opportunity to beta test an app at my school and we have been asked to download the Test Flight app to enable it to run. Unfortunately it's not possible to use Test Flight with a managed Apple ID. All our staff and pupils' iPads are signed in with a managed Apple ID.
It's a shame to pass up this opportunity, but I can't see any way around it... does anyone have any alternatives (apart from creating and using a non-managed Apple ID, which isn't feasible).
Thanks in advance,
Jacob
In the latest macOS 15 system, we've noted that end users have the capability to disable and prevent the launch of system extensions via system settings.
I'm curious to know whether Apple plans to offer MDM configurations to deter end users from performing such actions.
Is there any good framework that can be used in educational app as Learning Management System (LMS).
Should be full fledge for creating courseware for E Learning App.
Should be compatible with all Apple Platforms.
Any help or link will be greatly appreciated. As I didn't found anything that mentions designed for Xcode. All LMS belong to Web based apps.
In MDM Software Update settings(https://developer.apple.com/documentation/devicemanagement/softwareupdate), there is a key "restrict-software-update-require-admin-to-install" which apparently controls if the standard users are allowed to install apps and software updates.
But so far, even if this is set to true, a standard user is able to download apps from Appstore.
We noticed that when we publish a pkg to be installed via MDM, then that does not get installed if the above setting is set to true.
Please provide clarity on what this setting controls.
The customer's ABM account has been locked,i can't get token with DEP Server Token.Is there any ways to release device from ABM with some api or softwares.
I hope no remote management page during the activation process settings after i restore factory settings.
Thanks in advance.
Hello,
We are trying to use the Managed App Distribution framework with our mdm following the documentation here : https://developer.apple.com/documentation/managedappdistribution
But on the first load we don't get anything, the app keep getting stuck inside the following code without sending an error or getting the managed apps
for try await result in ManagedAppLibrary.currentDistributor.availableApps {
content = try result.get().map(Content.managedApp)
}
If we update the list of available managed apps in our mdm, the function execute and so we have all the apps displayed as expected, but if we close and re-open the app it'll again not display anything until we update the managed apps list.
How can we fetched our managed apps at anytime and not only when the list is updated ? Why this method seems to be waiting for an update instead of just fetching the available managed apps when we call it ?
Hello, I have received Enterprise.license from Apple and I am trying to implement main Camera access for Vision Pro by following https://developer.apple.com/videos/play/wwdc2024/10139/. Here is my camera function.
func takePicture() async {
let formats = CameraVideoFormat.supportedVideoFormats(for: .main, cameraPositions:[.left])
let cameraFrameProvider = CameraFrameProvider()
var arKitSession = ARKitSession()
var pixelBuffer: CVPixelBuffer?
await arKitSession.queryAuthorization(for: [.cameraAccess])
do {
try await arKitSession.run([cameraFrameProvider])
} catch {
return
}
guard let cameraFrameUpdates =
cameraFrameProvider.cameraFrameUpdates(for: formats[0]) else {
return
}
for await cameraFrame in cameraFrameUpdates {
guard let mainCameraSample = cameraFrame.sample(for: .left) else {
continue
}
pixelBuffer = mainCameraSample.pixelBuffer
let image = UIImage(ciImage: CIImage(cvPixelBuffer: pixelBuffer!))
print(image)
UIImageWriteToSavedPhotosAlbum(image, nil, nil, nil)
}
}
}
My problem is debug stops at this line.
guard let cameraFrameUpdates = cameraFrameProvider.cameraFrameUpdates(for: formats[0]) else { return
}
Why does it happen so and what else do I need to do?
Hi, I am using the Create Report functions under Payments and Financial Reports. Does anyone know what is the time zone that Apple use for that report?
Hello,
I am working on a MDM solution. I am facing issue to while Activation Unlock Iphone by MDM server. I am following this https://developer.apple.com/documentation/devicemanagement/device_assignment/activation_lock_a_device/creating_and_using_bypass_codes documentation as reference.
I am able to activation lock the device from mdm server but while unlocking the device I am getting below error
"?xml version="1.0" encoding="UTF-8"?>
ns:escrowKeyDeviceServicesResponse version="1" xmlns:ns="http://www.apple.com/cds/mdmescrowKeyDeviceServices/xml">
error code="1002" message="com.apple.cds.cyclops.mdm.MDMServiceException: No registered escrow key found"/>
/ns:escrowKeyDeviceServicesResponse>"
I am sending below request for Unlock
Url=https://deviceservices-external.apple.com/deviceservicesworkers/escrowKeyUnlock?Device_Serial=XXXXXXXX&productType=iPhone12,8&imei=XXXXXXX&imei2=XXXXXXXXXXXXXX&meid=XXXXXXXXXX
Body=escrowKey=VT2DK-YR647-HWAY-096C-ER7P-89J1&orgName=ORGNAME&guid=9C1AE0D42A38A23AFFE59
Below working request for Activation Lock
URL=https://mdmenrollment.apple.com/device/activationlock
Body =
{
"Device" :"Serial_Number",
"EscrowKey" :"B83C6E662299F3AF202656C4D7A434A319A34241A2892792132EECE56F6D898A",
"LostMessage":"Message"
}
Any idea what could cause this error.
Hi, Team:
I developed a network filter and used MDM to issue a description file. By configuring AllowedSystemExtensions, I can avoid the reminder of loading system extensions during installation. However, when savingToPreferencesWithCompletionHandler, I will still be reminded that my network data is monitored. How can I configure MDM to avoid this reminder?
And why can I still delete the filter from the network filter conditions even though I configured it in mobileconfig in the following way. NonRemovableFromUISystemExtensions
com.mysystemextensionid