This week was a very exciting time in the Apple Community following all the announcements at WWDC, including iOS 9, OS X 10.11 (El Capitan) and watchOS.
One of the interesting aspects are the new management features for iOS 9 and OS X 10.11 that will be released soon, some of which I have summarised below.
One of the interesting aspects are the new management features for iOS 9 and OS X 10.11 that will be released soon, some of which I have summarised below.
Device Enrolment Program
For devices enrolled into Apple’s Device Enrolment Program some interesting new features are being added.
- Enrolment Optimisation: This new option keeps the device in the setup assistant until all profiles have been installed by your MDM Server. The setup assistant can then be released. This is supported on iOS 9 and OS X 10.11. This is a great way to make sure the device is completely setup before the user can create an account and log in.
- Account Creation: For OS X 10.11 you will be able to prevent the creation of local accounts, so only allowing network accounts to be used.
- Set Passcode Policy: For OS X 10.11 you will be able to specify password policies for any new account that are created.
- Via MDM, Your MDM Server will be able to create a standard user account for your user to login with.
- Via MDM, Your MDM Server will be able to create an optional hidden admin account.
- Automated Enrolment: For iOS 9 you will be able to automatically enrol the device with no user involvement via the new Apple Configurator 2. Apple Configurator 2 will be able to query your MDM for the correct URLS and apply them to the devices attached.
Distribution
- VPP Managed Distribution – Multinational App Assignment. You will be able to purchase an App via VPP. Then distribute it to any country that either has or has not got VPP. The only criteria is that the app you are purchasing must be available in the iTunes store in that country. This is a great feature for multi national companies.
- VPP Assign to devices. You will be able to assign any VPP app to a device. This is a big and often requested feature. This means no Apple id is required. The app gets assigned to the device itself. Great for shared device scenarios. The MDM can then control the installation and update these apps without user intervention. Apple will provide a way to migrate existing VPP apps from user assignment to device assignment.
- Caching Server –Will be able to cache iCloud Drive Docs, Cloudkit data, iCloud Photo library, on-demand app resources. All data will be encrypted with the keys available only to the device the data belongs to.
Management
- iOS 9 and OS X – MDM Servers will be able to force clients to update both apps and the OS. You can also perform a staged download so you can install the update on all devices at the same time.
- Config Profiles – Network Usage Rules – Managed apps can be restricted to which network they can use, cell data or roam.
- Restrictions – There are a bunch of new restrictions that you will be able to deploy including: Don’t Trust new enterprise apps authors, Treat Airdrop as an un-managed destination, Automatic app downloads, iCloud photo library and keyboard shortcuts.
- Restrictions – You will be able to prevent users from modifying the device name, passcode and wallpaper.
- Restrictions – Restrict the pairing with Apple Watch.
Apple Configurator 2
If you can, I suggest you download the beta for Apple Configurator 2. It’s shaping up to be a great update. It’s had a massive make over. I would also recommend that you check out this talk at WWDC, which features some fantastic demos.
If you can, I suggest you download the beta for Apple Configurator 2. It’s shaping up to be a great update. It’s had a massive make over. I would also recommend that you check out this talk at WWDC, which features some fantastic demos.
All in all – we have some great stuff to look forward to.