Hi Community, We are happy to see how apple is committed towards making the true Single Sign On Experience and provide Seamless user experience. Hence We have been testing around The ExtensibleSingleSignOn profile specific payload using the Extension provided by Microsoft for Azure AD called CompanyPortal for macOS and Authenticator App for iOS respectively in both we have tried to deny the SSO flow for some native apps like Excel and Word, by specifying their bundle id's in key "DeniedBundleIdentifiers" provided in ExtensibleSingleSignOn profile. Even though we specify, these Apps seems to go with SSO flow and have not prompted for any credentials. May I know what is the behaviour of the key "DeniedBundleIdentifiers" and why in this case didn't block the SSO flow? And also to have some Knowledge on it. Is it the responsibility of the Extensions to block the Redirection from these Apps or the responsibility of Apple?

Payload associated to the device : <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>1b5a9bc1-8c80-4ea8-a98d-1a2e8dcb9ac2</string> <key>PayloadType</key> <string>com.apple.mobiledevice.passwordpolicy</string> <key>PayloadOrganization</key> <string>MD � �M</string> <key>PayloadIdentifier</key> <string>1b5a9bc1-8c80-4ea8-a98d-1a2e8dcb9ac2</string> <key>PayloadDisplayName</key> <string>Passcode Policy</string> <key>forcePIN</key> <true/> <key>allowSimple</key> <true/> <key>changeAtNextAuth</key> <false/> <key>minLength</key> <integer>6</integer> <key>maxFailedAttempts</key> <integer>6</integer> Everything works as expected. No unexpected behaviour. Out Problem is , we are unable to identify whether the device got wiped due to maxfailedattempt exceeded or due to any Reset actions in Settings. We have no response from the device , on exceeding maximumfailed attempts. If there is any message response for this exceeded command, It will better for us to differentiate the complete wipe action’s source. Also Raised in Apple Feedback : Id FB11498866

Hi, We are testing the ACMECertificate payload and noticed that in the device's configuration, the key size is displayed as 0. Thanks in advance.

Hi, For the SCEP payload's SAN, we are able to provide an array of strings for each key (dNSName, ntPrincipalName). <dict> <key>ntPrincipalName</key> <string>email</string> <key>rfc822Name</key> <array> <string>email</string> <string>email2</string> </array> <key>dNSName</key> <array> <string>test.com</string> <string>example.com</string> </array> </dict> But the ACMECertificate payload is not accepting this and instead, returns the below error. The field “rfc822Name” is invalid. The field “dNSName” is invalid. Does the ACMECertificate payload support multiple SAN values for each key? Thanks for your time!

Hello All, We are looking to implement the ACME protocol for our organization PKI and as of now, we are trying out the demo ACME server hosted here. So far, we had a minor piece of luck in getting it to work properly twice, but after that, it errors out every time. This is the payload we are using: &amp;amp;lt;?xml version="1.0" encoding="UTF-8"?&amp;amp;gt; &amp;amp;lt;!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"&amp;amp;gt; &amp;amp;lt;plist version="1.0"&amp;amp;gt; &amp;amp;lt;dict&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadContent&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;dict&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;ClientIdentifier&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;123123123123123123123&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;ExtendedKeyUsage&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;1.3.6.1.5.5.7.3.2&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;HardwareBound&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;true/&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;KeySize&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;integer&amp;amp;gt;384&amp;amp;lt;/integer&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;KeyType&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;ECSECPrimeRandom&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;KeyUsage&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;integer&amp;amp;gt;5&amp;amp;lt;/integer&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadIdentifier&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;com.example.test&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadType&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;com.apple.security.acme&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadUUID&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;sdf-feec-4171-878d-34e576bbb813&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadVersion&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;integer&amp;amp;gt;1&amp;amp;lt;/integer&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;Subject&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;C&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;US&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;O&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;Example Inc.&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;array&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;CN&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;test&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;SubjectAltName&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;dict&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;dNSName&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;site.example.com&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/dict&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;DirectoryURL&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;https://ca.attestation.dev/acme/acme/directory&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;/dict&amp;amp;gt; &amp;amp;lt;/array&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadDisplayName&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;ACME&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadIdentifier&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;com.example.test&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadType&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;Configuration&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadUUID&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;string&amp;amp;gt;ce876f81-abf0-46f9-9e68-9b3a7ede8097&amp;amp;lt;/string&amp;amp;gt; &amp;amp;lt;key&amp;amp;gt;PayloadVersion&amp;amp;lt;/key&amp;amp;gt; &amp;amp;lt;integer&amp;amp;gt;1&amp;amp;lt;/integer&amp;amp;gt; &amp;amp;lt;/dict&amp;amp;gt; &amp;amp;lt;/plist&amp;amp;gt; We get the below errors from the ACME server: order status is "pending", not yet "valid" order status is "ready", not yet "valid" Any insights on what we are doing wrong could be helpful. Thanks in advance.

Issue description: A custom app is purchased from ABM portal for a location token. The license for the custom app is assigned to device and the "InstallApplication" command is sent to device. But the device gives "Invalid Status Code" in its response. Sample InstallApplication Request: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=1111</string> <key>Command</key> <dict> <key>RequestType</key> <string>InstallApplication</string> <key>iTunesStoreID</key> <integer>1639088235</integer> <key>InstallAsManaged</key> <true/> <key>ManagementFlags</key> <integer>5</integer> <key>Options</key> <dict> <key>PurchaseMethod</key> <integer>1</integer> </dict> <key>ChangeManagementState</key> <string>Managed</string> </dict> </dict> </plist> Sample InstallApplication Response: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=1111</string> <key>ErrorChain</key> <array> <dict> <key>ErrorCode</key> <integer>301</integer> <key>ErrorDomain</key> <string>AMSErrorDomain</string> <key>LocalizedDescription</key> <string>Invalid Status Code</string> </dict> </array> <key>RejectionReason</key> <string>Other</string> <key>State</key> <string>Failed</string> <key>Status</key> <string>Error</string> <key>UDID</key> <string>0000-0000-XXXX-XXXX-000000XXXX</string> </dict> </plist> The App store region of the device and the custom app are same. But the app is installing the device. Kindly help us with this issue

Issue Description: When trying to install a VPP purchased or non VPP App Store App in a iOS device using "InstallApplication" command from MDM, the device gives "Purchase Batch Failed" error in its response. Sample InstallApplication Request: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=11111</string> <key>Command</key> <dict> <key>RequestType</key> <string>InstallApplication</string> <key>iTunesStoreID</key> <integer>815193300</integer> <key>ManagementFlags</key> <integer>5</integer> <key>Options</key> <dict> <key>PurchaseMethod</key> <integer>1</integer> </dict> <key>ChangeManagementState</key> <string>Managed</string> <key>InstallAsManaged</key> <true/> </dict> </dict> </plist> Sample InstallApplication Response: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=11111</string> <key>ErrorChain</key> <array> <dict> <key>ErrorCode</key> <integer>1005</integer> <key>ErrorDomain</key> <string>DeviceManagement.error</string> <key>LocalizedDescription</key> <string>Could not install app.</string> </dict> <dict> <key>ErrorCode</key> <integer>12</integer> <key>ErrorDomain</key> <string>AMSErrorDomain</string> <key>LocalizedDescription</key> <string>Purchase Batch Failed</string> </dict> </array> <key>Status</key> <string>Error</string> <key>UDID</key> <string>0000-xxxxx-000000000</string> </dict> </plist> Kindly help understand this case and provide a solution for this. Thanks in advance.

Issue Description: Apps that support both iOS and tvOS can have different versions in App Store for each type(iOS and tvOS) but same Bundle Identifier and iTunesStoreID/trackID. For example, the iOS version of YouTube has the latest version in App Store as 17.30.3 the tvOS version of YouTube has the latest version in App Store as 2.07.01 This can be verified from two by two specific iTunes look Up API as shown below https://itunes.apple.com/lookup?id=544007664 https://itunes.apple.com/lookup?id=544007664&entity=tvSoftware Sample contentMetadataLookup URL: https://uclient-api.itunes.apple.com/WebObjects/MZStorePlatform.woa/wa/lookup?version=2&id=544007664&p=mdm-lockup&caller=MDM&platform=enterprisestore&cc=us&l=en Queries: What should we do to get the tvOS specific version of an app in contentMetadataLookup URL? The trackViewURL doesn't show tvOS specific version history of the app - https://apps.apple.com/us/app/youtube-watch-listen-stream/id544007664?platform=appleTV . How should we view this the apps' tvOS specific version history? Kindly help us with the queries.

Issue Description An tvOS device is enrolled in MDM and an App Store App (VPP App) is deployed in Apple TV (4K) with AppLock policy. App has an update in App Store and the app update is pushed to device from MDM. The InstallApplication command is sent to the device for the app update and the command response gives "Managed" state for the app. But the app doesn't update in the device. Incase if, the AppLock policy is removed from the device and then the app update is pushed, the app updates to latest version in device. Normally in iOS devices, if an app update is pushed and if the app is open in device with AppLock policy, the app closes automatically and the update is installed and app reopens automatically in AppLock mode without any user intervention. Is it the same behavior in tvOS devices or does the AppLock policy app update behavior change here? Kindly help us understand this use case. Sample InstallApplication Command: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=1234</string> <key>Command</key> <dict> <key>RequestType</key> <string>InstallApplication</string> <key>iTunesStoreID</key> <integer>383457673</integer> <key>ManagementFlags</key> <integer>5</integer> <key>Options</key> <dict> <key>PurchaseMethod</key> <integer>1</integer> </dict> <key>ChangeManagementState</key> <string>Managed</string> </dict> </dict> </plist> Sample InstallApplication Response: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=1234</string> <key>Identifier</key> <string>com.plexapp.plex</string> <key>State</key> <string>Managed</string> <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>00000000-0000XXXXX0000</string> </dict> </plist>

Issue Description: Licenses Expiring - The licenses for [app_name] and 'x' other applications will expire in 'n' days. The given App Store Notification is displayed in many iPad devices. All the apps for which the notification is shown are purchased from ABM (VPP apps). The licenses are still assigned to devices and are not revoked which is made sure from VPP API. The VPP token is also not nearing expiration and it has more than 6 months time for expiry. Screenshot of the notification is attached below Kindly help us with the reason for this behavior

Hi Community, We are happy to see the changes in the Ventura and when we are exploring the System Settings we have seen that some of the Panes were not controlled and some other Panes were behaving unexpected and have described below. ( The comparison was made with reference to macOS Monterey 12.4)   com.apple.preference.mouse - This System Preference payload key was used to enable and disable Mouse Pane in System Preferences in macOS version 12.4 but in Ventura there was no Pane called Mouse which would be difficult for us to control them using System Preference Pane Payload when the Customer updates their macOS to Ventura                                        Mouse Pane in macOS version 12.4     com.apple.preferences.extensions - This command was used to control Extensions Pane in OS version 12.4 but in Ventura Beta 4 it was kept within Privacy & Security Pane and this command has no effect on it. Extensions work when Privacy & Security is enabled or not disabled which opens the control for the managed device to use the Extensions Settings even though they were configured when the customer updates their macOS to Ventura.                                Extensions Pane in System Preferences macOS v12.4                                        Extension in System Settings macOS version Ventura Beta 4   com.apple.preferences.parentalcontrols - parental controls were not in either 12.4 and ventura Beta 4 com.apple.preferences.appstore - appstore media and purchases is within Apple Id Preference Pane and has no effect while using the command com.apple.preference.energysaver - There was no Energy Saver Pane or inner Panes.Most of the energy saver settings are now in the Battery Pane and no System preference pane key was provided to control it.  com.apple.preference.expose - This command was used to control the Mission Control Pane is Version 12.4 but in Ventura Beta 4 there was no such panes and this command has no effect                                        Mission Control Pane in macOS version 12.4    com.apple.preference.general - this System Preference Pane key was used to enable and disable general Pane in OS version 12.4 but in Ventura Beta 4 while disabling it Doesn't Works,Does not Hide the Pane and we can use all the settings available over there and all non-disabled child settings.and while enabling it cannot Be enabled with the command ( cannot be enabled Even though we enable all the System Preference panes ) com.apple.Localization, com.apple.preference.datetime, com.apple.preferences.sharing, com.apple.prefs.backup, com.apple.preferences.configurationprofiles, com.apple.preference.startupdisk - these preference pane commands were used to enable and disable Language & Region,DateTime, Sharing,TimeMachine, Profiles and StartUp Disk Panes respectively in macOS version 12.4  but in Ventura Beta 4 they were placed under General Pane as children and disabling them works fine but while enabling they are not enabling as General Pane cannot be enabled                          Above mentioned System Preference Pane in OS version 12.4                                             Above mentioned Panes within Ventura Beta 4     Moreover, Also the Newly introduced panes such as Wifi, Focus, Appearance, Control Centre, Screen Save, Battery, Lock Screen, Passwords and Game Center have no System preference pane keys to be disabled But while enabling other panes they get disappeared Would like to hear from the community for possible resolutions and also support the customers who use managed devices to upgrade to Ventura seamlessly

Description: An app update of a app store app or a enterprise app is pushed from MDM using "InstallApplication" command to an iOS device. The app is opened in foreground when an update is pushed. The device is supervised and the app is VPP purchased. When the command is sent to device, the app doesn't update automatically and shows a prompt to update the app. Kindly help us understand this case. Sample InstallApplication Request: <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Sample=000000</string> <key>Command</key> <dict> <key>RequestType</key> <string>InstallApplication</string> <key>iTunesStoreID</key> <integer>1113153706</integer> <key>InstallAsManaged</key> <true/> <key>ManagementFlags</key> <integer>5</integer> <key>Options</key> <dict> <key>PurchaseMethod</key> <integer>1</integer> </dict> <key>ChangeManagementState</key> <string>Managed</string> </dict> </dict> </plist> Sample InstallApplication Response: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Sample=000000</string> <key>Identifier</key> <string>com.microsoft.skype.teams</string> <key>State</key> <string>PromptingForUpdate</string> <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>0000-000000-0000</string> </dict> </plist>

Description: From MDM, the InstalledApplicationList command is sent to device for querying the list of Installed Apps. Some apps doesn't have version(both Version & ShortVersion) in the response. But the "Installing" key is false for them which should mean that the app is already Installed. But the app version is not available in the response. Also, for these apps without app version, the "IsValidated" key gives "false" value. But these apps are installed on the device. Kindly help us understand about this case. Sample Response of InstalledApplicationList: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstalledApplicationList</string> <key>InstalledApplicationList</key> <array> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>135618560</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>850215498</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>net.whatsapp.WhatsApp</string> <key>Installing</key> <false/> <key>IsValidated</key> <false/> <key>Name</key> <string>‎WhatsApp</string> </dict> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>185229312</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>849733664</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>com.microsoft.azureauthenticator</string> <key>Installing</key> <false/> <key>IsValidated</key> <true/> <key>Name</key> <string>Authenticator</string> <key>ShortVersion</key> <string>6.5.98</string> <key>Version</key> <string>20</string> </dict> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>287129600</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>849978495</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>com.microsoft.skype.teams</string> <key>Installing</key> <false/> <key>IsValidated</key> <false/> <key>Name</key> <string>Teams</string> </dict> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>213839872</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>850097782</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>com.google.Maps</string> <key>Installing</key> <true/> <key>IsValidated</key> <false/> <key>Name</key> <string>Google Maps</string> </dict> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>43339776</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>848157118</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>com.manageengine.mdm.iosagent</string> <key>Installing</key> <false/> <key>IsValidated</key> <true/> <key>Name</key> <string>ME MDM</string> <key>ShortVersion</key> <string>22.04.01</string> <key>Version</key> <string>1558</string> </dict> <dict> <key>AdHocCodeSigned</key> <false/> <key>AppStoreVendable</key> <false/> <key>BetaApp</key> <false/> <key>BundleSize</key> <integer>209174528</integer> <key>DeviceBasedVPP</key> <true/> <key>ExternalVersionIdentifier</key> <integer>848848517</integer> <key>HasUpdateAvailable</key> <false/> <key>Identifier</key> <string>us.zoom.videomeetings</string> <key>Installing</key> <false/> <key>IsValidated</key> <false/> <key>Name</key> <string>Zoom</string> </dict> </array> <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>00000-000000-000000</string> </dict> </plist> Some apps with the issue in the given response:- net.whatsapp.WhatsApp, com.microsoft.skype.teams, us.zoom.videomeetings, etc.

Issue: When installing a non VPP app store app in iOS device through MDM, the error - "This Apple ID cannot be used to make purchases" is displayed in the device. But the InstallApplication command response from the device doesn't show any error in it. The response just shows the status as "Installing" and the "ManagedApplicationList" command response shows the device shows the app in "Installing" state. It will be helpful on MDM side if the InstallApplication or ManagedApplicationList command response shows an error. Is it possible? InstallApplication response: <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>InstallApplication;Collection=xxxx</string> <key>Identifier</key> <string>com.zuletteran.scannerfree</string> <key>State</key> <string>Prompting</string> <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>xxxx</string> </dict> </plist> ManagedApplicationList response: <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CommandUUID</key> <string>ManagedApplicationList</string> <key>ManagedApplicationList</key> <dict> <key>com.zuletteran.scannerfree</key> <dict> <key>ExternalVersionIdentifier</key> <integer>0</integer> <key>HasConfiguration</key> <false/> <key>HasFeedback</key> <false/> <key>IsValidated</key> <false/> <key>ManagementFlags</key> <integer>5</integer> <key>Status</key> <string>Installing</string> </dict> </dict> <key>Status</key> <string>Acknowledged</string> <key>UDID</key> <string>xxxx</string> </dict> </plist>

What were you doing on the device just before the crash occurred? Pushed an App update for the autonomous kiosk enabled mode via MDM Which of the following did you encounter on-screen when the system crash occurred Stuck on Black Screen (Had to Force Reboot device) Steps to Reproduce: Created two versions of the enterprise app, which will enter guided access mode on launch. With MDM, we have created a Autonomous Kiosk Profile with the app(say Version 1) we created and pushed the profile to the device . Checked that the profile payload is in correct format . On Launching the App , the device enters kiosk mode and i was unable to exit the app (Expected Behaviour). Other Functionalities of the app worked good. Now pushed another enterprise app of higher version (say Version 2) . Actual Behaviour : App got to background and app is seen to updating with a loading symbol over it. After App got successfully updated, App Launches and done. The Device hangs. Cant touch anything or move to background or lock the screen. I could only get back the device only after starting remote Restart command from MDM. Expected Behaviour : On App update , App should get updated and then App should be again relaunched automatically on successful update . System shouldn’t be freezed. can anyone help me with this case? Whether this is the behaviour or anything to add in guided access enabled app? Thanks in Advance