Is there or will there be an update to the depsim and vppsim simulator tools? The current version is significantly out-of-date in terms of features and fails to start due to the developer not being verified (ironically).
Apple Business Manager
RSS for tagOffer custom apps to organizations. Manage your organization's devices, apps, and accounts.
Posts under Apple Business Manager tag
66 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
Hello Developer Community,
I'm facing a critical situation with our company's Apple Developer Account. We are unable to access our account because:
The admin of our Apple Developer Account is a former team member
We cannot reach this person anymore
We need to regain access to maintain our app on the App Store
Questions:
What is the official process to recover account access in this situation?
What documentation will Apple require to verify our company ownership?
Who should we contact at Apple to start this process?
Any guidance from developers who have experienced a similar situation would be greatly appreciated.
Note: I'll be happy to provide more details if needed, while keeping sensitive information private.
Thanks in advance for your help!
I'm trying to use DDM manager Safari Extensins in macOS Sequoia. I generate json and load it by mdm and ddm , but it doesn't seems to work. The json I loading is the following:
{
"Type": "com.apple.configuration.safari.extensions.settings",
"Payload": {
"ManagedExtensions": {
"*": {
"State": "AlwaysOn",
"PrivateBrowsing": "AlwaysOn",
"AllowedDomains": [],
"DeniedDomains": []
}
}
},
"Identifier": "com.test.safari"
}
macOS Sequoia response is the following:
{
"StatusItems" : {
"management" : {
"declarations" : {
"activations" : [
{
"active" : true,
"identifier" : "com.example.act",
"valid" : "valid",
"server-token" : "5cc191206d1b1933"
}
],
"configurations" : [
{
"active" : true,
"identifier" : "com.test.safari",
"valid" : "unknown",
"server-token" : "29d3ec5ab48e6367"
}
],
"assets" : [
],
"management" : [
]
}
}
},
"Errors" : [
]
}
you can see, The "valid" value is always "unknown" at ""identifier" : "com.example.act", but "Errors" is empty, Safari app don't load extensions , the SafariExtensionSettings" ddm don't work, Is there anything wrong with "SafariExtensionSettings" json? or how can I debug this bug .
Hi, I'm glad to hear that the service discovery process is improved on iOS/iPadOS 18.2 mentioned here.
https://support.apple.com/en-ca/guide/deployment/dep4d9e9cd26/1/web/1.0
I tried it on my development MDM server.
Set default MDM for iPad to my development MDM server on Apple Business Manager.
Call the new API https://developer.apple.com/documentation/devicemanagement/account_driven_enrollment_profile and 200 OK is returned
However the service discovery fails with the following error.
Invalid well-known response for https://{my email's comain name}/.well-known/com.apple.remotemanagement?user-identifier={my email}&model-family=iPad: <NSHTTPURLResponse: 0x300a9f420>
Invalid well-known response for https://axm-servicediscovery.apple.com/mdmBaseURL?user-identifier={my email}&model-family=iPad: <NSHTTPURLResponse: 0x3009047a0>
It seems fallback process to https://axm-servicediscovery.apple.com/mdmBaseURL actually works but it returns 404 Not Found error.
How can we use this awesome feature?
Thank you :)
Backup and restore Personal IOS data to a Supervised device?
We currently have around 200+ iPhone users that are using their devices as personal devices. We are planning on moving them to Intune using Automated Device Enrollment (Supervised).
Is it any way possible to backup their devices, do a factory reset, enroll them in Intune, then restore the old data?
Is it possible to do backup and restore in this situation? Is there an alternative way to restore the data back to a supervised device?
Friday we were preparing to publish our final build in TestFlight. Our developer informed me that the account holder had to agree to new terms and agreements. I am the sole user of this account, and tried to login (1 week ago I was still able to login). To my surprise I got the notification “account locked”, ”you need to reset your password”. I followed the required step: filling in the phone number on file (which is my phone number). After filling this in the page informed me that they’d get back to me in 1 day.
On Saturday I received an email from no_reply@apple with the following “We have received the request for access to your account and we have denied access.” There was no further information in the email why this would be.
I tried Apple support but they tell me they can not reactivate the account and I should apply for a new Apple ID. This sounds really strange as it would mean I would lose access to our currently published application forever?
I also submitted request to Apple Developer Support, but it seems I can not call them myself, and I should await reply from their side.
But in general I am just shocked how they can deny access to an account, which is even a paid one (Developer Program), and not help me out. I am able to supply all identification (passport). I have access to the email that we use to login. I have access to the mobile phone number that is connected for exactly this reason (two factor authentication).
Anyone with similar experience and/or solutions?
Friday we were preparing to publish our final build in TestFlight. Our developer informed me that the account holder had to agree to new terms and agreements. I am the sole user of this account, and tried to login (1 week ago I was still able to login). To my surprise I got the notification “account locked”, ”you need to reset your password”. I followed the required step: filling in the phone number on file (which is my phone number). After filling this in the page informed me that they’d get back to me in 1 day.
On Saturday I received an email from no_reply@apple with the following “We have received the request for access to your account and we have denied access.” There was no further information in the email why this would be.
I tried Apple support but they tell me they can not reactivate the account and I should apply for a new Apple ID. This sounds really strange as it would mean I would lose access to our currently published application forever?
But in general I am just shocked how they can deny access to an account, which is even a paid one (Developer Program), and not help me out. I am able to supply all identification (passport). I have access to the email that we use to login. I have access to the mobile phone number that is connected for exactly this reason (two factor authentication).
Anyone with similar experience and/or solutions?
我有十一台M4芯片的mac mini,目前通过AC2将设备挂载在ABM中。目前有10台通过接口 “https://mdmenrollment.apple.com/device/activationlock” 启用企业激活锁去出现INTERNAL_SERVER_ERROR错误,只有一台成功了,成功那台设备使用的ABM账号与其他设备使用的ABM账号不同所属组织也不同。
I have eleven M4 chip Mac mini devices, currently mounted in ABM through AC2. Currently, there are 10 units that have passed the interface“ https://mdmenrollment.apple.com/device/activationlock ”Enabling the enterprise activation lock resulted in an INTERNAL_SERVER-ERROR error, and only one device succeeded. The successful device used a different ABM account than the other failed devices and belonged to a different organization.
I work with https://developer.apple.com/documentation/devicemanagement/activationlockrequest?language=objc.
The same codes work well on other devices, such as iphone, ipad, mac air.
What causes?
What can i do to resovle it?
Hi everyone,
I’m seeking advice or guidance regarding a frustrating issue with my Apple Developer Account that’s been unresolved since October this year.
Here’s the situation:
My account was fully functional from October 2023 until October 13, 2024. During that time, my enrollment as a US LLC was accepted, I paid the membership fee with auto-renew enabled, and everything was in order.
On October 13, 2024, I encountered a problem where my account is now stuck in what seems like a “limbo.”
When I log in to developer.apple.com, I see an option to “Enroll today,” but clicking it shows the error:
“Sorry, you can’t enroll at this time. Your Apple ID is already associated with the Account Holder of a membership.”
I’ve contacted Apple Support multiple times over the past month and a half. Each time, I’ve been told my case (ID: 102451753655) has been escalated to an internal review team, but I’ve received no updates, timelines, or resolutions.
This issue is severely impacting my business, as my app is ready for release but cannot be published.
I’m looking for advice:
• Has anyone experienced something similar?
• Are there alternative ways to escalate this issue beyond the usual support channels?
At this point, I’m considering taking this issue to public platforms like Twitter/X and LinkedIn to get Apple’s attention. If the problem persists, I’ll likely need to involve legal representation.
Any help or suggestions would be greatly appreciated.
Thank you,
Dear Apple Team,
As an MDM (Mobile Device Management) service provider, we are writing to bring attention to an issue that is affecting many of our customers who manage large fleets of iOS devices. Specifically, we have encountered challenges with the app update process via MDM, which is impacting both kiosk devices and non-kiosk devices in a variety of use cases.
Issue 1: App Updates Delayed on Kiosk Devices
Many of our customers are deploying kiosk devices that are used 24/7 independently with no attendants. In these cases, when an app update is sent through MDM via the installApplication command, the installation does not begin immediately. Instead, the update starts only after the device is locked. However, since these kiosk devices are running continuously, they are rarely locked, preventing the app update from occurring.
To force the update, administrators need to manually remote lock or physically lock the device, which is a time-consuming process. This becomes even more challenging for devices like Apple TV, where remotely locking and unlocking the device to complete app updates is especially difficult, making it hard to keep the apps up to date in a timely manner.
Issue 2: User Cancellations of Critical Updates on Non-Kiosk Devices
In the case of non-kiosk devices, customers are encountering another challenge: when a critical update is pushed during business hours, users are often prompted to install the update. However, many users tend to cancel the update, leaving devices unpatched and potentially vulnerable. This behavior can delay the deployment of important security patches, which is a critical concern for organizations managing sensitive data or business-critical apps.
Request for a Solution
Our customers have expressed the need for a more reliable and forceful app update mechanism. Specifically, we are requesting the following features to improve the app update experience:
Scheduled app updates: The ability to schedule app updates, similar to the way OS updates are handled. If the user does not install the update within a specified timeframe, the update should begin automatically or prompt the user with a stronger reminder.
Force install option: A feature that would allow MDM administrators to force an app update immediately, without relying on user intervention. This would ensure that critical updates are installed promptly, improving security and system stability across all devices.
These features are essential for many of our customers who rely on timely and consistent app updates to maintain security, functionality, and compliance across their managed devices. Without these options, they face challenges in ensuring devices are kept up-to-date, which can result in security vulnerabilities and operational disruptions.
We kindly request that Apple consider adding these functionalities to improve the MDM app update process and provide a more reliable experience for both kiosk and non-kiosk device management.
Thank you for your attention to this matter. We look forward to your feedback and any potential improvements in future iOS updates.
Raised in the same manner as feedback: FB15910292
I’m looking for advice on implementing an Active Supervision Mode for enhanced parental control. My goal is to restrict access to both iOS system apps and third-party applications to create a safer and more tailored digital experience for my child.
Here’s what I’d like to achieve:
App Restrictions: Block specific apps (both iOS and third-party) and allow access only to approved ones.
Time Limits: Set daily usage limits for individual apps or app categories.
Content Filtering: Apply restrictions to block inappropriate content and age-inappropriate apps.
Remote Management: Manage these settings remotely from my device for added convenience.
Activity Monitoring: View app usage stats or receive alerts for policy violations.
I understand that Screen Time on iOS offers basic parental controls, but I’m exploring whether iOS supports more advanced capabilities natively or through additional configurations.
I’ve also heard that enrolling a device in Apple Business Manager (ABM) and linking it to an MDM (Mobile Device Management) solution might provide greater control. If this is a viable solution, could anyone provide guidance on:
Enrolling a personal or family-owned device into Apple Business Manager.
Linking an MDM for configuring app restrictions and monitoring usage.
Alternatively, if there are third-party parental control apps that work seamlessly with iOS to achieve these goals, I’d appreciate your recommendations!
Thanks in advance for your insights!
Hello everyone,
I am a developer and admin on App Store Connect, and I'm experiencing some issues with my account. Here’s a summary of the situation:
Account Email: [Redacted]
Team ID: [Redacted]
Upon visiting the resources page, I encountered a popup stating:
Unable to find a team with the given Team ID to which you belong. Please contact Apple Developer Program Support.
When I sought assistance from a account holder, they attempted to log in using the account email but were unable to access it, despite entering the correct credentials multiple times. The login page prompted them to enter the email or phone number and password for the Apple account.
Currently, I admin can log into App Store Connect, but the account holder is unable to access their account.
We are facing difficulties because the Team ID appears to be disabled or unavailable in Xcode.
We still have an Individual Developer subscription, but we intend to upgrade to an Organization level.
I submitted a request for "Organization Membership" earlier this month.
After contacting Apple support helpline multiple times, we received inconsistent responses, including suggestions to create a new account or contact developer support via email.
Our main issues are:
The account holder is unable to log in.
The Team ID is not functioning.
If we cannot continue with the individual account, we are open to using a different email for the account holder, as he handle sensitive information such as verification and payments.
I have already submitted my request and am opening this thread in hopes of finding a speedy solution and guidance. I've seen multiple threads on this issue, but none have provided a resolution.
Any guidance or suggestions on how to resolve these issues would be greatly appreciated!
Thank you!
I'm reaching out to discuss a significant issue related to how iOS handles app login sessions, particularly in the context of MDM (Mobile Device Management) and the Outlook app.
In our organization, we use MDM to distribute applications, including Outlook, with certificate-based authentication for BYOD (Bring Your Own Device) devices. This setup allows users to log in seamlessly to their accounts. However, we've encountered a concerning behavior: when a user unenrolls from MDM, which automatically removes the distributed apps and certificates, they can later reinstall the app from the App Store and find themselves automatically logged back into their previous accounts without any authentication prompts.
Here’s a detailed breakdown of the situation:
Initial Installation: Users enroll their devices in MDM, which installs the necessary apps and certificates on those devices.
Session Storage: After the initial login, the app stores the session locally on the device.
App Deletion: When users un enroll their devices from MDM, it automatically removes the distributed apps and certificates.
Reinstallation: Days or weeks later, when they reinstall the Outlook app from the App Store, they find themselves automatically logged back into their accounts.
This behavior raises important concerns:
Lack of Authentication: The app retaining user sessions even after deletion allows users to access their accounts without re-authentication, which could lead to potential unauthorized access and undermines the effectiveness of certificate-based authentication and two-factor authentication (2FA).
Note: This issue is not limited to Outlook; we've observed similar behavior with many other apps.
Need for a Solution -
Given the implications of this behavior, we are looking for effective solutions to prevent it. Specifically, we need options within the MDM framework to:
Restrict Session Retention: Implement settings that ensure any app deleted via MDM will lose all stored sessions and require re-authentication upon reinstallation.
Default Settings for MDM-Distributed Apps: Ideally, this would be a default feature for all apps distributed through MDM, ensuring that user sessions are not retained after app deletion.
Has anyone else experienced this issue? Are there any existing settings or workarounds within MDM platforms to mitigate this problem? Your insights and experiences would be invaluable as we navigate this challenge.
Thank you!
My apple developer account has been changed to organization information but the app store still shows the individual developer name, how to fix it? please help me
We are doing application assignment to personal iOS devices that are enrolled in MDM via User Enrollment. However, we're experiencing some odd behavior when assigning licenses.
We are getting back errors from the devices when doing assignments:
code: 12064, domain: MDMErrorDomain, description: Could not retrieve licence for the app with iTunes Store ID 422689480.
code: 2605, domain: DeviceManagement.error, description: No licence was found for app "com.google.Gmail".
However, we are not seeing license exhaustion on the Apple Business Manager side for our location.
We are not clear what would cause the 12064 or 2605 errors.
We have tried re-sending the command to install the app, and we have tried un-enrolling devices and re-enrolling, as well as updating the VPP Token for the location.
We have gathered sysdiagnoses from affected devices, but it's not clear what causes this. What other causes are there for 12064 and 2605 errors? How can we work around these?
We are trying to publish an app on the public App Store that is intended for internal use by our organization. The app does not have a public registration process—accounts are created internally by our organization's system, and users simply sign in.
Apple has rejected the app, suggesting to use private distribution methods like Apple Business Manager or the Apple Developer Enterprise Program. However, we would prefer to distribute the app publicly via the App Store for easier access and updates.
Has anyone successfully published a public-facing app without a registration feature where account creation is managed internally? Are there any specific strategies or additional features we should add to meet Apple’s requirements while keeping our internal account creation process?
Thank you for your insights!
I am currently working on a Visual Basic .NET project and aim to integrate an internal application with the Apple Business Manager API to access DEP (Device Enrollment Program) device data.
Specifically, I would like to request any guidance on the following aspects:
Generating a Valid Access Token: I am aware that JSON tokens are required to interact with the API, but I am unsure of the correct procedure to create a valid token for accessing the Apple Business Manager data.
How to set permissions for accessing DEP Device Data: What steps do I need to follow to obtain the necessary permissions to read DEP device data from Apple Buiness Manager? Are there specific configurations or approval processes that need to be completed within Apple Developer Account oder Apple Business Manager account (which both uses same Apple ID)?
API Endpoints and Documentation to access Business Manager by API: Could you please point me to the relevant APIs and endpoints for interacting with the DEP data? Which web requests to send where? Any documentation that outlines the API structure fur Business Manager access and how and where to obtain access tokens for it.
Thanks for any assistance as I stuck here since it is ma first project accessing Apple APIs.
Hello there,
I Have an Apple developer enterprise subscription.
I need to put my app on app store in order to deliver it by Citrix secure hub
it seems to be necessary for me using "volume purchase program".
it seems to be necessary connecting citrix store with apple business manager
On these premises, I followed docs and went on App Store Connect site, but there is no "my apps" section on the page as I expected, I can find only a unique section "Users and accesses" and two tabs "people" and "integrations"
**How can I submit my app? why exactly I'm not seeing the same on different profile?
**
here what I see:
Hello,
We have filtering logic that is being loaded into PacketTunnelProvider network extension for processing web traffic. The issue we are facing is the 50MB cap is being hit after browsing a few websites and the OS terminates the PacketTunnelProvider.
What would be the best way to tackle this problem? A few ideas come to mind and would appreciate any support on them:
using IPC (Inter Process Communication) to move the filtering logic back to the main app (if this is possible)
we could move the filtering in Filter Control Provider however the limitation on there is that we cannot perform HTTP response modification which is imperative for the workings of the filtering.
We have same solution working fine on Android and app is using about 270MB in worst case (however in Android there is no limit to network extension as the VPN provider runs inside the app)
The project target market is in excess of 50,000 devices
We would appreciate any support on the matter.