Post not yet marked as solved
Post marked as unsolved with 1 replies, 509 views
Issue Description: We have observed that the DDM Status response is expected to be provided daily at specific timestamps or sometimes randomly for certain devices to obtain the complete DDM status report. The following daily pattern is observed for DDM requests to MDM:
Endpoint -> Status
Endpoint -> Tokens
After receiving a full report from DDM, it proceeds to fetch any changes in declarations from DDM via a tokens request. In iOS 17/macOS 14 also, the same full reports are received daily, but they include new properties in the status report, such as "FullReport": true.
Sample Status Response :
{
"StatusItems" : {
"FullReport" : true,
"client-capabilities" : {
"supported-versions" : [
"1.0.0"
],
"supported-payloads" : {
"declarations" : {
"activations" : [
"com.apple.activation.simple"
],
"assets" : [
"com.apple.asset.credential.acme",
"com.apple.asset.credential.certificate",
"com.apple.asset.credential.identity",
"com.apple.asset.credential.scep",
"com.apple.asset.credential.userpassword",
"com.apple.asset.data",
"com.apple.asset.useridentity"
],
"configurations" : [
"com.apple.configuration.account.caldav",
"com.apple.configuration.account.carddav",
"com.apple.configuration.account.exchange",
"com.apple.configuration.account.google",
"com.apple.configuration.account.ldap",
"com.apple.configuration.account.mail",
"com.apple.configuration.account.subscribed-calendar",
"com.apple.configuration.legacy",
"com.apple.configuration.legacy.interactive",
"com.apple.configuration.management.status-subscriptions",
"com.apple.configuration.management.test",
"com.apple.configuration.passcode.settings",
"com.apple.configuration.security.certificate",
"com.apple.configuration.security.identity",
"com.apple.configuration.security.passkey.attestation",
"com.apple.configuration.softwareupdate.enforcement.specific",
"com.apple.configuration.watch.enrollment"
],
"management" : [
"com.apple.management.organization-info",
"com.apple.management.properties",
"com.apple.management.server-capabilities"
]
},
"status-items" : [
"account.list.caldav",
"account.list.carddav",
"account.list.exchange",
"account.list.google",
"account.list.ldap",
"account.list.mail.incoming",
"account.list.mail.outgoing",
"account.list.subscribed-calendar",
"device.identifier.serial-number",
"device.identifier.udid",
"device.model.family",
"device.model.identifier",
"device.model.marketing-name",
"device.model.number",
"device.operating-system.build-version",
"device.operating-system.family",
"device.operating-system.marketing-name",
"device.operating-system.supplemental.build-version",
"device.operating-system.supplemental.extra-version",
"device.operating-system.version",
"device.power.battery-health",
"management.client-capabilities",
"management.declarations",
"mdm.app",
"passcode.is-compliant",
"passcode.is-present",
"security.certificate.list",
"softwareupdate.failure-reason",
"softwareupdate.install-reason",
"softwareupdate.install-state",
"softwareupdate.pending-version",
"test.array-value",
"test.boolean-value",
"test.dictionary-value",
"test.error-value",
"test.integer-value",
"test.real-value",
"test.string-value"
]
},
"supported-features" : {
}
}
},
"device" : {
"identifier" : {
"serial-number" : "S7T95QN0XP",
"udid" : "00000-AAAAA-111111-BBBBB"
},
"model" : {
"marketing-name" : "iPhone 14 Plus",
"number" : "AB523HN/A",
"identifier" : "iPhone14,8",
"family" : "iPhone"
},
"operating-system" : {
"marketing-name" : "iOS 17.0",
"family" : "iOS",
"supplemental" : {
"extra-version" : "",
"build-version" : "21A5312c"
},
"build-version" : "21A5312c",
"version" : "17.0"
}
},
"mdm" : {
"app" : [
{
"version" : "1452",
"state" : "managed",
"external-version-id" : "123456789",
"identifier" : "com.xxxxx.yyyy.zzzz",
"name" : "App Name",
"short-version" : "23.XX.XY"
},
{
// app details
},
{
// app details
},
{
// app details
}, etc...
]
},
"passcode" : {
"is-present" : true,
"is-compliant" : true
},
"management" : {
"declarations" : {
"activations" : [
{
"active" : true,
"identifier" : "DEFAULT_ACT_0",
"valid" : "valid",
"server-token" : "1"
}
],
"configurations" : [
{
"active" : true,
"identifier" : "DEFAULT_STATUS_CONFIG_0",
"valid" : "valid",
"server-token" : "2"
}
],
"assets" : [
],
"management" : [
]
}
},
"security" : {
"certificate" : {
"list" : [
]
}
},
"softwareupdate" : {
"install-reason" : {
"reason" : [
]
},
"install-state" : "none",
"pending-version" : {
},
"failure-reason" : {
"count" : 0
}
}
"Errors" : [
]
}
Followed by Tokens Request :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Endpoint</key>
<string>tokens</string>
<key>MessageType</key>
<string>DeclarativeManagement</string>
<key>UDID</key>
<string>00000-AAAAA-111111-BBBBB</string>
</dict>
</plist>
May I know if this is a behavior, and is it possible to control DDM status report polling data or time?
Thanks in Advance