7 Replies
      Latest reply on Jun 17, 2015 1:14 PM by bruienne
      rtrouton Level 1 Level 1 (0 points)

        Expanded DEP now available in 26 countries

        Four-hour turnaround for replacement devices

         

         

        New features of DEP

         

         

        Enrollment optimization - Keeps the device in Setup Assistant until MDM enrollment completes.

        DEP will send a DeviceConfigured command to the device, to let it know it can now exit Setup Assistant

        Available for 10.11 / iOS 9

         

         

         

         

        Account creation:


        Prevent user account creation

        Set passcode policy

        Create standard user account

        Setup Assistant will also create admin account in the background.

        - optionally hidden


        Standard user is created by Setup Assistant, (possibly hidden) admin user is available for remote administration.

         

         

         

         

        Additional panes can be removed from Setup Assistant

         

        Touch ID

        Apple Pay

        Zoom

        Android Migration <- new option to remove

         

         

        MDMServiceConfig

         

        Equivalent to Storebag from iTunes Store

        Informs tools what info they can obtain from your server

         

        Three different ways of purchasing apps


        App Store

        VPP Redemption Codes

        VPP Managed Distribution

         

         

        VPP expanded to 26 countries (matches DEP)

         

        Multinational app assignment

         

        Purchase app in any of the 26 covered countries, can distribute them across other covered countries as long as app is available in that nation's app store. Buy in France, distribute to users in the US and Britain.

         

         

        Device app assignment

         

        No Apple ID required on the device

        No invitation process

         

         

        For App developers

         

        Support device assignments

         

        - Opt in

        - Update recipt checking

         

        Store app data in the cloud

         

        - iCloud

        - Your own cloud solution

         

         

        Change to Caching Server in El Capitan

         

        Preheat cache of iCloud data on local network

        Data will be encrypted

         

         

        iCloud Drive documents

        CloudKit data

        iCloud Photo Library photos

         

        Translation: Give your Caching Server more storage. MOAR.

         

         

         

         

        MDM Developers: InstallApplication

         

        Installs app if not installed

        Updates app if installed managed

         

        What's different?

         

        Migrate user to device assignment without reinstalling or losing user data

        Convert unmanaged to managed without reinstalling or losing user data

        Install via MDM or Configurator with the App Store set to be disabled

         

         

        Enterprise in-house apps:

         

        New explicit user trust flow for apps

        Prevent users from trusting apps

        Apps installed via enterprise's MDM do not require explicit user trust

         

         

        B2B apps:

         

        Can provide the same metadata for apps that can be provided for App Store-provided apps. Coming later this summer.

         

         

        For new settings discussed above, take a look in El Capitan's Profile Manager.

         

         

         

        New MDM commands and queries (iOS)

         

        Available Software Updates

        Update to iOS (DEP devices only)

        - Download and stage the update, for later installation

         

         

        iOS 9:

         

        Profile restrictions

         

        Keyboard shortcuts

        Modify device name, passcode, wallpaper

        News

        Pair with Apple Watch

         

         

        Network Usage Rules

        OS X Server Account

        Mail: Mail Drop

        SSO: Specify

         

        New MDM commands and queries (OS X)

         

        Available Software Updates

        Install Software Updates (DEP Macs only)

         

        Configure ethernet proxy

        Login window - disable account migration

         

        Note: Recommend that readers of these notes make time to review the session video, they went through the new MDM commands, restrictions and queries pretty fast.

         

         

        Tools:

         

        DEP and VPP Simulators

         

        Simulate DEP and VPP services

        Test handling of service errors

         

        Available for download on developer portal

        New revs this week support the new iOS 9 / El Capitan features

         

         

        Apple Configurator:

         

        Rewritten; now Apple Configurator 2

         

        New interface puts the connected iOS devices front and center

        Discrete tasks

        Easy automation - combine tasks into workflows

        Multiple stations

        Companion to DEP and MDM server

         

        Tasks available from the Actions menu in Configurator 2.

         

        Configurator no longer maintains a database of applications. iOS applications can stored as files on the Mac's filesystem, in iCloud, on network storage, etc, and Configurator can select them as files and use them.

         

        Command line tool for managing Configurator 2, will be covered in an automation session on Thursday.

         

        Apple Configurator 2 beta available now.

        • Re: What's New in Managing Apple Devices notes
          rsaeks Level 1 Level 1 (0 points)

          Thanks, Rich!

           

          If you have a chance grab the Betas and accompying release notes. There are some great bits of information in those that will help with planning.

            • Re: What's New in Managing Apple Devices notes
              eng Level 1 Level 1 (0 points)

              Apple DEP service/hidden admin account - Random GUID. Currently cannot update password/target user. They are working on sending GUID information back to MDM server at creation account time to target later. This isn't a provision profile, but a part of the DEP Setup Assistant activation.

               

              Apple Configurator 2

              - Now uses CommerceKit to support Caching Servers. _Should_ support multiple front-facing IP addresses but could not be confirmed with engineering.

              - Shared Cache Container

              - New identifier - com.apple.configurator.ui

              - Blueprints are .plists and can be exported/imported by moving files to ~/Library/Group\ Containers/Group.com.apple.configurator/Library/Application\ Support/com.apple.configurator/Blueprints - EXPECT changes to keys/layout.

              - Automator actions currently require administrative rights and installation tool does not work - will be fixed in a future update.

               

              Apple Caching Service

              - Can optionally cache iCloud personal / business data (1 or both). Data location is truncated in logs and encrypted on volume. Cacher logs should still work but I need to test.

            • Re: What's New in Managing Apple Devices notes
              Level 1 Level 1 (0 points)

              Thanks, Rich. This is great information. Can't wait to watch the video when it's up.

              Off to grab AC2!

              • Re: What's New in Managing Apple Devices notes
                cashxx Level 1 Level 1 (0 points)

                I have never seen these before?  Are these released, I don't see them anywhere.

                 

                DEP and VPP Simulators

                Simulate DEP and VPP services

                Test handling of service errors