2017年4月24日 星期一

What can Apple MDM do

Main MDM Features
• Enable Lost Mode: Puts the device in Lost Mode with the information shown on the Lock screen. You can locate devices using your MDM solution while maintaining student privacy.
 • Fetch device location: Allows the device to report its location if the device is in Lost Mode.
 • Remote wipe: Erases the data on a lost or stolen device.
 • Clear passcodes: Clears the device passcode on a one-to-one device when a user has forgotten it, so the user can enter a new one.
 • Modify restrictions: Changes settings and policies for a student or a device.
 • Install iOS update: Pushes a software update to the device. Requires the device to be in Apple School Manager.

New Management Features

 • Home screen layout. Manage how apps, folders, and web clips are arranged on the Home screens of supervised devices.
 • Lost Mode. A feature of Shared iPad that lets you see an “If lost, return to” message on the device. Can be viewed on the login window and the Lock screen.
 • Notifications. Allows app badges, sounds, banners, and alerts to be managed on a per-app basis on supervised devices.
 • Safari domain additions. Lets you restrict the saving of website passwords to only those in an approved list.
 • User-specific configurations. Specify Home screen layout, notifications, restrictions, and Safari AutoFill for each user with Shared iPad.

• New device restrictions
 - Allow Apple Music
 - Allow Apple Music Radio
 - Allow changes to Notifications settings
 - Show/hide specific apps on Home screen

• New MDM commands
 - Set maximum cached user accounts with Shared iPad so you can control the number of accounts that are cached
 - Delete user
 - Log out user
 - Enable Lost Mode
 - Disable Lost Mode

 • New MDM queries
 - User list
 - Device location
 - Device information
 - Is Lost Mode enabled
 - Maximum cached users

Passcode protection
 • Allow simple value
 • Require alphanumeric value
 • Minimum passcode length
 • Minimum number of complex characters
 • Maximum passcode age
 • Passcode history
 • Auto-lock timeout
 • Grace period for device lock
 • Maximum number

MDM can do more then restrictions
if i can find a loophole and use it to bypass MDM
i might sell it to apple
who knows

2017年4月23日 星期日

What can MDM owner see about your apple device

Hardware Details:
- Device Type
- Device Model
- Device Name
- Serial Number
- UDID
- Battery Level

Software Details:
- iOS Version
- List of Apps Installed
- Storage Capacity
- Available Space
- iTunes Store Status

Management Details:
- Managed Status
- Supervised Status
- IP Address
- Enrollment Method
- Security Status

Additional Details:
- Profiles Installed
- Certificates Installed
- Activation Lock Status
- Purchasing Information
- Last Inventory Update