In my project, I need to install application to iOS devices using a desktop EXE. I use libimobiledevice command to install the application and it works fine. As I use enterprise developer profile, I know I need to trust profile from Settings. To trust a profile it needs internet connection as per Apple.
iOS9 Untrusted Enterprise Developer with no option to trust
But on my case, there will not be any internet connection in device, but we have internet connection in Desktop PC where the EXE runs. Is there any option to launch Enterprise IPA file without having internet connection.
I learn MDM Apple Enterprise distribution but not sure whether it will survive my purpose.
Is there any possible way to launch the enterprise IPA without having internet connection in iOS device.
You need to be able to verify the Enterprise Certificate in the app with Apple, as they are the ones giving you a licence to install apps outside the appstores.
That's just the way these Enterprise ID's work.
if the desktop PC's have iTunes, you could try dropping the ipa in there and see if this antique program can help you out.
This would definitely require some hacking. One approach may be to edit the hosts file of the computer when installing using the executable, launching your own server to listen to the port specified in the hosts file, and replicate the response given by server in a real life scenario. (you can probably use charles or fiddler to trace the response which is suppose to be given by the server.
Basically, the verification of the cert would be done by the local server you are running.
This, of course, is quite complex as a task... good luck!
Related
I have a free developer account. With it, I compile two or three Apps on my own iPhone.
I was used to compile the Applications regularly when the certificate expired.
Now, I'm using more my laptop, so I compile sometimes the Apps from it, and sometimes from the iMac. I think now having another problem, and I have to recompile the applications more frequently. After laucnching the App I have sometimes the message
Unable to verify App
An Internet connection is required to verify trust of the developer "xxx". This App will not be available until verified
I think that the problem is that I have two apps on the iPhone, for the same developer account, but compiled with thwo different Macs. I don't know why, but Apple seems to consider the account for a machine, not for a developer...
I tried to resolve the problem by using the exact same certificate on the two machines (synchronise the folder ~/Library/MobileDevice/Provisioning Profiles with Syncthing), but it didn't help.
I assume I can create another developer account and use one account for just one application, but it seems ridiculous...
Is this a way to avoid this message?
I have found following network requirements for OTA deployment:
https://help.apple.com/deployment/ios/#/apda0e3426d7
Network configuration requirements
If the devices are connected to a closed internal network, you should let iOS devices access the following:
ax.init.itunes.apple.com: The device obtains the current file-size limit for downloading apps over the cellular network. If this website isn’t reachable, installation may fail.
ocsp.apple.com: The device contacts this website to check the status of the distribution certificate used to sign the provisioning profile.
I want to ask is it possible to deploy through intranet without access above website? Any work around?
Thanks.
We have OTA setup in our intranet. Works fine. Only requirement is that the device installing the app should be connected to the VPN or in the intranet.
I'm going to attend a MDM project in iOS (client side) but after searching, I still don't know how MDM really works. Can anyone explain something for me?
Problem:
My server needs to control the list of applications are installed on devices (install and remove app).
Expected Solution:
There need an app installed on devices which plays the role of client (MY APP).
When needed, server will push a notification to client via Apple push notification server.
After receiving notification, client app will connect to server to get server command (ex: installing app A)
After getting command, MY APP automatically download A and install it.
My question: Is that the way MDM work?
If yes, how MY APP can install another app when it has no right to do it (due to sandbox) and whether server can config the access right for an app on devices. If possible, anyone can give me an example of code for MDM client side to clear my stuff things?
If no, it means that the server will be the one who install app A on device (instead of MY APP). In that case, how server can do that?
iOS MDM is clientless protocol. So, you develop a server, but you don't develop a client application for it. Actually, there is a client app, but it's developed by Apple and built into operation system.
So, your server will send a command, built-in MDM client will receive and execute it.
Generally speaking, if you want to develop MDM server, you need to register into Enterprise Developer Program and get MDM documentation.
There is some reverse engineered documentation here: http://media.blackhat.com/bh-us-11/Schuetz/BH_US_11_Schuetz_InsideAppleMDM_WP.pdf
And iOS MDM protocol support Install/Remove application command.
MDM means Mobile Device Management. This is same concept used in many corporations have been using for desktops and laptops. They installs some softwares on PCs that allows to monitor activities on those PCs. Same way in MDM they installs applications on your mobile device that allows to monitor activities on mobile devices.
You can refer some MDM provider to get batter idea. e.g. http://www.air-watch.com/
I have posted this question on SO since I think it is the most logical place to find people with a lot of experience with the iOS Enterprise program.
For my company, we are developing an in-house app. We would like to deploy this app with the minimum effort required on the user's side <1>, as it should be possible to quickly install it for incoming colleagues. Additionally, we can't always guarantee an up and running internet connection at install time <2>. The in-house app is to be downloaded on our premises from a webserver through wifi.
We are currently not enrolled in the enterprise program, as we're investigating whether or not our goals can be realized.
As for <1>, what we've found is that UDIDs are not necessary to include in the provisioning profile for enterprise deployment. What is needed, is a provisioning profile. Now, here are my first concrete questions:
are any additional steps necessary before a provisioning profile can be installed?
can the provisioning profile be embedded within the app as can be done for OTA betas? This would save a user the step of installing the profile.
For <2>, the following issues come to mind:
here it states that access is needed to ax.init.itunes.apple.com and ocsp.apple.com. The former for querying the max allowable GPRS app file size. It doesn't sound relevant when your goal is to distribute over wifi, but the page says "If this site isn’t reachable, installation may fail." so it does concern me a bit. The latter one seems less severe as it is stated that "Inability to contact or get a response from the OCSP server isn’t interpreted as a revocation", which means that it should be possible to not contact this server right away.
I'm assuming that I can use any URL scheme to point to a local server that provides the app bundle and that there are no restrictions on server configuration.
Summarizing the two: is it possible to install an in-house app from a local server without a functioning internet connection?
Thanks for the help; it's greatly appreciated. As I have no prior experience with Enterprise deployment, it is tough to be confident that I'm not missing out on the nitty gritty details in Apple's documentation.
Provisioning profile can be embedded.
Your employee's devices requires internet connection when they are downloading the app, so that the device can contact Apple servers you mentioned.
I want to complete my iPad application.
My app fetches a record from a server which situated in single lan within my company campus using wifi lan connection configuration. So, apps cannot read data from over internet.
I don't have an Apple ID (99$) because it is not necessary for my apps, as they are only run within my company.
So how I can run my application on an iPad? It runs fine in the simulator.
I don't understand how to start deployment and which files are used to run apps in iPad.
You need to enroll in Apple's developer program ($99) to be able to deploy on iPad. (There's no way around this.) Once you have you will find a step by step guide in the iOS provisioning portal.
As Erik suggested you can't deploy on a device until you acquire a developer license from Apple. Since you aim to distribute your app within your company itself, I would recommend you to acquire an enterprise license($299), rather than a $99 standard one.