We have Apple's Enterprise distribution account that we are using to publish enterprise app to company employees. We are using MDM solution for distribution.
Do we need to generate ipa for MDM deployment differently than the standard App store procedure? obviously we have selected Enterprise deployment at end using xcode's generate ipa method.
How all devices in the company can install app using MDM. Do we need to prepare devices somehow first?
Any help would be much appreciated.
Finally figured this out so writing a reply
One has to generate "Enterprise Provisioning" profile replicating App store one. You have not to include any devices in the Provisioning profile. Everything will be managed by MDM.
Related
My employer doesn't have an iPhone for testing, they are also not enrolled into Apple's developer program, but they recruited me as an iOS developer.
I was told to create an app and I did it with the help of simulator.
Now, they want me to generate an IPA file of that application for their client who is in another country to test, in his iPhone. Is that even possible?
You will certainly need a developer account if you want to run your app on a physical device (unless that device is jailbroken, which I wouldn't recommend). If your employer hired you as an iOS developer, you need to inform them that a requirement to doing iOS development is a developer account.
If you are going to be writing iOS apps to deploy on client device (which you won't have physical access to), you have a couple of options.
You could have your employer pay for the enterprise developer account ($299/year). This allows you to have an In House Distribution profile, which lets you build an IPA that can run on any iOS device without the need to register the UDID for each device in the provisioning profile.
You could use Apple's TestFlight to deploy the app to your clients' devices. This still requires a paid developer account as you are basically creating an app store build and distributing to others as "beta testers". The app goes through a more lax review process, but it still must have been signed with a distribution certificate, which you only can get with a paid account.
Bottom line, if your company is asking you to develop apps professionally, you need to get them to understand that the $99/year fee is part of the process. IF they can't justify that, they shouldn't be hiring out iOS development jobs.
Without Apple developer's account it is not possible. You would not be able to archive your code either. Have a look at these documents :
Apple's documentation : Exporting Your App for Testing (iOS, tvOS, watchOS)
Stackoverflow : How to export an ipa in Xcode 7
you have to enrolled into Apple's developer program, and add all UDID into you app device ID than generate a provisional profile. install it in xcode than create an archive, zip it and upload to diawi.com. Diawi( https://www.diawi.com/ ) is best solution, It will generate a link which you can give to client and they can install it on their device directly.
I have faced same problem at start of my job :)
- but it is not possible to generate ipa without apple developer account.
- and even if you connect device to deploy then device iOS version and XCode iOS version must be same.
you have to enrolled into Apple's developer program and this is not enough. For over-the-air installation you have to use apple's testflight or hockeyapp like third party apps.
I'm looking for a mechanism to allow our employees and a select few key business partners to download a copy of our Beta iOS app without having to register for TestFlight or register their device in one of our provisioning profiles to use a service such as Crashlytics.
Can the iOS Developer Enterprise Program achieve this? If we build an app using the enterprise provisioning profile would anyone with a link to the .ipa be able to install this app on their iPhone?
Using enterprise profile you don't need to add UDID of devices in it, you can make build using it and achieve from XCode. Then it can be installed in any iOS device.
TestFlight is integrated in iTunesConnect, so you can use iTunesConnect for managing a BetaCommunity. Advantage is that you keep better control as the apps expire after 30 days.
If you deploy apps build with enterprise certificate you can not prevent abuse ... everyone in the world can install these ipa-files.
I'm developing an app that is supposed to be distributed outside Apple Store. I've read the documentation about app distribution and don't got so clear to me how can I distribute to my specific client... I know I can generate the IPA file, but it is just for testing, right?
What I really need is: get the devices from my client, install the app on those devices for him...
I don't think I need the Enterprise Developer Program, right?
Thanks!
If you are planning to distribute huge amount of users you need an enterprise account. Regular developer account has an option to add device for testing and development up to 100 device.
If you want your app to be tested on clients device first you need to add device UDID onto your developer portal and generate provisioning profile for Ad-Hoc distribution and sign your app with this profile then you can upload it to diawi and send diawi link to your client.
you may watch following tutorial:
https://www.youtube.com/watch?v=XVO0tIHmQTg
You can use TestFlight for this. Its easy to use , optional and easy to integrate its SDK and is free for your mentioned usage.
You have to add the UDID of the iPad devices in the dev certificate and upload the app to testflight.
By integrating the SDK you can use multiple other functionalities support as well, like:
Sessions
Symbolicated Crash Reports
Production Crashes
Checkpoints
Remote Logging
In-App Updates
In-App Feedback
EDIT: you will be in need of UDIDs of the iPad devices only if you are not using Enterprise developer program.
I have developed an iPad application for particular company's staff.
How should i deploy it so that only the company staff can download this application.
If i use developer's profile, they will have to refresh the profile every 3 months.
So what is the other way?
Note: I have the device id of all the devices.
Thanks in advance.
Your option is to get Enterprise developer certification from Apple
read more on : https://developer.apple.com/programs/ios/enterprise/
You need to create an AdHoc build with a Distribution Certificate with all devices added to that certificate. you can find adhoc build in Xcode organizer
Here select Save for Enterprise or Ad-Hoc Deployment
if you are using an enterprise account you can allocate specific devices,
if you dont have the enterprise account, and an adhoc doesn't cut it[ expiration date very short], you can just use a password?, that the intended users will know?
use the token of the device, and if the registered token doesn't gets recognised, show an error login in screen
We have build an enterprise iPad App and now we want to give it to our employees. Initially when testing, we used ad-hoc distribution collecting all the test device's UDID and then creating the profile.
Now going live we want this app to be deployed in a secured web server and send the link to our employees, so that they enter the username and password before accessing the link.
There are around 500+ devices we need to install this iPad App. Do i need to collect all the UDID and then deploy the .ipa file, because Apple documentation says:
Create an enterprise distribution provisioning profile that authorizes devices to use apps you’ve signed.
If not that way, do the user needs to install the profile.mobileprovision file and then install the .ipa file?
We are still unable to decide how to deploy our app because of this issue. We would like to avoid the app approval process because it App handles a lot of sensitive data.
Can some one help me on this, how to do a OTA deployment for enterprise Apps?
As of December 2011, these are the steps:
Create a provisioning profile in your Apple Enterprise account
Set this as the Code Signing Identity under the Build setting of your app.
Make sure the Bundle ID matches that of the provisioning profile.
Select Product > Archive to build IPA file.
Click Share (aka Distribute) button after selecting your Archive.
Set Contents radio button to iOS App Store Package (.ipa)
Make sure Identity in dropdown is the one used from Enterprise account.
Click Next
Select the check box "Save for Enterprise Distribution"
For Application URL put in the URL that points to where the ipa file will be placed (example: http://oursite.com/myApp.ipa)
Click Save. This will save a plist & an ipa file for you.
Place these files on your server with a link formated like this:
<a href="itms-services://?action=download-manifest&url=itms-services://?action=download-manifest&url=http:/oursite.com/myApp.plist" id="text">
Go to this page from your device and click the link to install the app
Probably the best way to distribute your enterprise mobile app and then securely manage users, groups, data and devices is using a Mobile Device Manager (MDM) tool suite.
iOS provides specific APIs that support enterprise deployment via MDM products with API level features like Per App VPN connections that allow you to firewall a DMZ application server to only connect to a specific signed client iOS app. The vendors also provided authentication SSO integration and encrypted storage on the devices to sandbox your enterprise apps from other untrusted personal apps on a BYOD device.
Here's the Gartner 2013 review of MDM products:
http://www.business.att.com/content/whitepaper/Gartner-MDM-MQ.pdf
The 3 major players are now: Air Watch, Mobile Iron and Citrix XenMobile.
NOTE: I don't work for or have a vested interest in any MDM vendor.
There are two solutions
Try testflightapp.com
It does everything for you. It even has a SDK which I found very useful in debugging scenarios with logs and crash reports.
If you are looking to have your own hosted solution for the enterprise then
http://hockeykit.net/ is the best bet.
It has a client application which makes the upgrade process painless. It also have a server side code which you can deploy on your server.
https://github.com/TheRealKerni/HockeyKit
Update 2013-11-23:
We have been using Diawi happily for quite some time.
You can also use my shell script that will help you a long way with generating the necessary files and links:
https://github.com/sveinungkb/ios-ota-buddy
You do not need to manage UDIDs if you are using an enterprise profile.
To install an enterprise app you need a provisioning profile built with your distribution certificate on each device. See Does an iPhone Enterprise provisioning profile need to specify phone UUIDs like an ad-hoc provisioning profile does?
I've created tool (it's beta, so please be patient with it:)) for generating manifests from ipa file online:
http://manifest-generator.knejzlik.cz/
It generates plist with index.html file. All you need is to put content of downloaded archive to your site.
You can use InstallFish.com for this.
It allows OTA distribution for both IOS and Android. It also has a feature to automatically get the UDID and create your own appstores.
You will still need to provision them via your enterprise account but it makes the whole process of OTA installs much easier, especially for enterprise distributions.
You can use hockey, diawi etc. but sometimes you just want something simple that allows you to host it on your server. I was searching for a simple, basic php script that can do this but did not found any that suited my needs so I wrote a simple single php file server by myself and you can find it here:
https://github.com/leszek-s/LSIPASERVER
It has a list of all uploaded ipa files, upload page with password protected upload and each uploaded ipa has it's own page so you can send a link to specific uploaded ipa to someone. Feel free to use it on your own server.