I just read about Mobile Device Management Server for iOS devices, but all documentations refers to "third party MDM Server".
My problem is how can I develop one "third party MDM Server" myself ? I failed to find any doc about this.
Asked
Active
Viewed 3.1k times
32
-
WWDC 2010 Session 108 - Managing mobile devices, explains how MDM server should work. That might be of help. Also look at this: http://www.apple.com/iphone/business/integration/ – 0x8badf00d Nov 16 '11 at 15:15
-
@0x8badf00d, I did see your links, however I need more on how to develop one. – Zhao Xiang Nov 17 '11 at 14:26
-
@ZhaoXiang were you able to develop one ? – Vrashabh Irde Oct 10 '13 at 08:03
-
@Slartibartfast nope, I've moved my interests to something else and I never actually tried to implement one. – Zhao Xiang Oct 10 '13 at 08:31
-
Did anyone implemented there own MDM server. – Imran Sep 22 '14 at 04:51
-
@Imran Hi Imran. Did you implemented your own MDM server for ios devices ? – sau Jun 08 '15 at 12:38
-
@sau yes I have done it successfully.What is your issue? – Imran Jun 10 '15 at 10:52
-
@Imran. I am trying to build MDM server for ios devices in PHP. I have done all the certificates part from here https://github.com/project-imas/mdm-server . I also read mdm protocol pdf & followed few answers on stackoverflow. But now not able to code i mean not getting the seqential steps. Please help me. Can i have your contact details ? – sau Jun 10 '15 at 10:57
-
Hi @Imran, I am trying to develope MDM server for ios devices in Java. Could you please help me out? like where to start and all? thank you in advance. – mor222 Apr 04 '17 at 07:55
-
I wrote my own iOS MDM in C#. It was really interesting. – Tomas McGuinness Mar 15 '23 at 12:54
7 Answers
17
You have the easy way and the hard way.
Easy way: OSX Lion Server ships with a "Profile Manager" section which offers the whole MDM process (with the SCEP stack). This service is made up of ruby scripts so you can peek to see how it's done.
Hard way: implement your Profile Manager (profile generation and management), implement your Push server, add the SCEP stack (and the LDAP or Active Directory if you need to) and pray for everything to works together.
I choose the easy way :)
Mogsdad
- 44,709
- 21
- 151
- 275
teriiehina
- 4,741
- 3
- 41
- 63
-
I kind of want to do it with ASP.NET on Windows, as all existing sites and DBs are there. And I want the manage app part most. Do you think that's possible? – Zhao Xiang Nov 17 '11 at 14:57
-
yes, but that's the hard way. the MDM stack in OSX Lion Server is based on ruby scripts. you should be able to understand the whole stack from those. But that's the hard way (yes, I know, I already said this three times) ;) – teriiehina Nov 18 '11 at 10:33
-
So, is it possible to install or remove a app on users' iOS device with the easy way or the hard way? – Zhao Xiang Nov 18 '11 at 14:30
-
1you can not explicitly install or uninstall apps on an iOS devices using MDM but you can manage the provisioning profile used by your apps. all you can make appear on the home screen of an iOS device is a web snippet (which you can use as a shortcut to you .plist for in-house distribution. the easiest way to check what you can (or can't) do with MDM on iOS is using the iPhone Configuration Utility (also available on windows). This utility creates the configuration profiles which are pushed by an MDM solution. Btw, this utility is available as a command line tool. hope this helps. – teriiehina Nov 19 '11 at 14:56
-
2@teriiehina you can install the apps using MDM and iOS 5. MDM has to support latest feature in iOS 5. Vendor we are using demonstrated that last month. – 0x8badf00d Nov 20 '11 at 13:25
-
@0x8badf00d > do you have any references to this ? our company must support iOS from 3.2 so we aren't looking at the very latest features ;) – teriiehina Nov 21 '11 at 09:48
-
1@teriiehina Hey i am looking for this and i am interested in the "easy way". If i take a mac mini, install OSX Server on it, can i push apps to in-house devices over the air? We have a Enterprise Delevoper Account. Thank you – Drazen May 28 '13 at 01:47
-
2@drale2k yes, you could but if your goal is to only to push apps, it will be easier to services like TestFlight or HockeyApp. With MDM, you could also push many settings: just have a look to Apple's "iPhone Configuration Utility". – teriiehina May 28 '13 at 05:53
-
@teriiehina Is there a way to debug the profile manager out of the box? I have the OSX Lion server.app installed and I have access to the scripts, but I cant make much of it(noob to rails and ios) – Vrashabh Irde Oct 10 '13 at 07:57
-
Is it possible to develop app for app store that should be used by unlimited users. And App should enroll itself on MDM server and setup configuration files. Without purchasing Enterprise account. – Ahad Khan Oct 30 '14 at 10:44
-
The question was asking "how to develop an MDM server". So the 'Easy Way' is not actually an easy way to develop anything, as it involves using a service – Jeremy Sep 06 '18 at 20:51
14
You can use the sample python code for MDM server provided in the MDM_Protocol named server.py. To test MDM implementation on iOS devices use your iOS Enterprise developer account to get the MDM certificate. You can use IPCU to generate Enroll config profile and you need to implement SSL for your server url. For more details refer question1 and question2
7
Here is some information on the structure of a server, at least.
Once you have signed up for the Apple Developer Network, you can access this document which provides greater detail in the specifics of setting up a profile server.
tufelkinder
- 1,176
- 1
- 15
- 37
6
You will need to join the Apple Enterprise Developer Program and then request the MDM documentation from Apple.
onnoweb
- 3,038
- 22
- 29
-
6Sorry, it is. That's not the technical documentation you need to implement MDM, that's just a high level description of the capabilities. – onnoweb Nov 16 '11 at 15:23
-
1http://developer.apple.com/programs/start/ios/ Technical Documentation available with Enterprise Developer Program is no different than signing up for free developer account or others (individual, corporate, university programs) – 0x8badf00d Nov 16 '11 at 16:11
-
@0x8badf00d that's not correct, the MDM doc is a 154 page manual specific to the MDM protocol. You are given access once you are an Enterprise Developer I have worked on both developer and enterprise accounts and that doc is only available on enterprise level – user602525 Feb 20 '14 at 20:01
-
-
@onnoweb can we do without enterprise developer porgam for testing purpose? – Saurabh Jain May 20 '17 at 12:01
3
I recommend you learning Dashcode development and then modify the Profile Manager shipped with Lion Server. Then implement your own MDM server with the acquired knowledge if this don't fit to your needs.
Good luck!
quarac
- 3,454
- 3
- 21
- 25
-
1Is the program used by apple to implement its MDM server, written in ruby. Also you can make web pages with it :D – quarac Nov 30 '11 at 11:44
2
Developing your own MDM could be a large amount of work, and due to the nature of implementing restrictive software, is likely to require extensive security testing. You don't want to allow users or external parties to compromise your MDM.
I would suggest actually purchasing an MDM if your budget allows. If this is just for you, then that's probably not helpful. If this is for 20 users+, then an MDM might be fairly cost effective.
I'm not going to recommend one in particular to you and instead link to a good article by computerworld that reviews a selection: http://www.computerworld.com/s/article/9238981/MDM_tools_Features_and_functions_compared
You will still need to test your internal apps thoroughly. For example, the sandboxed environment might allow HTML5 web pages but not Java apps.
Aidan
- 313
- 1
- 6