5 Replies Latest reply on Aug 3, 2017 4:05 AM by Frank Wils

    MDM Apple Device control


      I have two questions:


      The First:


      I installed the LANDESK agent to my iPhone 5, then I have tried to unlock it but the request sent with no action ! what the cause and solution?
      noting that locking request sent successfully and the phone locked!



      The second one:


      when I made distribution package to install some App to my iPhone I receive request waiting to press install or cancel, if I press cancel to not install the App it keep appears every few seconds till I press install, what the cause and solution?

        • 1. Re: MDM Apple Device control
          John Haddad Expert

          Hi Murad,


          i have read some articles for the same issue and one of the guys mentions this :


          "" hi guys i came across this problem a while back and my solution was simple.  when i enrolled the device i enrolled it with "username" only.  You need to put in "domain\username" if you dont, the device will enroll and only pull down the enrollment profile, but nothing else.  You will be able to send lock and such down, but will not ever recieve any other policies.""


          if you can send other policy then it sounds like APNS communication is broken somewhere.

          Were you able to enroll the device successfully? If so, this means the certificates are setup correctly but APNS is configured all the way. It could be that the ports are opened from MDM to the internet. It could be the APNS topic in the MDM profile settings isn't correct.


          Have a look at the logs on the MDM machine in the folder c:\Program Files (x86)\landesk\mdm\data\logs.


          hope this helps

          1) There should be an MDM server. Check for the log files on the MDM server not the core server.

          2) Verify the APNS subject is correct in the iOS enrollment settings dialog. Should be in the format of com.apple.mgmtxxxxxxxxx.

          3) Verify the ports 2195 and 2196 are open from MDM to internet.




          2 of 2 people found this helpful
          • 2. Re: MDM Apple Device control
            Frank Wils ITSMMVPGroup



            First, outgoing communication doesn't go through the CSA, so, as John mentions, make sure ports 2195 and 2196 are open from your Core Server to the internet.

            Second, make sure the Inventory of your device contains a MDM Token. This is used to communicate with your specific device.

            Last, you can check the MDM.DLL.LOG in the LDLOG share on your Core Server for any errors.


            As for your Package, this is the way it should behave. You push a package, but the user has to confirm to install it. If they cancel, your task is still active, so the request will keep coming back until they install it. There is currently no way to install 'silently'.




            • 3. Re: MDM Apple Device control
              Frank Wils ITSMMVPGroup

              Hi John,


              Just to clarify and avoid confusion, I think your comments are based on LANDESK 9.6 in combination with Avalanche. The LANDESK/Ivanti 2016 and 2017 versions have MDM integrated, don't use the APNS subject anymore when enrolling and the logs are in a different location.




              • 4. Re: MDM Apple Device control
                John Haddad Expert

                Ops forgive me my friend
                am an old one

                • 5. Re: MDM Apple Device control
                  Frank Wils ITSMMVPGroup

                  No problem


                  Just wanted to prevent any confusion