iPads defaulting to Cupertino time zone during setup phase

RLR
Valued Contributor

Got a bunch of ipads that I recently wiped and update to 11.2.1 via apple configurator so I can set them up as shared iPads. I've gone to start the setup and they are defaulting to the Cupertino time zone (we're in the UK) which means the MDM enrolment profile won't install because the time is so far out. I've selected United Kingdom as part of the setup but this doesn't help. I've allowed the location services screen to appear but it doesn't get that far because it can't download the enrolment profile.

Is anyone else in the UK experiencing iPads defaulting to Cupertino during the initial setup phase?

1 ACCEPTED SOLUTION

bentoms
Esteemed Contributor
Esteemed Contributor

@RLR Enabling Location Services should be what you need. This, therefore, sounds like another issue.

Device time is relative to UTC, so if a US time like -08:00 it doesn't matter as long as it's the correct time for -08:00.

But, this only really matters for kerberos where you need devices & servers to be within 5 minutes of each other.

The main thing you might seen in relation to time & enrolment issues, is if the clock resets to epoch (January 1, 1970). This would mean that any SSL certs are not trusted as they are not seen as valid "yet" on the device.

As a rule of thumb, we always keep Location Services showing via DEP to avoid the aforementioned epoch issues.

As for this issue, i'd be looking to grab some logs to see what's up.

View solution in original post

2 REPLIES 2

bentoms
Esteemed Contributor
Esteemed Contributor

@RLR Enabling Location Services should be what you need. This, therefore, sounds like another issue.

Device time is relative to UTC, so if a US time like -08:00 it doesn't matter as long as it's the correct time for -08:00.

But, this only really matters for kerberos where you need devices & servers to be within 5 minutes of each other.

The main thing you might seen in relation to time & enrolment issues, is if the clock resets to epoch (January 1, 1970). This would mean that any SSL certs are not trusted as they are not seen as valid "yet" on the device.

As a rule of thumb, we always keep Location Services showing via DEP to avoid the aforementioned epoch issues.

As for this issue, i'd be looking to grab some logs to see what's up.

RLR
Valued Contributor

@bentoms Thanks for the info. We enabled SSL Inspection and added the certificate to the prestage enrolment. Removing this certificate has fixed the issue. Guess we'll create a configuration profile and scope the certificate to the mobile devices.