Posted on 06-12-2015 04:32 AM
So here is my problem I have over 4000 iOS devices on my network, when running update inventory those that are passcode enabled do not appear to update until the user actually unlocks the iPad. I have done the below tests to verify.
Left an iPad for three days that had a passcode and no inventory was collected. I manually unlocked the iPad and the inventory pulled.
Left an iPad for three days that had a passcode and no inventory was collected. I removed passcode using Casper and the inventory pulled.
Any suggestions on what to look for?
Posted on 06-12-2015 06:35 AM
iPads lose their Wi-Fi connection once they sleep, and the ones with passcode locks do not try to reconnect until they are unlocked. That's as far as I know.
Posted on 06-12-2015 08:39 AM
Tested the wireless as the cause, but on the devices I am testing with they have signal and I am able to remotely remove the passcode.
Posted on 06-16-2015 05:30 AM
@mradams If a iOS device is powered on, it'll be at the passcode screen & will still be encrypted.
SOME commands still work, such as remote wipe & passcode removal. But I guess inventory doesn't.
Might be worth clarifying with JAMF about this though.
Posted on 06-16-2015 06:27 AM
I have submitted a support request for this issue. Thanks
Posted on 09-16-2015 11:31 PM
From what I have rigorously tested, the behavior of the iPad is as follows:
When the iPad is connected to a known network and goes to sleep, it is able to receive commands to update inventory, clear passcodes or otherwise and therefore still has a connection to some network (whether at home or on site).
Once the iPad has shut down, battery dies and the iPad is restarted either because of low battery or user restart; the iPad has to be unlocked (user must enter passcode) in order to connect to any known WiFi network. The iPad will not reconnect to WiFi until the passcode is entered!
I have tested this on many different networks with many differently configured iPads and have had the same results. Even set WiFi network to not require re-authentication.
This presents a big problem in any education or business environment as the iPads are no longer susceptible to MDM commands once they are restarted by the user (and password is not entered).
Not sure if this is an Apple thing or a JAMF thing or both... Either way it is becoming a huge problem for all admins in education and business environments.
Please Help!
Posted on 09-17-2015 12:24 AM
Wow, that is pretty terrible. Having an iPad locked and unable to connect to Wi-Fi also has massive implications for Find My iThing. I wonder if Apple looked into this for iOS 9.
Posted on 09-17-2015 12:38 AM
@bentoms unlock doesn't work. As you say, iOS is encrypted and Wi-Fi keychain is part of that data, so if the user restarts the device, you HAVE to connect via Ethernet in order for the device to get the unlock command.