Posts Tagged ‘device management’

Activation Lock, Unlocked

Activation Lock is a security feature on Apple iOS devices that prevents unauthorized use of an iOS device after it has been factory reset, rendering the device useless. While this is an amazing feature for personal use, it has presented challenges for IT administrators trying to deploy iOS devices for enterprise use cases. While IT administrators desire the added security Activation Lock provides, they are often frustrated by the lack of enablement control and device status insight.  

Cisco Meraki’s mobile device management solution, Systems Manager, fully supports management of Activation Lock on supervised iOS devices. Let’s pull back the curtains and see how Cisco Meraki Systems Manager can help you effectively manage the Activation Lock status of your device fleet.

How is Activation Lock enabled?

There are two different ways to enable Activation Lock:

  • Device Activation Lock: The device owner enables Find My iPhone/iPad on the device with their personal Apple ID account.
  • MDM Activation Lock: Meraki Systems Manager enables Activation Lock with an MDM command. This action is only available on supervised iOS devices enrolled using Automated Device Enrollment through Apple Business Manager (ABM) or Apple School Manager (ASM).

How do I check the Activation Lock status of iOS devices?

You can view the Activation Lock status for each device in the “Management” section of the device’s details page in Meraki Systems Manager.

If Activation Lock is “Enabled”, Find My iPhone/iPad is enabled and the device’s activation may be locked by an owner’s personal Apple ID. MDM Activation Lock indicates that Meraki Systems Manager sent a command to enable Activation Lock on the device. The device’s activation may be locked by the Apple ID of an IT administrator with management rights in the ABM or ASM portals.

You can also view the Activation Lock status in the Devices list in Meraki Systems Manager by adding the applicable column to your view.

I wiped an iOS device and Activation Lock is enabled. How do I bypass or disable Activation Lock?

There are several methods to bypass or disable Activation Lock:

  1. Apple ID: Enter the email address and password of the account that enabled Activation Lock on the device. Depending on how Activation Lock is enabled, this may be the user’s personal Apple ID credentials or the Apple ID credentials of an ABM/ASM administrator. 
  2. Bypass Code: When Activation Lock is enabled on supervised iOS devices, Meraki Systems Manager stores a bypass code, a randomized 30 character string, which can be used to clear the device’s Activation Lock state. In situations where both device and MDM Activation Lock may have been enabled, Meraki Systems Manager stores the codes generated for each type. The bypass code can then be entered at the Activation Lock screen to clear the Activation Lock status.  

Clear Activation Lock Command: Meraki Systems Manager can send a remote command to Apple to clear Activation Lock on supervised iOS devices using the known bypass codes.

How can Meraki Systems Manager help me manage Activation Lock settings?

Meraki Systems Manager can only manage Activation Lock settings on supervised devices. If devices are supervised, Systems Manager prevents end users from being able to enable Device (Find My iPhone/iPad) Activation Lock by default on enrollment.  

Via the “Privacy & Lock” payload, Meraki Systems Manager can be configured to automatically allow Device Activation Lock, and/or automatically enable MDM Activation Lock when devices are enrolled.

Check out Meraki Documentation for more information on how to manage Activation Lock settings and behaviors with Meraki Systems Manager. If you would like to learn more about Systems Manager, join us for an upcoming webinar (where you can qualify to earn free System Manager licenses), or call the Meraki sales line to start a risk-free evaluation.

This Holiday Season’s Must-Watch: Systems Manager

Apple TV

In a variety of different industries, Apple TV is helping provide better guest experiences and increase user engagement.

Educational environments around the globe, including classrooms, hallways, and entire campus structures, are becoming more technologically integrated. Apple TV is a common tool used by instructors to share information. Teachers are able to better engage with students while seamlessly sharing content from their iPads to on larger screens, enabling easy collaboration and spontaneous sharing between students.

In the hospitality sector, making the guest experience an “at-home” experience has always been a top priority. Today it is more common to see technologies like Apple TV provide a platform for proactive and efficient communication. Employees can easily share relevant information with guests and other hotel staff, resulting in simpler and more automated hotel operations. Local recommendations, amenities, and seasonal offerings can be featured in guest rooms and around an entire hotel, allowing guests to constantly be in the know, without it interfering with their stay.

Having received a ton of requests for Apple TV support from our customers, Cisco Meraki is happy to announce that Systems Manager now fully supports Apple TV (tvOS). With the addition of tvOS, Systems Manager now supports six operating systems, with tvOS joining iOS, MacOS, Android, Chrome OS, and Windows.

The new Systems Manager feature allows customers to manage Apple TV-enabled devices similar to mobile phones, tablets, laptops, desktops and other endpoint devices.

With the way these verticals are using Apple TV and how it contributes to their business, any downtime on these devices can be costly. Not being able to get alerted when an Apple TV is offline, locate and erase a lost device, or enroll hundreds of devices at the same time results in a stressful and inefficient experience for IT admins.

In order to optimize technologies like Apple TV for better student engagement, larger revenue streams, and improved customer experience, managing these devices needs to be intuitive, fast, and to-the-point.

Systems Manager caters to these needs by:

  • Supporting new out-of-box enrollment (OOBE) capabilities using Apple DEP for easy Apple TV onboarding
  • Providing remote troubleshooting tools (such as locking devices, selectively wiping, erasing a device, and rebooting)
  • Allowing device restrictions — now made easier with an updated user experience and more security for AirPlay and Single App mode
  • Enabling easier addition and synchronization of tvOS apps via VPP

The list doesn’t stop there — if you are familiar with Systems Manager, the experience is built to be on par with the management of other Apple operating systems such as iOS and macOS.

If you would like to learn more about Systems Manager, join us for an upcoming webinar (where you can qualify to earn free System Manager licenses), or call the Meraki sales line to start a risk-free evaluation.