Manage App Permissions through Meraki

Tom-B
Here to help

Manage App Permissions through Meraki

Hi, I'm in the process of trying to streamline some processes for when we wipe/recongifure devices in my organization.

 

Essentially we loan iOS devices frequently- to employees/guests/clients/etc.

 

When the devices are brought back they are wiped and a 'baseimage' is applied through Apple Configurator 2.

It doesn't do much but it makes the text bigger, disables some other settings, etc.

 

Then the setup screen is completed manually to enable location settings and get the DEP settings which let Meraki do the rest, push apps, restrictions, profiles etc. etc.

 

Once the apps are pushed we signin to a couple of them using specific credentials (we loan to all sorts of people - many are not familiar with iOS so it is sent out 'ready-to-go'.

Unfortunately, AFAIK, manage App Credential this phase and my organization does not have an identity provider I can use to configure SSO.

 

However, all the apps (SM included) require some permissions (SM needs location so we can GPS track), our other app needs access to the Microphone/Cameras - is there any way to 'grant' these permissions programmatically or through Meraki? These are all supervised devices. The baseimage/device backup does not seem to 'backup' these permissions.

 

Cheers,

3 Replies 3
vassallon
Kind of a big deal

@Tom-B Unfortunately Apple is in control of enforcing most of those setting and giving us rights to set those automatically through either Apple Config 2 or MDM. Basically if you can't do it through AC2, you won't likely be able to do it through the MDM. 

 

I have asked Apple for the ability to force location services on and to allow us the ability to turn on location services within the Meraki App. At least now we have an option to force notifications on in the Meraki App so that's something at least.

Found this helpful? Give me some Kudos! (click on the little up-arrow below)
PhilipDAth
Kind of a big deal
Kind of a big deal

This is a good question for @jared_f. Jared can you help?

jared_f
Kind of a big deal

As @vassallon states, no it is not possible to enforce app configurations. It has been a while since I have used AC2 to "image" an iPad, but could you possibly configure an iPad and create it as the master backup and sync it to all the others? I believe you can use automated enrollment DEP in AC2 for Meraki.

 

Not sure if this would work, but that is the only work around I could think of.

 

~Jared

Find this helpful? Click the kudos button. Thanks!
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels