Meraki

Community

Prevent Removal of meraki app on supervised IOS device?

soomeGUy
Here to help
‎Sep 23 2017 4:07 PM
‎Sep 23 2017 4:07 PM

Prevent Removal of meraki app on supervised IOS device?

I want users to be able to remove the apps they install themselves but not the meraki MDM app on ios 11 tablets.  They are supervised.  Is this possible?  

 

Also, is it still not possible to force location on so users who take the ipads home with them cant just disable locations services to not trigger geofencing?

 

 

0 Kudos
8 Replies 8
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 23 2017 6:40 PM
‎Sep 23 2017 6:40 PM

I'm surprised uses can remove the Meraki app when supervised.  Are you sure?

 

I don't think there is much control with regard to location services.  Android seems to work nicer in this space.

0 Kudos
In response to PhilipDAth
soomeGUy
Here to help
‎Sep 23 2017 8:26 PM
‎Sep 23 2017 8:26 PM

@PhilipDAth wrote:

I'm surprised uses can remove the Meraki app when supervised.  Are you sure?

 

I don't think there is much control with regard to location services.  Android seems to work nicer in this space.

Yeah it lets you unless you have app removal restricted but then they cant remove any apps.  If this is not correct someone please let me know, as i could have a configuration issue then.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 23 2017 6:41 PM
‎Sep 23 2017 6:41 PM

If you ask the device for its location - or for it to check in, does it tell you its location then?
0 Kudos
In response to PhilipDAth
soomeGUy
Here to help
‎Sep 23 2017 8:27 PM
‎Sep 23 2017 8:27 PM

@PhilipDAth wrote:
If you ask the device for its location - or for it to check in, does it tell you its location then?

in my testing no, you must manually enable location in the ipad settings under privacy.  its so silly, if its a DEP and supervised device the company should be able to force location always on.  its pointless to allow the end user to just turn it off when they want to steal it or take it outside the geofence zone.

0 Kudos
In response to soomeGUy
PeterJames
Head in the Cloud
‎Sep 25 2017 5:07 AM
‎Sep 25 2017 5:07 AM

@soomeGUy


I completely agree with you!

Our customers could have a one-click setup process without this in the way.

Thank you,
Peter James

0 Kudos
In response to PeterJames
soomeGUy
Here to help
‎Sep 25 2017 5:14 AM
‎Sep 25 2017 5:14 AM

@PeterJames wrote:

@soomeGUy


I completely agree with you!

Our customers could have a one-click setup process without this in the way.

Thank you,
Peter James

I think the issue is on Apples side though not Meraki I was hoping this would be addressed in IOS11 but I guess not.

0 Kudos
Melissa
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Feb 6 2018 4:30 PM
‎Feb 6 2018 4:30 PM

Hi @soomeGUy! I'm late to this thread, but I think the steps below will help.

 

Unchecking the restriction "Allow App Removal " under Restrictions> ios restrictions (supervised) will lock all apps on the device - which doesn't sound like what you want. Instead, I might make all managed apps set to auto-install, so even if a user deletes them, they will be reinstalled by SM. Using VPP device assignment will also set this up to install silently (the user can't block or deny this). 

 

Here's more on that - https://documentation.meraki.com/SM/Apps_and_Software/Using_Apple%E2%80%99s_Volume_Purchase_Program_...

 

Screen Shot 2018-02-06 at 3.54.42 PM.png

 

With regard to your question about geofencing and location services - at this time Apple does not provide the ability to force location services, except through Lost Mode. In your case, I might actually use IP override to gather location info for your devices, and set a geofencing policy that is active when devices are off/outside of your network. That would work even if location services have been disabled by the user. 

 

Another option would be to use time-based tags, instead of location based tags. Do you want the device to operate different when your users are offsite - or do you simply want to know when they are offsite?

 

https://documentation.meraki.com/SM/Monitoring_and_Reporting/How_Systems_Manager_Approximates_the_Lo...

In response to Melissa
jared_f
Kind of a big deal
‎Feb 7 2018 6:12 AM
‎Feb 7 2018 6:12 AM

As @Melissa showed, setting the Meraki MDM app to auto-install will re-install it silently of the user deleted it.

Find this helpful? Click the kudos button. Thanks!
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.