😁Way to go posting the answer there, KRhault! ... View more

nevermind, reread the post and my comment was less than helpful ... View more

Could you create a profile for user-enrolled devices with just those settings and scope differently? ... View more

Patwer, One trick I've found is copying the status table from the settings profile that I need to re-push, pasting it into excel, transforming into a table and hiding all the "installed" status devices, and then using =textjoin(" OR ", rangeOfCellsContainingSerialNumber, TRUE) to make a search string. then you can pull up only devices showing OOD or Not Installed status and push the sync commands. Hope this helps! -Dylan ... View more

Hey, Are you able to run a packet capture on the device in question? Would be interested in seeing if there's something in your network that might be blocking the outbound connection for server auth. Are you able to try a different network? Thanks, -Dylan   ... View more

Hey Robert,  Can you clarify how you're attempting to set this? Are you trying to enforce a standard home page for all devices? Are you trying to change the homepage on a single managed device from the device itself?  Thanks, -Dylan ... View more

So this, to my knowledge, is expected functionality. Home Screen Layout settings are not the same as App Removal settings, as it appears you've discovered. This is important for a number of use-cases, such as allowing personalized layouts while still forcing the presence of applications for troubleshooting or other reasons (e.g. I want every device to have TeamViewer QS installed but don't care if folks keep it on their home-screen since I can instruct them to swipe until they reach the app library view and search for it) ... View more

Hey @onebillion , did you ever get a resolution on this? I'm curious as I've got a buddy hitting a similar issue on their MDM solution with an .apk I helped put together.    Thanks a bunch! -Dylan ... View more

Sweet! Thanks so much for that! Any chance you can share where this information can be found so I can reference it in the future?  TY -Dylan ... View more

No problem, Blake! I figured it's be the responsible thing to do! Also, for anyone reading, the iOS 15.1 update is expected next week sometime. 🙂 ... View more

Adam,  Yea, you need the device to be in a Supervised enrollment status to do all the fun stuff. It's just SUPER! All the best, -Dylan ... View more

Julien,   What does the Audit Log and/or event log show after you've pushed the profiles?   Have you tried making a simple test profile with a minimal payload to test if any profiles at all are being pushed?   Best, -Dylan ... View more

That is deeply troubling, especially for those of us with large remote deployments in play.... I've also had a couple of issues with commands not processing, profiles not installing, and some weird "undefined command" messages in my logs lately....   If you figure out why the commands aren't being processed I'd be very interested to hear about it. ... View more

Hey Adambdc,  I'm also deploying a lot of devices to field staff. We opt to use a Lost-Mode command for these kind of scenarios since, as you point out, the passcode options are extremely limiting.    Hope this helps, -Dylan ... View more

So, admittedly, I'm not familiar with Sophos products, but I'm willing to help you think around this issue if you still need a hand.   based on what I'm reading on the Sophos website, you'll need to start by distributing the files for the installation as stated here """    Log in to Sophos Central Admin. Go to Protect Devices, then choose one of the following options: Download Complete macOS Installer Choose Components (this option is available if licensed for multiple features)   The file SophosInstall.zip is then downloaded and is by default saved on the Downloads folder. Extract its contents to the same folder. The following should then be found where the files are extracted to: Sophos Installer Components folder Sophos Installer.app These files must be in the same location because the file Sophos Installer.app requires the Sophos Installer Components folder to be in the same location when it runs.   Provide executable permissions to the following files before running the installer. This can be done with the following commands: sudo chmod a+x /Users/<username>/Downloads/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer sudo chmod a+x /Users/<username>/Downloads/Sophos\ Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper   Run the below install command: sudo /Users/<username>/Downloads/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer --install This command assumes that the Downloads folder contains the extracted files stated in the previous step. If the files were extracted to another location, change the command above to the corresponding folder. """     So my thought (have no testing data to back up anything I'm saying, so feel free to quit reading) was that one could take the .zip, distribute it across the devices using Munki. This would require us to step back and determine how we would get Munki client installed on the devices..... which is where SM's ability to distribute .pkg files comes in.      so now: 1. set up server-side of Munki 2. import Intercept X into Munki Server 3. distribute Munki client .pkg via SM 'apps' interface, which should be able to silently install the Munki client on the targeted machines silently, though you may have to dig for the right flags for the install command 4. On the same page where you would import the Munki client pkg, you can provide CLI arguments. Now you could just put together the arguments to extract, move, and install the Intercept X stuff, but personally I feel like it'd be easier to just write up a script to accomplish this and call the script in that CLI spot. IDK, up to you. 5. By this point, the installation should be pretty much complete to my knowledge... but some additional checks and clean-up can be performed too, as per Sophos' documentation on post-client steps...   I hope that makes any kind of sense, I'm sort of having a day. ... View more

Sorry to blow up your inboxes ya'll, but that attempt at clearing the SCEP error from the one iPad we're still seeing it on by removing it and re-adding it to the MDM server was unsuccessful. I'm still waiting on a Meraki Support response, but will keep ya'll posted ... View more

For the majority of the iPads (39/40) my team was deploying during this outage the issue was resolved without our intervention, we simply backed out of the error screen and advanced past the "Remote Management" screen again, and the enrollment/management profile downloaded successfully.   For the one iPad that we still can't get to cooperate the error continuously appears. I'm going to try unassigning it from the MDM server in ABM, adding it back in, and restarting. I'll let ya'll know if that has any effect. ... View more

I'm able to confirm that this appears to be resolved for us as well   iOS devices which had been enrolled prior to today are now sending and receiving updates from Meraki the Meraki SM application now is confirming enrollment status correctly the ~40 iPads we're setting up at the moment all seem to be taking the Management profile   Thanks everyone!   Edit: Still have one iPad that is giving us the SCEP server returned an invalid response error.... ... View more

No problem.    Anybody here have Android devices in their environments? None of the ones I manage have registered any communications/connections to the Meraki SM instance since 8:11 AM CST. Might be more of a global Meraki issue than an iOS specific issue, but I'm unable to verify due to some extenuating circumstances with our Android deployments. ... View more

Appears to be a Meraki SM issue, as I'm a member of a bunch of other MDM sys forums and nobody using a different solution seems to be experiencing issues.   Also wanted to point out that devices are not able to verify their enrollment status when we open the Meraki SM application as well. ... View more

Also seeing this in our environment, roughly 40 iPads all providing variations on Remote MGMT profile installation failure... ... View more