Manage Apple devices
Introduction
The operating systems iOS, macOS and tvOS were developed exclusively for Apple devices. Relution provides a set of features to configure and control Apple devices. Learn more about how to get started managing Apple devices.
Certificates
Before you start enrolling your Apple devices, you need to make sure that the Apple Push Notification Service (APNS) certificate is configured on your server. If you have a new server installed, Relution will already have certificates stored for you to use.
Enrollment
To be able to manage an Apple device, it must be enrolled in Relution. To do this, a so-called MDM profile is installed on the device. Three different types of enrollment are available for Apple devices.
iOS enrollments →
macOS enrollments →
tvOS-enrollments →
Supervised Mode/Supervised Mode
Monitored Mode/Supervised Mode allows you to distinguish Apple devices owned by your employer from personal devices. We recommend putting devices into Supervised Mode for unrestricted management and use of all MDM features. This allows restrictions to disable many features not needed for use in a school or work environment. Click on the link below to learn more about putting your Apple devices into this mode.
Relution Agent
Relution Agent is always automatically installed on Apple devices during enrollment. It is not necessary for device manageability, but provides a variety of additional useful features for users.
You can either get the Relution Agent from the Apple App Store (default) or upload it as a native app to the Relution App Store. If you use the native app, you have to configure it as a client in Settings > Relution Client Apps
If you use the version from the Apple App Store, it is recommended to keep a sufficient number of VPP licenses for the app, so that no problems occur during the start-up.
If your users work with Apple IDs on Apple devices, no VPP licenses are required.
Separate business and personal data
Managed Apps Apps that are deployed to your Apple devices through Relution are called managed apps. You retain control over these apps and can remove them and their associated data as needed. For iOS and macOS devices, you can configure managed apps through the Managed App policy configuration.
Managed Accounts For iOS and macOS devices, Relution lets you set up email and other accounts the MDM and manage them independently of personal accounts. With Relution, you can configure the following accounts:
- Exchange
- CardDAV
- CalDAV
- Subscribed calendars
- Google Accounts (iOS devices only)
Manage apps
Select the apps you want to use on your Apple devices and block or remove the apps that are not relevant. Manage, distribute and remove apps efficiently on a large number of Apple devices at the same time.
App Licenses
Every app that is installed on Apple devices through the Public App Store must be licensed. It does not matter if the app is free or not. The license can be obtained either via the user currently logged in via Apple ID or, if working without Apple IDs, via the Apple Volume Purchase Program (VPP). For VPP, access to an Apple School/Business Manager is required. For native apps, this is not necessary.
You can install the apps on Apple devices without users manually initiating the installation, as long as the Apple devices are monitored, i.e. in supervised mode.
App installation without user input →
VPP (Volume Purchase Program) apps can be installed on Apple devices that are supervised without user input. Learn more about VPP:
VPP setup in Relution →
Roll out VPP apps →
Block or positive list for iOS and tvOS
The block or positive list feature in Relution allows administrators to block certain apps on iPhones, iPads, and Apple TVs and allow installation of important apps. This feature prevents the installation of unwanted apps and hides installed apps that are already on devices from users if necessary. Click on the link below to learn more about blocking or allowlisting apps.
App compliance for iOS →
App compliance for tvOS →
Single App Mode for iOS
Single App Mode can be enabled on iPhones and iPads, restricting devices to a single app and blocking all others. It should be noted that the devices must be monitored (supervised) to enable single app mode.
Web link
The webclip looks like an app icon that links to a website when clicked. You just need to specify a label and a URL.
Add weblinks via policy →
Add web links and place via homescreen layout for iOS →
Protect MDM profile from deletion
Prevent removal of MDM profile from device settings by enrolling devices through Apple Device Enrollment Program (DEP).
DEP Profile →
Auto enrollment →
Network configuration and security
Ensure maximum security on your network by setting up appropriate configurations. With Relution, WLAN settings can be configured for all Apple operating systems. In addition, VPN (Virtual Private Network) and per-app VPN settings can be configured for iOS and macOS devices. Cellular (Access Point Network) settings can be configured for iOS devices.
Restrictions
The policy configuration of restrictions limits Apple devices in functionality. It is important to note the type of enrollment, as many restrictions only take effect on supervised devices (supervised).
System updates
You can update your Apple devices to the latest operating system version if your devices are supervised.
Administrators can also defer updates for supervised devices for up to 90 days. During this period, users will not be prompted to update devices to the latest OS version. This allows organizations to check for errors/problems or to check the compatibility of deployed applications with the latest OS versions.
Content filtering
Use the web content filtering feature to prevent access to specific web pages in your organization.
Homescreen layout for iOS
You can arrange apps on the homescreen of your iPhone or iPad as well as in the Dock, and place them in folders that can be created manually or automatically.