Skip to main content

Configure MDMs for iOS

1. Create an iOS device policy

Navigate to the Policies menu and select Registration to display the Registration Policies view. Click the New Collection Policy button to start the Collection Policy Wizard. Select the iOS platform by clicking the Apple icon and the General view will appear.

Enter a short but descriptive name and description for the policy in the fields provided and click Next. In the Device Type view, select the appropriate sign-in type according to your needs - Full Control Device or User for BYOD environments (only available for devices running iOS 13.1 or later) and click Next.

In the Groups view, choose whether authentication is required for registration. If authentication is required, choose one of the following options - Password or Directory. To use password, enter a single password for all devices logging in with this policy and choose a device group target. To use directory, click the Add button to add directory groups, select a directory service from the drop-down list, and use the Find Groups box to find the group you want. Once the directory group has been added, select a device group target and the applicable terms and click Next. The Auto Enroll view is displayed. Click Next to continue.

In the Settings view, select one of the available settings and click Finish to finish creating the policy. The Enrollment Policy Information page appears, listing the policy details and device enrollment options.

Click the Email button to email the registration URL to a recipient. Click Manage emails to manage email settings.

Click the appropriate button to view and copy the IOS agent login ID.

Click on the registration URL to view or copy it directly.

Finally, click OK to complete the process.

2. Download the trust profile

Open the Safari web browser on your iOS device and navigate to the registration URL provided by your administrator. The SOTI Enrollment Service will open.

  • Tap the DOWNLOAD button on the SOTI registration service page to start the registration process.
  • You will be asked if you want to allow the website to download a configuration profile.
  • Tap Allow to start downloading the profile.
  • In the Select device pop-up window, select the type of device you want to install the profile on.

Once the profile has been downloaded, a Profile Downloaded pop-up window will appear. Tap Close.

3. Installing the Trust Profile

Open the Settings app and tap on Profile Downloaded under the PROFILES DOWNLOADED section.

  • Tap on the MobiControl Trust profile to open the Install profile window.
  • Tap Install and enter your passcode.
  • Tap Install again in the warning window.
  • Once the profile has been installed, a Profile Installed window will appear. Tap Done.

Return to the Safari browser with the SOTI Enrollment Service open and tap NEXT.

4. Distribute full trust for the root certificate

To enable Full Trust for the root certificate, go to Settings > General > About.

  • From there, tap on Certificate Trust Settings.
  • In the Certificate Trust Settings window, go to ENABLE FULL TRUST FOR ROOT CERTIFICATES.
  • Enable trust for MobiControl Root CA and Go Daddy Root Certificate Authority.
  • Return to the Safari browser with the SOTI Enrollment Service open and tap NEXT.

5. Enrolling the iOS device in SOTI MobiControl

  • Tap DOWNLOAD to install the configuration profile.
  • When you get the warning This website is trying to download a configuration profile. Do you want to allow this? tap Allow.
  • Once the profile has been downloaded, a Profile Downloaded pop-up window will appear. Tap Close.
  • Open the Settings app and tap Profile downloaded.
  • Tap Install Profile and enter your passcode.
  • Tap Install again in the warning window.
  • On the Remote Management pop-up, tap Trust.
  • In the Profile Installed window, tap Done.

Your iOS device is now registered with SOTI MobiControl.

6. Create and configure app policies

Once all desired devices are enrolled in the system, app policies can be created to add individual apps to a device.

To create an app policy, navigate to App Policies in the SOTI MobiControl menu in the top left corner. Click New App Policy in the top right corner to open the Create App Policy dialog.

Select Apple iOS and give the app policy a name and description. Go to the Apps tab and select App Store as the app source. Set the region to "Germany" and search for TheFlex. Then click the app in the drop-down menu to add the app to the app policy.

Close the Select Apps dialog box by clicking the Add button at the bottom right. You can then save and assign the app policy. iOS 13+ supports the Managed App Config function, which means that TheFlex can be configured directly via an MDM. To enable this feature, click the three dots to the left of the app. In the menu that appears, click on Configure to open the advanced configurations. Now select Managed App Config in the left menu and enable it in the right pane. The user can now configure the app as desired. To sync the configuration directly to the device after saving it, we recommend Checking-in the device.

After the desired app policy has been successfully created and assigned, its status can be checked on the device by locating and selecting the desired device under the Devices menu item. All assigned profiles, packages, rules and app policies can be found on the Configurations tab.

Managed App Config in the MDM