You can easily create a backup of an iOS device using Apple Configurator. Once you’ve created a backup, it can be restored onto a number of devices. This contains iOS data and data outside of the secure enclave. These backups allow you to restore an iOS device, add apps (not using the backup), set backgrounds, set app locations on the home screen, etc.
To do so, open Apple Configurator and then click on the Prepare icon.
At the Prepare screen, click into the Restore field and then click on the Create Backup button.
At the pop-up menu, select the device you’re backing up (usually there’s only one) and then click on the Create Backup button.
Then choose the location you’d like to place the backup file.
Click Save and the backup starts.
Once the backup is complete, you will have an iosdevicebackup file in the location you saved the file to. This is stored on the iOS device and can then be restored to other devices.
krypted August 15th, 2015
You may have noticed a few new articles on Apple Configurator 1 recently (which isn’t assuming anyone actually notices what I’m writing about). While preparing for the massive change that is Apple Configurator 2, I’ve taken the liberty to put a page up compiling many of my articles that align into a guide on Apple Configurator 1, to offer up an outline for what I’ll be working on for Apple Configurator 2. This guide is now available at http://krypted.com/guides/apple-configurator/.
krypted August 13th, 2015
There’s a quick and easy IT Business Edge slideshow at http://www.itbusinessedge.com/slideshows/the-5-mobile-apps-you-really-need-for-smb-success.html that I helped with about 5 Mobile Apps You Really Need for SMB Success.
Hope you enjoy!
krypted August 10th, 2015
Little article I/Bushel contributed to from Tech Republic covering considerations for small businesses looking to move to the Apple platform. It’s available at http://www.techrepublic.com/article/5-considerations-for-smbs-that-want-to-move-to-apple/#ftag=RSS56d97e7.
krypted August 9th, 2015
So one of the projects I’m very involved in is a simple, new Apple Device Management (or MDM really) solution, called Bushel. By default, we give people 3 devices for free. If you’re in a position to refer people to Bushel, you can also use links that you send to people that will get you even more free devices (up to 10).
But some people want to sell things and earn commissions from them. And we fully support that. So you can become a Bushel affiliate and earn commissions from any referrals you send us.
To sign up to become a Bushel affiliate at http://www.bushel.com/affiliates. There, you can find links to refer customers/friends, marketing assets if you want to use our logos and see commissions that you’re earning. So… Join us and sell our stuff; we’d love to have you!
krypted June 16th, 2015
Apple’s Volume Purchase Program allows you to export a VPP token and then import that token into a server to create a connection between an MDM solution (e.g. Bushel, Apple’s Profile Manager, Casper, etc) and apps you purchase through the VPP portal. But what’s in a token? The VPP token is a base64 encoded file. You can cat the file and it will show you a bunch of garbly-gook (technical term):
base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken
But there’s more to it than all that. We can run the base64 command to see:
base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken
In some cases, this file can display improperly, if it fails use the following command:
echo `cat /Users/charlesedge/Desktop/kryptedcom.vpptoken` | base64 --decode
The contents of the file are then displayed, as follows:
This is a comma separated set of keys, including token, expedite and orgName. Do not edit any of this or you may spontaneously combust. The token establishes the trust but the expiration date will show you when a vpptoken expires and will need to be renewed by. The orgName is what you entered in the VPP portal when you setup the account and is also escaped and then used as the file name. These two pieces of data can help you if you have a bunch of vpptokens that you need to keep track of.
krypted May 19th, 2015
Posted In: iPhone
Verbose logging can help you isolate a number of problems with Profile Manager. Turn on verbose logging by writing a debugOutput key with a value of 3 into /Library/Preferences/com.apple.ProfileManager.plist using the defaults command:
defaults write /Library/Preferences/com.apple.ProfileManager debugOutput 3
Once set, restart the daemon using killall:
killall -u _devicemgr
To disable, just write the key with a blank value:
defaults delete /Library/Preferences/com.apple.ProfileManager debugOutput
Then restart the daemon again:
killall -u _devicemgr
krypted May 1st, 2015
Bushel is a Mobile Device Management (MDM) solution. We can manage all kinds of cool things, but there are a few things we can’t do. These include:
Apple Configurator can do many of these tasks, but has limitations. There’s a tool out there called GroundControl. GroundControl is super-simple to use, like Bushel. GroundControl can deploy a backup to a device, which is how it controls where badges are on screens. GroundControl can also provide the wi-fi credentials to get on a network, places devices into supervision (so Bushel can easily manage Activation Lock Bypass on non-DEP enabled devices), and can erase and update devices. In short, GroundControl closes a lot of the gaps we have. On the flip side, GroundControl cannot manage settings over the air, which is what Mobile Device Management is all about.
So let’s look at what all this looks like. Before we get started, if you’re going to follow along, know that you’ll need to wipe an iOS device in order to supervise the device, which GroundControl will want to do by default. And when we’re done, if you want to unsupervise your test device, you’ll need to wipe it as well. So, get a GroundControl account and login. Once logged in, we’ll create a Payload, associate it with a Launchpad and create a Policy to deploy it. The payload is a collection of all the tasks you’ll perform on a device. Click Payloads and then New Payload, to create your first payload. When prompted, use the “Add an item…” button to add tasks to what a given payload will do.
In this example, we’ve uploaded a Backup. and will now add a Restore from Backup task.
Then choose an image to restore or use the Upload new Restore Image option to upload a new one.
Next, we’re going to add a Wi-Fi payload so that our devices will automatically join our wireless networks. To do so, use the Add WiFi button in the “Add an Item…” menu. When prompted, provide the information for your wireless network, or upload a profile with the information in it.
When you have entered all of the required information for your wireless network, click Save. Then let’s add an enrollment profile, which will automatically enroll devices into Bushel. To do so, open your Bushel account and click on Enroll this device. When prompted, provide a name and email address and then click on the button to Download Configuration Profile.
When the profile downloads, use the “Add an Item…” menu back in the GroundControl web interface and select “Add Configuration Profile.” Here, choose Upload new Configuration Profile in the Add Configuration Profiles screen.
When prompted, select the profile you just downloaded.
Back at the Configuration Profiles screen, click on Save. Then, click Save Payload to save the changes you just made to your payload. Next, click LAUNCHPADS in the top menu bar. Here, click Download LaunchPad Mac 1.7.1 (or whatever version you see once a new one is released). Once downloaded, run and click on the button to Start Service.
Once started, you’ll see the LaunchPad listed in the web interface.
Click on your LaunchPad.
Click on Edit LaunchPad. At the Edit Launchpad screen, choose the appropriate timezone and provide any tags that might be needed. You can also use the Name field to define which station that a given launchpad might run on.
Click Save and then click on Policies. The policy binds the payload to the launchpad. Here, we’ll use the default. click on it to
At the Select a Default Payload screen, select the payload you just created and then click Save.
With the GroundControl Launchpad screen open, make sure the service is started and then plug in an iPad that is wiped and not yet activated into the system.
The device should skip activation, install your backup (aka image) and then apply the payloads you’ve configured. The end result should be a device enrolled into Bushel, complete with email, security settings and more.
Overall, we find that Bushel is perfectly useable as a standalone tool. And we find that Apple Configurator can be a great tool according to what you need. But as Bushel makes it easier to own devices for Non-IT device administrators than does Profile Manager, GroundControl makes it easier to setup a lot of devices than does its free alternative. If you’ll be working with a lot of iOS devices, then we couldn’t recommend GroundControl more!
krypted April 14th, 2015
I recently got the announcement of the new official Microsoft Office Accreditation through MacTech. I was lucky enough to sit in on the previous version of this, so thought I’d push out the information on it. It’s attached to the MacTech Pro Events that MacTech has been running:
As you know, Microsoft released a public preview of Office 2016 for Mac. MacTech and Microsoft have created a new accreditation for Apple techs called “Microsoft Office for Mac and iOS Accredited Support Professional, 2015.” Prior to the public Office 2016 announcement, we did a preview of this new course under NDA in Seattle earlier this month.
We’re now announcing the new accreditation — which covers not only Office for Mac (2011 and 2016), but also Office for iOS and Office 365. In short, anyone that supports others using Microsoft Offie on OS X or iOS should get attend and get this accreditation.
If you’re interested, check it out here http://pro.mactech.com/microsoft-office-accreditation/
PS – You can actually hear Neal’s voice when you read it! 😉
krypted March 20th, 2015
The latest book, Learning iOS Security is now available on Amazon, Packt, etc. One of my better writing experiences, so thanks to all for making it so! Buy it here, if you’re into iOS Security and all that kind of fun stuff.
krypted March 3rd, 2015