IPSEC VPN Settings via Profile Manager

Similar Messages

• Where do Apps uploaded via Profile Manager go?

  I've just up updated around 30+ apps and I've had to manually add them via profile manager one by one!
  I was just wondering if anyone knew the location where the apps are stored on the server as I thought I could perhaps just drag and drop all of the updated ipas at once.

  There are several tools which allow selecting network profile settings with respect to sites i.e. available network environment data:
  ControlPlane - <http://www.controlplaneapp.com/>
  Little Snitch - <http://www.obdev.at/products/littlesnitch/>
  and maybe some more.
  Additionally, you may find this discussion helpful:
  ML Server: How do i push my school proxy settings to our ML clients?
  i.e. <https://discussions.apple.com/thread/4715399>

• Set advanced IMAP settings with profile manager?

  I've finally gotten profile manager working successfully so that my employees can enroll their iOS devices and laptops for easy setup of our company services. However, there are two advanced IMAP settings we need to manage that are not available in the Profile Manager controls.
  Is there a way to crack open a profile source and add in the keys for advanced IMAP settings? Specifically, i need to set "Remove Deleted Messages" to "Never" and assign an alternate mailbox for "Deleted Mailbox" under "Mailbox Behaviors"
  Thanks for any help or advice!

  While I was not at the time trying to do it via Profile Manager I did previously look at trying to enable Location Services via a script. Unfortunately I found it too hard or more accurately I failed to do this. I ended up 'cheating' by logging in on a test Mac, manually setting up Locations Services the way I wanted including most importantly setting the Security & Privacy settings to allow a specific application to use Location Services. I then saved a copy of the relevant configuration file which is -
  /private/var/db/locationd/clients.plist
  I then as part of my DeployStudio workflow to image fresh computers included a step to copy this to the correct location on the fresh computer, thereby 'restoring' the settings.
  So the short answer is that /private/var/db/locationd/clients.plist is the file but the structure is such that a simple defaults write is not possible.
  Let me know if you get anywhere with this.

• Safari Keep-Alive via Profile Manager

  Greetings Community!
  Does anybody know of a way to issue a keep-alive to Safari via profile manager so it always stays open and that if it somehow closes it will automatically re-open?

  Worked it out!
  I also host a couple of personal websites and these were configured to use the IP of the server; removed this and set it to use the "Any" option and profile manager started working as expected. Not done a full test of the entire thing to see if anything else is broken but this has me moving on from here!

• Deploying Calendars via Profile Manager

  I recently needed to start sharing calendars between staff here at school. I have successfully created and shared calendars between two test accounts, setting them up manually via the "Mail, Contacts & Calendars" section of system preferences for each user.
  I then shared then opened up the calendar app and shared each test accounts calendar with each other via the right click menu>Sharing Settings.
  Everything is working exactly as I want but I want to automate this setup for our staff and so I turned to profile manager thinking that we could at least skip the step that was covered through "Mail, Contacts and Calendar".
  I could not.
  It seems that Profile Manager settings requires a password which is terrible and that would have all staff subscribe to one calendar account rather than having their own.
  Is there a way around this or am I destined to set up each user individually?

  Thank you both so very much for using these forums. Today I was having the issue of the profile not pushing when there were Calendar settings in the profile. Then I ran across this discussion. I was able to confirm your findings Henry. Indeed when I set it to manual, downloaded the profile and installed, it worked like a charm. (sad this is still an issue in Yosemite) Anyway, it gave me an idea. All I did was add a description to the General section of the profile, changed it back to automatic push, no password installed and using SSL, and it worked. I have no idea, but just placing a comment in the field did the trick. Thought it should be shared. Thanks for your discussion, help, and feedback. Have a great day!

• Complete list of settings in Profile Manager

  Hi!
  I'm looking for a complete list of the settings available in the Profile Manager for iOS devices.
  Restrictions
  Push Apps
  Push books and PDF's
  Passcode policy
  etc. etc.
  So, is there a list out there with all the settings and features of Profile Manager with iOS?
  Thanks!

  Apple has a good developer page on most of the payloads:
  https://developer.apple.com/library/ios/featuredarticles/iphoneconfigurationprof ileref/introduction/introduction.html
  Sadly, Apple does not provide many examples nor a clear explanation of the management levels.  But this is a great reference and now it includes OS X payloads, despite the URL name.  Sadly, not all profiles are listed yet but Apple seems to be revising the document.
  Reid
  Apple Consultants Network
  Author "Yosemite Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
  Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
  Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store

• Is there an easier/more-automated way to create user settings in Profile Manager?

  I'm setting up a Mavericks Server and am setting up the settings for each user within the Profile Manager. I'm finding somewhat tedious to have to enter all of the server and account information per service per user. Seeing that it knows the details of the server it's running on – and the user for whom I'm setting up the profiles, is there no automatic way to produce a settings bundle for each user? At the very least, the server hostname and username should be prefilled.

  What settings are you setting in the profiles? You can set a general setting that is available to all users, and also create various device configurations and add devices to them. I personally have not found much use for user specific profiles within profile management.   

• Messages Settings in Profile Manager 2.1 Mountain Lion

  Just want to let anyone and everyone know about something that I've found in Profile Manager.
  I have been messing about with Messages, trying to get it set up without any success but I have found something that could be useful to anyone else in the same situation.
  When applying messages settings to a Profile it seems to spoil all other settings, or at least Dock settings.
  I set up my Dock and other settings for a group and all was fine. I then added the messages settings to the group and all of the Dock settings were removed leaving just Finder and the Trash Can in the dock.
  Removing the Messages setting restored the previous Dock settings and everything is back to normal. Perhaps I am doing something wrong but this seems to be a bit of a bug with Profile Manager.
  On a side note, I'd really appreciate some help with setting Messages up. I work in a school where it would be great if the teachers could use Messages as instant messaging between classrooms.

  Did you ever get this resolved? This error is usually related to DNS, hostname, or Open Directory configuration. Let me know if you still need help.

• Is it possible Messages Settings break Profile Manager?

  I've recently been playing about with the Messages app in ML and ML server.
  I've got everything working manually, as in going to each machine, logging in as the user and adding their credentials to the Messages app.
  I'm trying to automate this using profile manager, I've done simialr for Mail settings but the profile never succeeds. Always fails.
  Removing the Messages component from the Profile makes everything work again.
  Is this possible? I don't see how it could be any of the information that I am typing in the boxes that breaks it, I've been using %short_name% for the use names, this works for the Mail settings, could this be breaking it?

  Hi,
  Partner profile setting are actually soft configuration and you cannot transport them.
  You have to set partner profile in all stages.
  Nilesh

• Early on while configuring the Device Management settings in Profile Manager (Mavericks server) I received an error code -1

  When I started up the Server application, Profile Manager was not selected as expected.  I selected it and started the first step of configuring Device Management in the Settings section.  I entered the organization information and went on to the next step which was to Configure an SSL Certificate
  I selected a "Self Signed" Cert.  Which was the only one of the two choices that made sense.  The other being the, com.deploystudio.server - Self signed
  Hit next and it processed the info and went to "Finish"  I click "Finish" and this is what I get when the setting are confirmed.
  I stopped there since I suspect this error will probably come back to haunt me further down the line as if you recall we could not get the Profile to install due to the invalid cert which I suspect has something to do with this code -1 error at the get go.  I ran the one command line instruction twice to verify this was not a quirk and the same occurred.
  sudo /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/wipeDB.sh

  Did you ever get this resolved? This error is usually related to DNS, hostname, or Open Directory configuration. Let me know if you still need help.

• Disable USB drive write access via Profile Manager

  Is there a way to disable users from plugging in a USB flash drive and copying files to it via the Profile Manager?
  We are trying to configure this on a Mac network running 10.10.x with Server 4.0.3.
  I understand that this can be done by deleting the IOUSBMassStorageClass.kext as a solution in older versions of OS X and that this was apparently possible in Workgroup Manager (now legacy and not supported). I would like to learn how to do this using the latest methods in 10.10.1 or 10.9.
  Any tips would be greatly appreciated.
  Cheers,
  MC

  I post on both to try to raise awareness. All previous topics have been to delete the usb drivers, put hot glue in the ports and to use the now non-supported Workgroup Manager. Thanks for checking though!

• How to deploy settings in Profile Manager through Device Groups

  When I go to the Profile Manager web page and create a device group and configure the payload settings it doesn't seem to send the profile settings to the Mac devices that are in the group. How do I go about getting this to work so when I get a new device that is enrolled all I have to do is throw it in the group so it will automatically push out the correct payload settings that I configured?

  What you're asking should work.  You should be able to create a Device Group and adjust the setting for that group.  Then when you add a device to that group, the settings will be pushed to the device automatically.  So, it leaves me with a few questions for you:
  Why don't you think it sends the payload?  When you look under "Activity" do you see tasks in the "Active" area or in the "Completed" area... or something else?
  What are you trying to change?  Setting up email accounts on iPhones will appear right away, but there are other changes (especially on computers) that don't take affect until it restarts (or the user at least logs out and back in).
  Are you sure you have devices in your device group?  Sorry, probably a really silly question, but under your device group, do you see the devices under the "Members" section?
  Are your devices "trusting" your server?  Did you add the trust profile to the device when you enrolled it? 
  Sorry I can't be more help... but I can tell you that you can do what you are asking.  We have it set up in our office, and it works really well.  We just add the new device to the device group and it does the rest.

• Lion Server app not responding(it says Error reading settings under profile manager tab)

  Hello,
  I have installed Lion server app 10.7.3 but due to some reason i am unable to use it since it gives me an error (Error reading settings)
  I have fully made server app functional also added devices but now i cant use the profile manager tab.
  Even when i try turning ON the tab it comes back to off state.
  Need help.
  Regards,
  Vikram Madhav Shinde
  <Phone number Edited by Host>

  I ended up booting to the recovery partition, erasing the hard drive, and starting over.
  All is working fine now.

• Configuration Profile Custom Settings in Profile Manager

  Hi All,
  I'm a newbie when it comes to OS X configuration profiles. Does anyone have any resources on customizing or editing configuration profiles?
  I've been playing around with Profile Manager for a few days and see the "Custom Settings" tab. I'm curious what kind of things I can customize here. Being a newbie I don't know where to start.... If anyone has any documentation or link to online resource or book recommendation on editing mobileconfig files or creating custom settings with payloads in Profile Manager I'd really appreciate it!! There are a lot of tweeks that I'd like to set on our computers and I'd like to see if I can do these tweeks with configuration profiles.
  Thanks in advance for your help!
  ~Joe

  Thanks for posting Brian  You're 100% right.  It's been noted and the revised article should be published shortly.

• Setting parental controls via profile manager

  So I've got Lion Server running on an older mac mini.  I've setup up accounts on the server for my kids.  (they're my guinea pigs!)  We have 2 other macs in the house both running Mavericks.  I'm able to do a networkin login into the kids' accounts from those client machines with no problem.  I'm also storing their home folders on the server and creating "mobile" accounts (I think that's the terminology) on the client machines.  I've installed the Trust certificate from the server onto those client machines.  I've also installed the group certificate on the client machiens.  (most of the profile manager settings I have for the kids are handled in a group called "kids")
  Here's the problem:  if I try to enforce parental controls on the kids' accounts (such as limiting the time they can be on them, etc) it doesn't work.  In fact, after the settings get pushed to the client machines, they (the client machines) often will lock-up or start acting really flaky.  A reboot "fixes" that, but the parental controls still won't work.
  I've tried this literally dozens of times with the same result.  Other changes in profile manager, such as restricting access to certain apps, DOES seem to work. It's mainly just the settings related to parental controls that seem to be the problem. 
  Am I doing something wrong?  Is this stuff supposed to work?  Thanks for any help, this is incredibly frustrating!

  Unfortunatley I never got this resolved.  In fact, it turns out that this is really a bug in how the parental controls work with a "managed" account.  All of the other settings that can be managed on OSX server seemed to work just fine in my testing, but the parental controls do not.  Or more specifically, the curfew (time limit) settings definitely don't work.  It's hard to believe, but apparently this is a use-case Apple never considered.  (if you do some googling for parental controls and OSX server you'll find we're not alone) 
  I don't recall exactly, but if you're trying to determine if changes got pushed to the clients there is something in the profile manager (web UI) that shows "completed tasks" or "active tasks" (or something like that) which should show what was pushed and if it was succssfully received by the client. 
  Anyway, after all that effort I ended up not using the profile management feature in OSX server at all.  My kids accounts are now just plain 'old local accounts.  I came to the conclusion (as many others have) that OSX server, at least in a home setting, just isn't worth the effort.  It's too bad because if it all worked properly it could be really useful.  If you still want to mess around with OSX server you might want to check out some nice youtube videos by a guy named Todd Olthof.  He has a bunch of videos on OSX server that are actually geared completely towards the home user. 
  Good luck!