Personal AppleID's in the Enterprise
My company would like to purchase Final Cut Pro. From what I have read, the company can get an Enterprise AppleID. However, even with an Enterprise ID it appears that we only get a code. Then the user has to use their own AppleID to redeem the code and install it on their work Mac. My question is once they leave the company how do we make sure they can't download the same app at home and how do we set it up so the next employee can download the same app without us paying again for the software? Our policy is to wipe machines when an employee leaves and set everything up from scratch which would wipe out the Final Cut app.
My question is once they leave the company how do we make sure they can't download the same app at home and how do we set it up so the next employee can download the same app without us paying again for the software?
The next employee cannot download the app from another user's Apple ID.
Apps can only be re downloaded for free using the same Apple ID it was orginally purchased from on their authorized Macs.
Similar Messages
-
I was told I need to remove the enterprise server account I have and need to add a new one for work but the IT person did not tell me how to do this. Can anyone help?
Jennymbell, never fear help is here!
Have you tried contacting your IT department for assistance? You can visit http://bit.ly/QECbGh for steps on how to enterprise activation.
Keep me posted if you need further assistance.
John B
Follow us on Twitter @VZWSupport -
Personal iPads in the enterprise - keeping work/personal apps separate
Hi All,
I work in IT for a school district. Recently, we got a grant for iPad training. As part of that training, every teacher that attended the classes was given an iPad. The problem is, that because of the way the grant was structured, the iPads ended up belonging to the teachers personally instead of belonging to the school district. Since all these teachers now own their own iPads, we do not want to spend the money to buy them a second "work" iPad.
I am trying to come up with a solution that allows those teachers to use their own iPads in our school environment. Specifically, I am looking for a way to be able to purchase needed iPad apps with school funds, install them on the users' personal ipads, but prevent the user from backing up/syncing those apps with their home Mac/PC.
The best idea we have come up with so far is to create a generic Apple ID for each teacher, such as "schoolname-01", "schoolname-02", etc. The school's IT department would then be the only ones who would have the passwords for those accounts. The IT department would then download and install the school owned apps on the teachers' personal iPads using one of the generic "schoolname-xx" accounts. The theory is that the iPad registers and stores the Apple ID used to purchase each app, so we will be able to tell what apps are bought with school money and what apps are bought by the teacher for personal use.
Obviously, this is not an ideal solution, but we haven't been able to come up with a better one. The biggest question we have is this: each of these personal iPads is going to be sync'd with the teacher's home Mac/PC. Since the home Mac/PC will not be authorized for the generic "schoolnamexx" Apple ID that was used to install the school apps, will that mean that only the teacher's personal apps will be backed up when they sync with iTunes, or will iTunes back up every app, regaurdless of what Apple ID was used to purchase it?
Also, since an iPad can only sync with one Mac/PC, how can we back up the apps purchased with school funds? Theoretically, we can re-download them from the app store, but only so long as they are still available for sale.
I would appreciate feedback from anyone who has had success integrating personal iPads into a work environment.Hi gyrhead,
Thanks for the information. I understand that the teachers will not be able to transfer app purchases from the school Apple ID to their personal Apple ID. The concern we have is this: what do we do when a teacher with a personal iPad with school software on it leaves the district? I know we can re-download the software purchased with the school Apple ID onto a new iPad, but how do we get the school software off the teachers iPad?
If a teacher leaves under bad circumstances, there is not much hope that we will be able to remove the software from their iPad. If their is a solution to remotely wipe apps installed under a specific Apple ID I would love to know about it.
However, if a teacher leaves and it is an amicable parting, we are hoping that the teacher will allow us to remove the school software from their iPad. However, even if we remove the software from the iPad, couldn't the teacher just restore it from their home Mac/PC? If the teacher syncs his/her iPad to their home computer, will it back up just the apps purchased under their personal Apple ID or will it also back up the apps purchased under the school Apple ID as well? If it is the latter, then I don't see how we could prevent the teacher from reinstalling the school apps, even after we remove them from the iPad.
As long as the school can still install the apps it purchased on a new iPad, that last issue is not a huge concern for me. However, the upper management/legal guys want to know the answer to this one. -
Implementing the Enterprise Support in Solution Manager
Hi Experts,
Can anybody tell me what are the pre requisites to implement Enterprise support in solution manager?
Also let me know what are steps involved in implementing the enterprise support.
Thanks in Advance
HariHello Hari,
In order to implement Enterprise Support your organization should registered as a Value Added Reseller(VAR) with SAP. You can get all the required documentation under https://websmp104.sap-ag.de/solutionmanager --> Information for VARs, ASPs and AHPs which is in the left hand side of the page. However, you need to have a S-user ID of the VAR.
The following are the steps need to perform in implementing the Enterprise Support firmly known as Service Desk for VARs.
1. SAP Solution Manager basic settings (IMG)
a) Initial Configuration Part I
b) Maintain Profile Parameters
c) Maintain Logical Systems
d) Maintain SAP Customer Numbers
e) Initial Configuration Part II
1) Activate BC Set
a) Activate Service Desk BC Set
b) Activate Issue Monitoring BC set
c) Set-up Maintainance optimizer
d) Change online Documentation Settings
e) Activate Solution Manager Services
f) Activate integration with change request Managemnt
g) Define service desk connection in Solution Manager
2)Get components for SAP Service Market place
a) Get SAP Components
3) Get Service Desk Screen Profile
a)generate Business Partener Screen
4)Copy By price list
a)activate Service Desk BC Set
b)Activate Issue Monitoring BC set
c)Set-up Maintainance optimizer
f) Business Add-In for RFC Connections with several SAP customers
g) Business Add-In for RFC Connection of Several SAP Cust. no.
h) Set-Up SAP Support Connection for Customers
i) Assign S-user for SAP Support Portal functionality
j) Schedule Background Jobs
k) Set-Up System Landscape
l) Create Key Users
m) Create Message Processor
2. Multiple SAP Customer Numbers
a) Business Add-In for RFC Connections with several SAP customer numbers
b) Set-Up SAP Support Connection for Customers
3. Data transfer from SAP
a) Data Transfer from SAP
4. Create u201COrganizationu201D Business Partner
5. Service Provider function (IMG)
a) Business Add-In for RFC Connections with several SAP customer numbers
b) Business Add-In for Text Authorization Check
c) Activate BC Set for Service Provider
d) Activate Text Types
e) Adjust Service Desk Roles for Service Provider Menu
6. Service Provider: Value-Added Reseller (VAR)
a) Business Add-In to Process Actions (Post-Processing Framework)
b) Activate BC Sets for Configuration
c) Create Hierarchy and Product Category
d) Set-Up Subcategories
e) Create Business Partner as Person Automatically
f) Set-Up Automatic Confirmation of Messages
g) Maintain Business Partner Call Times
h) Set-Up Incident Management Work Center
7. Work Center (Web UI)
a) Activate Solution Manager Services
b) Assign Work Center Roles to Users
Hope it helps.
Regards,
Satish. -
ICloud Usage In The Enterprise
Forgive me if I've posted this in the wrong location, but it seemed to be the best suited area...
With the announcement of iCloud, I've been trying to find information on how it will be managed on devices that are used in the enterprise? The company I work for has approximately 200 iPad users and 300 iPhone 4 users that sync their corporate mail, calendar and contacts to their devices.
Each of these users has tethered their device to their own personal iTunes account so they can add music, apps, video, etc to the device as they wish. We secure these devices using a MobileIron appliance along with Apple MDM certificates that allow us to implement security policies on the devices.
If these users choose to sign up for iCloud, does anyone yet know if it will only allow your me.com account to sync to the cloud? The last thing we would want is for these users to have their corporate mail/contacts/calendars synched to the devices and then simultaneously synched up to iCloud.
Anyone have any suggestions on how we might combat this? Or if it will even be possible to sync accounts via iCloud for anything other than me.com accounts? Thanks!HI All,
Actually I face the same problem, only mine is using Apple MDM on Lion Server. We plan to deploy 2000 or more iphone 3gs on company cost. Currently in progress and already around 900 devices live using inhouse corporate application.
Our challenge is on security administration things. Wondering if there is somekind like iCloud that we can use in corporate to track the location in case of lost. we are now experiencing already two device lost on duty.
Currently all devices that we already deployed are registered to iCloud using one Apple-ID, no problem on registration process. However when I open iCloud, only limited devices was listed, I think just about 90 devices on the list. Unfortunately the two devices that reported lost are not on the list. So I feel hopeless now.
While MDM can only do Wipe and other things, but can not tracking the location.
Appreciate if someone can give me a clue the alternative to overcome those issue. Thanks.
Regards
AA -
Buying in the Mac App Store for the enterprise
We're looking to buy an app in the Mac App Store (iBarcoder) for our graphic designers using Macs, and after read this article on Macworld.com, we're not too sure how to go about it.
Does that mean I could buy one copy of an app and install it on every Mac in my business?
No, the license you agree to when you enter the Mac App Store says that app downloads are for Macs that you personally own, and that's a license for personal use. Apps that are intended for professional use are licensed for you or for a single computer used by several people. While there's no technical impediment to you installing them on multiple Macs at work, you'll be violating the license agreement. It's the same scenario as if you buy a single-user copy of iWork and install it on ten Macs at work—you can do it, but you're violating the license agreement, making the act ethically questionable.
We know about the volume licensing that Apple offers, but it seems as though it's only for education and not for the enterprise. Surely creating a new Apple ID for every Mac isn't the best way to do this, right?
Thanks!Ask Apple;
http://www.apple.com/business/vpp/ -
Hi I gifted an application to Someone. And now when that app has an update will it update with my apple ID or the persons ID I gifted the app to..?
If the person downloaded with their own AppleID from a gift card it will update using their AppleID. It is tied to the AppleID used for the download.
-
Oracle Personal Edition (disconnected from the network)
Hello everyone,
I have oracle PE 10.1.0.2 installed on my laptop (running windows xp pro sp2). I have the laptop connected to the network most of the time. Yesterday, I was trying to access my database while I am in the coffee shop but I couldn't. I was getting a "no listener" error from the application I am using. I took a look at the running services and I found out "OracleDBConsoleorcl" and "OracleServiceORCL" did not start. I tried to start them. But I was getting a type 2 error. tried to reboot. no good
When I connected my computer to network, I was able to connect to the database from my application and from the enterprise manager.
I searched this forum and I found out that I need to configure a loopback adaptor if Oracle DB is installed on a DHCP computer. In my case, I am disconnected from the network. Would a loop back adaptor fix the issue? Would it cause any problems when I connect back to network? In another word, would the database listener and OracleServiceORCL services work if I am connected and disconnected from the network?
Thanks for the helpI do not have Personal Edition, but if you can a check, make a copy/backup, and then change the entries in $ORACLE_HOME\sysman\config
$ORACLE_HOME\sysman\config\emoms.properties $ORACLE_HOME\sysman\config\emd.properties
and any httpd configuration files in that directory. -
BW3.5 Adhoc Query over the Enterprise Portal6.0
Hi,
Is there any iview to be accessed by th end user to create BW ad hoc query over the enterprise Portal?
I would like the end user to have this functionality to create , change and distribute their own query through Enterprise Portal.
Any help will be rewarded.
Thanks
ArunavaHi,
Thanks for your input. The iview is working fine both during the preview as well as when attached in a role.
However persons only with SAP_BW_ALL access in the BW system, can execute the Iview to create the ad hoc query.
When person with limited Query/cube access to BW system accesses the iview, it worked till they click " Create New query", After that when he chooses 'Info Area' in the drop down box for "Choose an Info Provider" The info area is never displayed and he can't proceed.
The user in question has sufficient access ( S_RS_COMP, S_RS_COMP1 etc) and in the BEX he can choose an Info area and cube/ods and execute any query that he is authorized to.
I assume that since the user has access to bex for certain infoareas he/she should have the same while creating adhoc queries...But looks like that is not the case.
Any help? Am I missing any particular BW Auth object ???
Thanks
Arunava -
Accessing the enterprise manager
I'm a beginner with oracle 8. I did the standard installation of the database, but i'm not able to login into the enterprise manager.
What are the default user name and password for accessing enterprise manager ?
Thanks.First of all I want to know if u have installed the enterprise or personal version ?. In enterprise edn. u can try username :system, password :manager & Host string :computername/ipaddress:port number(1521 default):sid name. Try this and let me know.
my id. [email protected]
I'm a beginner with oracle 8. I did the standard installation of the database, but i'm not able to login into the enterprise manager.
What are the default user name and password for accessing enterprise manager ?
Thanks. -
VPP bought software -- WHOSE appleID to install the software?
We are setting up a VPP account (or at least attempting to... The links in the VPP documentation lead to apple pages where VPP appleIDs are prohibited). And we don't quite get how this works.
-- we have set up an email in our domain especially for VPP purchases.
-- we have followed the links on the VPP page to the screens to set up an appleID for that email address. (It was a little strange, in that it asked for a birthday, but then we can't put in a date in 1837, which is our 175-yr-old company's birthday. And coming up with a security question whose answer would be known by other employees if the sysadmin gets hit by a bus, but would not be easily looked-up in google, is pretty challenging!)
Before we invest any money in buying software, we have some questions:
-- According to the docs ( http://images.apple.com/business/docs/VPP_Business_Guide_US_6_4_2012.pdf which I downloaded a few weeks ago but is now a dead link) we use our company appleID to buy some software. For example 7 copies of Keynote for our seven salespeople. We get a code that can be used 7 times to download Keynote, or 7 codes, or something like that (probably not important) which we send out to our 7 salespeople.
-- Ok, here's where I'm stumped: the docs say that the seven salespeople use "their" appleIDs to install Keynote on "their" computers.
Email the redemption URL directly to users. Users simply click the URL, either from their mobile device or from a Mac or PC. iTunes opens the app page in the App Store. The redemption code is automatically entered, enabling users to immediately download the app after authenticating with their Apple ID.
So, first of all, these are not the employee's computers, they belong to the company. So WHO is this "they" that the documents refer to? Is this telling you to use a company appleID -- the VPP account appleID? another appleID where we set up a separate one for the employee? -- that we use to load software on the company's computer? Or does it expect that the employees will put in their own personal iTunes/AppStore appleID? When there is a software update for software bought via VPP that needs to be installed on a company-owned device, how does the employee get access to the update? What's the appleID and what's the password?
Should I be setting up an appleID for each device, so that when an employee leaves and a new hire takes over his/her computer, responsibilities, and software, the new employee also gets that device's appleID to manage the software, too? So I need to set up emails for [email protected], [email protected], etc.? What happens if employees have their job responsibilities changed in a way that requires software to be re-arranged? So sales1 has software A, B & C, while sales2 has software X, Y & Z. After the reorganization, one sales person needs A, B & Y and another sales person needs X, Z & C. Can I even get the software moved from one machine to another? If I can, will the two sales people both need the passwords for sales1 AND sales2 to run updates for all three of the software titles on their machines post reorganization?
We are pretty confused by all of this. Does the fact that the http://www.apple.com/business/vpp/ page has a link to " Download the Guide " which used to lead to a pdf document and now leads nowhere mean that Apple has figured out that whatever scheme they have set up won't actually work?Welcome to Apple Discussions.
If the new version has an uninstaller run it first. Othewise with Mac OS drag the app to the trash and empty the trash. Do an install if a dialog box asks if you want to replace or keep files with similar names choose replace. -
Please help me in Merging the Persons Together by assining the same id
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
Please Help Me
We_addr_id defines the Address.
We_pid Defines the Person.
i am planning to merge the same person together by assigining the same we_pid.
WITH merge_names AS (SELECT 1000 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
'L' middle_name,
NULL Suffix FROM DUAL
UNION ALL
SELECT 1001 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
'LARRY' middle_name,
NULL Suffix
FROM DUAL
UNION ALL
SELECT 1002 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
NULL middle_name,
NULL Suffix
FROM DUAL
UNION ALL
SELECT 33065 WE_PID,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
NULL middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 8450527 WE_PID_LINK,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
'A' middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 373453429 WE_PID_LINK,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
NULL middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 442303062 WE_PID,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
'S' middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 30088775765 WE_PID,
990000878 We_addr_id,
'BILL' last_name,
'RAY' first_name,
'M' middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775766 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
NULL middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775767 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
'MAX' middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775768 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
'MICHEL' middle_name,
NULL SUffix
FROM DUAL
UNION ALL
SELECT 399998776 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
NULL middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 399998777 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'J' middle_name,
'JR' SUFFIX
FROM DUAL
UNION ALL
SELECT 399998778 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'JAMES' middle_name,
'SR' SUFFIX
FROM DUAL
UNION ALL
SELECT 399998779 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'JACK' middle_name,
'JR' SUFFIX
FROM DUAL)
SELECT *
FROM merge_names
o/p Required
WE_PID WE_ADDR_ID FIRST_NAME LAST_NAME MIDDLE_NAME SUFFIX MERGE_WEPID
1000 999898989 DONALD BOATRIGHT L 1000
1001 999898989 DONALD BOATRIGHT LARRY 1000
1002 999898989 DONALD BOATRIGHT 1000
33065 99000000 LUNA JOSE 33065
8450527 99000000 LUNA JOSE A 8450527
373453429 99000000 LUNA JOSE 33065
442303062 99000000 LUNA JOSE S 442303062
30088775765 990000878 BILL RAY M 30088775765
30088775766 990000878 RAY BILL 30088775766
30088775767 990000878 RAY BILL MAX 30088775767
30088775768 990000878 RAY BILL MICHEL 30088775768
399998776 9901111 ELLISON LAWRANCE 399998776
399998777 9901111 ELLISON LAWRANCE J JR 399998777
399998778 9901111 ELLISON LAWRANCE JAMES SR 399998778
399998779 9901111 ELLISON LAWRANCE JACK JR 399998777ThanksMissing information on how you identify same person.
I'm going with an assumption that same person is identified by first_name,last_name,middle_name and suffix.
WITH merge_names AS (SELECT 1000 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
'L' middle_name,
NULL Suffix FROM DUAL
UNION ALL
SELECT 1001 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
'LARRY' middle_name,
NULL Suffix
FROM DUAL
UNION ALL
SELECT 1002 We_pid,
999898989 We_addr_id,
'DONALD' first_name,
'BOATRIGHT' last_name,
NULL middle_name,
NULL Suffix
FROM DUAL
UNION ALL
SELECT 33065 WE_PID,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
NULL middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 8450527 WE_PID_LINK,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
'A' middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 373453429 WE_PID_LINK,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
NULL middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 442303062 WE_PID,
99000000 We_addr_id,
'LUNA' First_name,
'JOSE' last_name,
'S' middle_name,
NULL suffix
FROM DUAL
UNION ALL
SELECT 30088775765 WE_PID,
990000878 We_addr_id,
'BILL' last_name,
'RAY' first_name,
'M' middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775766 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
NULL middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775767 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
'MAX' middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 30088775768 WE_PID,
990000878 We_addr_id,
'RAY' first_name,
'BILL' last_name,
'MICHEL' middle_name,
NULL SUffix
FROM DUAL
UNION ALL
SELECT 399998776 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
NULL middle_name,
NULL SUFFIX
FROM DUAL
UNION ALL
SELECT 399998777 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'J' middle_name,
'JR' SUFFIX
FROM DUAL
UNION ALL
SELECT 399998778 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'JAMES' middle_name,
'SR' SUFFIX
FROM DUAL
UNION ALL
SELECT 399998779 WE_PID,
9901111 We_addr_id,
'ELLISON' first_name,
'LAWRANCE' last_name,
'JACK' middle_name,
'JR' SUFFIX
FROM DUAL)
SELECT we_pid,we_addr_id ,first_name,last_name,middle_name,suffix,min(we_pid) over (partition by first_name,last_name,middle_name,suffix) merge_wepid
FROM merge_names m -
Recommended method to deploy apps in the enterprise
I have a Mac server configured with Profile Manager. My users at this point log into their iMacs with their Active Directory credentials. Classroom laptops use AD credentials as well, and the rest of the laptops (1/3 of all Macs on our site) have stand-alone accounts on the local machines.
We've been messing with VPP up to this point, but honestly I'm not impressed with the way it works with OSX devices. I can enroll a machine into Profile Manager via trust certificate and the management profile. This works fine, and I can group the machines in logical order. According to the documentation, I should be able to deploy apps to the workstations themselves (independent of who is using it), but so far it doesn't seem to work like that.
With a free VPP app, such as Garageband, in Profile Manager, I can only see where I can associate it with a user or user-group. I see two options with this. First, we use a common app-store credential to associate with the VPP apps. This seems like a poor option since a user wouldn't necessarily know the password to this account, and as soon as the app has an update, they are going to call us to login as the common app-store credential that owns the VPP app. Second, we associate the app to a user him/herself and let them do the installing or updating. This also assumes that our users sign up for an app-store account if they don't already have one (kind of weak, IMO).
With these two, any common area/lab machines would obviously need a shared admin accessible VPP app-store ID, but with user-specific machines, I see it the other way. If I could target all of these machines without involving the users, that would be optimal. Given these three options (target user, target shared app-store account with manual admin intervention on each machine, target machine independently of a user), what do you all recommend?I will give my .02 on this topic. I hope this helps.
App distribution for Apps from the AppStore is a tricky mine field. The new VPP program is a step in the right direction and for many businesses it is a dream come true (no more redemption codes, transfer of assets, European Union tax issues, I can go on...). However, I will agree with you in regards that education does not benefit as much, especially when (1) the students do not have an Apple ID, (2) the devices are not deployed in the one-to-one model, and (3) users are not permitted to alter machine configurations.
VPP for enterprise is a good thing, provided your organization is willing to allow user's the freedom to add content (an use Apple IDs). The way it works is as follows.
• You enroll in the VPP program
• You purchase apps/books in bulk through the app store
• You configure your MDM to participate in the VPP
• You invite your users using an email or via push notification if devices are already enrolled
• When the user gets the invite, the user uses her own Apple ID to associate their App Store catalog with your enterprise App Store catalog (this all happens on Apple's servers)
• The enterprise does not care nor does it need to know which Apple ID the user used. This is irrelevant to the organization.
• You then assign the apps and books to the users through your MDM
• The user now sees this content in their App Store from their device
• If the user leaves the organization, you can remove the app from the user and you recall the seat into the available pool.
• The App remains on the device for 30 days I believe and the user (if this is a personal device and they still have it after being removed from the program) will be prompted to purchase the app (books are transferred - you can not pull them back).
So, all that being said, you are not deploying to an enterprise and you are not deploying to dedicated devices. I suspect that some of your users may also be too young to have an Apple ID. So while I still recommend that you participate in the VPP to ensure software compliance, the reality is that you are likely going to use a single Apple ID to download the software. This will be included in a master build when imaging and prepping machines. If there are updates, you will download the update onto a build machine and use tools like ARD, JAMF, Deploy Studio, etc to push the app out to your fleet of machines. Keep in mind that updates from the App store are full versions and they are self contained bundles. Also, turn off all software update notifications on the workstations to keep users from realizing updates are available.
I am a firm believer that schools should not apply updates to machines between September and June unless it is a tested security patch. The risk of impacting the educational process is too great. Look no further than the dramatic changing in the iLife and iWork tools. Changing mid year can cause entire curricula to be disrupted. There is no deeper wrath than that of a school matriarch dressing you down because you put out software that does not match her lesson plans.
Ok, I am done on the soap box. Hope this helped. My suggestion again is stick with the VPP for compliance reasons but use distro tools to push the updated/new apps out to machines as needed. This allows you to continue to use a single Apple ID, the account information is obscured from the user, and all updates happen via a distro push, avoiding touching each machine.
R
Apple Consultants Network
Apple Professional Services
Author "Mavericks Server – Foundation Services" :: Exclusively Available in Apple's iBooks Store -
If the Enterprise Portal have a default page for creating a blog?
Hello!
I want to know if the Enterprise Portal have a default page for creating something like a blog, with personal information, comments...
can I using the tool XML Form Builder or something else?
Thank
lexianHi Lexian,
I don't believe the Portal currently has any tool that can be used conveniently to create blog type content.
You are right, you could potentially use the XML Forms Builder to create a form which might just about do what you want it to, but this would be very fiddley and is not really designed for this purpose.
If you can wait, you should use the WebPage Composer that is due to released in the Portal from April.
Here at SDN we are currently looking into using it to display our blogs and I must say research is looking good so far.
Regards,
Marc -
Airprint in the Enterprise across subnets [Solution]
This is a message to help folks figure out how to setup
Airprint across wired/wireless subnets. Hopefully it will help a few people.
Airprint was designed to work with Bonjour on a local subnet/broadcast domain.
To print in the enterprise where we have wired/wireless infrastructure,
we need to use a DNS server to find the printer resources
Assumptions:
Our internal domain is: foocompany.com
We create a new subdomain: bonjour.foocompany.com
Creating a new subdomain allows up to apply DNS views so we can show print/bonjour services in
close proximity of the user.
You have a CUPS printer server (linux/apple) running at printserver.bonjour.foocompany.com
1. Setup a DNS server
If you setting up a test domain server, you can setup forwarding to your primary production server.
This way all DNS queries continue to work
In your named.conf file setup forwarding
options {
forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; };
forward first;
allow-query-cache { any; }; // Allow client queries from other subnet to query from cache
Create a new zone, "bonjour.foocompany.com"
zone "bonjour.foocompany.com." { type master; file "/etc/bind/db.home"; };
zone "foocompany.com" { type forward; forward only; forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; }; };
Create the following entries to support bonjour browsing
#=======DNS====Begin======
lb.dns-sd.udp IN PTR @
b.dns-sd.udp IN PTR @
dr.dns-sd.udp IN PTR @
db.dns-sd.udp IN PTR @
cf.dns-sd.udp IN PTR @
printserver IN A 10.47.203.188
# For every printer queue defined at the printer server you need to create a TXT and SRV entry
# The visual printer name that show up in the iOS listbox will be the part before .ipp.tcp, example "hpv8a", "hpv8acolor"
# _ipp and _printer seem to be equivalents, either seem to work on iOS.
# Printer 1
cups._sub._ipp.tcp IN PTR hpv8a.ipp.tcp
universal._sub._ipp.tcp IN PTR hpv8a.ipp.tcp
#Printer 2
cups._sub._ipp.tcp IN PTR hpv8acolor.printer.tcp
universal._sub._ipp.tcp IN PTR hpv8acolor.printer.tcp
hpv8a.ipp.tcp IN SRV 0 0 631 printserver
hpv8acolor.printer.tcp IN SRV 0 0 631 printserver
# The "adminurl" points to the printer queue url on the CUPS server
# The "rp" key points to the queue name as well
hpv8a.ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A08A246LJ" "adminurl=http://printserver:631/printers/V8A_08A24
6_LJ" "ty=HP Laserjet V8A" "product=(HP LaserJet 4200)" "transparent=t" "copies=t" "duplex=t" "color=f" "pdl=application/octet-stream,
application/pdf,application/postscript,image/jpeg,image/png,image/urf" "URF=W8,SRGB24,CP1,RS600" )
hpv8acolor.printer.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A08A246_ColorLJ" "adminurl=http://printserver:
631/printers/V8A08A246_ColorLJ" "ty=HP Laserjet V8A Color" "product=(HP color LaserJet 4650)" "transparent=t" "copies=t" "duplex=t" "
color=t" "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf" "printer-type=0x801046" "URF=
W8,SRGB24,CP1,RS600" )
####Printer TEMPLATE
#cups._sub._ipp.tcp IN PTR NAMEX.printer.tcp
#universal._sub._ipp.tcp IN PTR NAMEX.printer.tcp
#NAMEX.ipp.tcp IN SRV 0 0 631 PRINTSERVERDNSNAME
#NAMEX.ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/QUEUENAME"
# "adminurl=http://PRINTSERVERDNSNAME:631/printers/QUEUENAME"
# "ty=Printer name"
# "product=(Printer PPD model line)" "transparent=t" "copies=t" "duplex=t" "color=f"
# "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf"
# "URF=W8,SRGB24,CP1,RS600" )
#=======DNS====End======
2. Setup CUPS
Add printers to the CUPS server.
Enable access to the printer queue from remote machines,
GUI: "System->Admin->Printing->Server->Server Setting: Allow printing from the internet"
Also make sure the following lines are present in /etc/cups/cupsd.conf
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
AccessLog syslog
AccessLogLevel all
LogLevel debug
MaxLogSize 0
SystemGroup lpadmin
# Enable printer sharing and shared printers.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseRemoteProtocols CUPS
BrowseAddress @LOCAL
BrowseLocalProtocols CUPS dnssd
BrowseProtocols all
DefaultAuthType Basic
3. Change iPAD configs
Add your DNS server as the first DNS server in the network settting page.
Add "bonjour.foocompany.com" to the DNS domains to search
4. Test printing
Open up Photos application.
Select a picture
Select "Send To->Print"
Select "Printer", now a list of printer names should show up as defined in the DNS server
Select a printer and hit "Print"
Fast task switch to Print Center to verify print job is being sent
Thanks
Ashish Desai
Security Architect
Fidelity Investments
email: [email protected]Update for ios 8:
With ios 8 it appears that _printer and _ipp are no longer equivalent. For this to work it looks like you have to use _ipp._tcp
Also - the underscore characters are important and they are missing from the example above.
Last - you can use the "note" field to add a second line that is displayed in smaller text below the printer name in ios 8.
Here is an updated template:
####Printer TEMPLATE
cups._sub._ipp._tcp IN PTR NAMEX._ipp._tcp
universal._sub._ipp._tcp IN PTR NAMEX._ipp._tcp
NAMEX._ipp._tcp IN SRV 0 0 631 PRINTSERVERDNSNAME
NAMEX._ipp._tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/QUEUENAME"
"adminurl=http://PRINTSERVERDNSNAME:631/printers/QUEUENAME"
"note=more info about printer"
"ty=Printer name"
"product=(Printer PPD model line)" "transparent=t" "copies=t" "duplex=t" "color=f"
"pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf"
"URF=W8,SRGB24,CP1,RS600" )
Maybe you are looking for
-
Same file name in target as source file
Hi, I am doing a file to file scenario in which there is no mapping involved, it is a bypass scenario. I want my target file name to be exactly same as the source file name. Source file name dynamically changes based on date and time. I have tried cr
-
Time Management... using ZES table...
Hi experts!! I need help with this dates problem.... I have to read the cluster B2, specifically ZES table, and I want to print the data for three differents weeks that I have in selection screen. When I see the information of the cluster in RPCLSTB2
-
Dispatcher running but not connecd to message server
hi.. iam trying to start my server, in process list iam getting dispatcher is not getting start.first iam getting 'DISPATCHER IS RUNNING BUT NOT CONNETED TO MESSAGE SERVER' it is in yellow color, after some time , it is changing to green color but t
-
Trouble when trying to Distribute Configurations on 340's & 350's
I noticed that some times when I try to distribute the configuration of one AP to all the other, The distribution list is small. No matter what AP I try to distribute from. Other times it is fine and they all show up. There is a mix of 340's and 350'
-
To compile all invalid objects
how we can compile all invalid objects? is there any sample plsql code?