The security configuration updates have been enforced through automatic update policy enabled through an MDM policy. However our end users would like to know when these updates are triggered by the device and installed successfully. We can see on a few devices that even though the automatic updates are enabled there are many devices with config updates pending. Also is there a way to manually install these config updates as the end user cannot see these updates listed in the software update section.

ReferenceError: ReadableStream is not defined at Object. (/Users/anaadmin/Documents/AnaNewApp/node_modules/@expo/cli/node_modules/undici/lib/web/fetch/response.js:528:3) at Module._compile (node:internal/modules/cjs/loader:1198:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10) at Module.load (node:internal/modules/cjs/loader:1076:32) at Function.Module._load (node:internal/modules/cjs/loader:911:12) at Module.require (node:internal/modules/cjs/loader:1100:19) at require (node:internal/modules/cjs/helpers:119:18) at Object. (/Users/anaadmin/Documents/AnaNewApp/node_modules/@expo/cli/node_modules/undici/lib/web/fetch/index.js:11:5) at Module._compile (node:internal/modules/cjs/loader:1198:14) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10) After trying out all suggestions and different versions of tools such as XCode, nvm, yarn, node, etc., nothing works for me i added : <PROJECT_PATH>/node_modules/@langchain/core/dist/utils/stream.cjs - add const { ReadableStream } = require("web-streams-polyfill"); npm install web-streams-polyfill Tried downgrading to Node 18 as well as various polyfills but haven't been able to get it to work Following does not work in xcode Delete your Podfile.lock (I like to use the command '-rm -rf Podfile.lock' on the terminal for this) Delete your Pods folder (I like to use the command '-rm -rf Pods' in the terminal for this) Delete your .xcworkspace Pod install Clear your project into XCode> Product> Clean Build Folder i have tried cd ios pod install Continuously i am getting same error. Any one know, how to resolve this error

Last year I used the iOS Distribution Managed Certificate (Enterprise Program) to sign an App and to distribute it internally. The Cert is still valid until May 2026. But its associated Provisiong Profile (which is not visible in the Apple Portal, but within Xcode when you export your archive) expired last week. Until then it was impossible for me to somehow force renew the profile and that lead to the fact that my app was not usable for a day, because the renewal was done after the expiration of the old one. Whats the whole point of the managed signing if can't influence the provisioning update. To be clear: I don't speak about the certificate - just about the profile. Or am I using it wrong?

I'm hoping to make certain in-house apps fail to launch by revoking the in-house certificate that they were built on. This is by way of encouraging users of these apps to download updates built on a new certificate. How long will it take app built on a now-revoked certificate to no longer launch? Also, what is Apple's process for checking the validity of an in-house certificate in an app built on that certificate, running on iOS devices? I understand that provisioning profiles have built-in expiration dates, but will an in-house app that's built on a valid provisioning profile keep running even on a revoked certificate if the revocation happened before the certificate's own expiration date? Craig Umanoff

We intend to sell in india markets. In india our tax compliance is GSTIN which is also highlighted in your "Provide tax information for alternative payment options" section. We will not be making any sale outside India and hence are not liable for any tax compliance or withholding of tax outside india. Please guide us on how we should fill the tax forms.

During VPP app installation, the app-device asset association event took longer than the usual maximum of 30 seconds to complete, regardless of the number of app licenses involved.

I applied over a month ago and haven't heard back to the Apple Small Business Program. What should I do to speed things up?

Hi There Our app is used in the hospital field and receives remote APNS via the Notification Service Extension. We found a scenario where screen is on, our app is in background, if a "Critical" notification is displayed as a banner at the top of the screen, subsequent normal notifications will be suppressed and no sound will play. Only after the user swipes away the critical notification will the normal notification appear and play a sound. is this as expected? I could not find any document on such case from Apple. Thanks.

Hello! I’m testing certificate issuance using a locally running Smallstep step-ca ACME server with the device-attest-01 challenge. I’ve created a custom MDM profile for this purpose. When I install the profile, the certificate is issued successfully, but it is not saved to the Keychain as stated in the documentation. I can only see the certificate via mdmclient or in the Wi-Fi settings dropdown menu. Is this expected behavior, or are there additional settings that need to be included in the MDM profile?

We are experiencing a critical issue where VPP app installations are consistently taking an excessive amount of time, leading to significant delays in asset association. We are deployionThis is a systemic problem that affects all VPP apps, not just an isolated case. Apps: 39470db7-e475-4269-9709-c80641657027 => com.zimride.instant d0876900-2579-463e-99f1-b7c85ef5c5e8 com.microsoft.azureauthenticator Troubleshooting: We have performed extensive troubleshooting and can confirm the following: VPP Token: The VPP token has been successfully renewed and is currently active and valid. License Availability: We've verified that there are sufficient VPP licenses available for the apps being deployed. Device Status: We've attempted the following on the affected devices: Restarted the devices. Switched to different Wi-Fi networks. Uninstalled and re-installed the apps. App Status: The issue is not limited to a single app; all VPP apps are failing to install. License Revocation: We attempted to revoke and reassign licenses for some devices, but this did not resolve the issue. The app was not pushed, and the pending status remained. Troubleshooting: Through our internal investigation, we have determined that the core issue is that the Asset Association Status is consistently taking excessive time. This seems to be preventing the app installation queue from processing. We have observed a significant delay in the processing of events within the Notification Channel. The time between the event being created and a response being received is excessively long, indicating a potential backlog or issue. We have included a few recent examples below for your reference: Event ID: 39470db7-e475-4269-9709-c80641657027 com.zimride.instant Created Time: 2025-08-26 01:02:04 Response Time: 2025-08-26 01:34:05 Event ID: d0876900-2579-463e-99f1-b7c85ef5c5e8 com.microsoft.azureauthenticator Created Time: 2025-08-25 21:16:29 Response Time: 2025-08-25 22:21:07 We would appreciate your help in the following areas: Resolution: Could you provide any known solutions or workarounds for an asset association status that is taking excessive amount of time'? Best Practices: Are there any recommended best practices or additional parameters we should be checking with the MDM that might influence the queueing of VPP app assignments? Queueing Parameters: Could you provide insight into the parameters or conditions that can affect the queueing and processing of VPP app installations on Apple's servers? Please let us know if there is any additional information or logs we can provide.

Hello guys, I wanted to reach out to see if any of you have experienced or come across an issue we are facing in our organization. We are encountering a campus-wide problem where Macs are take an unusually long time to delete files on external drives formatted with ExFAT. We manage these Macs through Jamf Pro, and numerous policies are applied when the devices are enrolled. We have tested the issue in both scenarios—when the Macs are connected to the domain and when they are not—and the slow deletion persists in both cases. At this point, we are unsure whether the issue lies on our end or if it is related to the operating system itself. If anyone has found a fix or workaround for this problem, we would appreciate your input.

We’ve run into what looks like a gap in how forceAirDropUnmanaged is enforced on iOS devices. Setup: Device: iOS 17.x (unsupervised, enrolled in MDM) MDM Restriction: forceAirDropUnmanaged = true Managed Open-In restriction also applied (block unmanaged destinations). Verified: from a managed app, the AirDrop icon is hidden in the share sheet. This part works as expected. Issue: When two iOS devices are brought close together, the proximity-initiated AirDrop / NameDrop flow still allows transfer of photos, videos, or files between devices. In this path, forceAirDropUnmanaged does not appear to apply, even though the same restriction works correctly in the standard sharing pane. What I’d expect: If forceAirDropUnmanaged is enabled, all AirDrop transfer paths (including proximity/NameDrop) should be treated as unmanaged, and thus blocked when “Managed Open-In to unmanaged destinations” is restricted. What I observe instead: Share sheet → AirDrop hidden ✅ Proximity/NameDrop → transfer still possible ❌ Questions for Apple / Community: Is this a known limitation or expected behavior? Is there a different restriction key (or combination) that also covers proximity-based AirDrop? If not currently supported, should this be filed as Feedback (FB) to request alignment between share sheet AirDrop and NameDrop enforcement? This behaviour introduces a compliance gap for organisations relying on MDM to control data exfiltration on unsupervised or user-enrolled devices. Any clarification or guidance would be greatly appreciated.

We’re running into a problem when deploying certain .pkg installers via MDM on macOS 15 and above. The installation fails with the following error message: “The app is running and we don’t have the context to quit it, failing install.” Context: The .pkg is being pushed through an MDM solution (not installed manually). This happens consistently across multiple macOS 15+ devices. The target app is often already running when the MDM tries to install the update. Unlike a manual installation, the MDM does not appear to have the ability to quit the running app before proceeding. Questions: Is this a known change in macOS 15 where MDM-delivered installs no longer have permission to terminate apps during package installation? Are there recommended best practices for handling app updates via .pkg through MDM in this scenario? Has anyone implemented a workaround—such as pre-install scripts, user notifications, or policies to quit the app before running the installer—that works reliably on macOS 15? Is Apple planning to update MDM behavior or installer APIs to address this, or should admins expect to handle quitting apps entirely outside of the MDM installation process? Any insights from Apple engineers or other developers/admins who have encountered this would be really helpful.

Hi, I have a couple of questions about how to proceed and prepare the implementation for the DeviceLock MDM command for macOS in a secure and proper manner. https://developer.apple.com/documentation/devicemanagement/device-lock-command In documentation "PIN" is "(string) The six-character PIN for Find My. This value is available in macOS 10.8 and later." - is this the PIN that is used to unlock the device? Is there any video online that I can see how the process would look like for the end user with locking and unlocking a device? What should be done before sending a DeviceLock command? What should be done to safely test the command without bricking a device. How to unlock a device that was locked with a DeviceLock command? Is there any Unlock command or can the user unlock device with the provided PIN earlier? Thank you for any help!

I originally posted here & was referred to post in developer forumsn. https://discussions.apple.com/thread/256036430?login=true&sortBy=rank&answerId=261319559022 There has to be someone else out here that's gone through this. I've tried everything I can think of, forums, reddit, Microsoft documentation.... just can't find any clear cut method of doing this. I'm working on an InTune Mobile App Protection Policy. I know there are going to be some VPs out there asking why they can't use native iOS Apps, especially Apple Calendar, Contacts & Mail. I have not been able to get anywhere, I always end up with this error. Things I've tried: Allow sync of native apps with work account Putting in app exemptions (But I don't truly know if I know if I have the right values for this and there's no simple way of getting it from what I've seen. Having to download app to PC, finding config files, finding specific values.... that people say are hit or miss). Allow data transfer of ALL Apps What am I missing here? I'm pretty much giving up and just going to say sorry, you can't use Native apps.. Period! Anyone have any experience with this, especially for Mail, Calendar & Contacts? Thank you for anyone that can offer advice on this.

Hello, I have an issue with DurationUntilRemoval—it never deletes my profile. I installed it via my MDM server and also tried installing it using Apple Configurator 2. The device is in supervised mode. Here is my profile: ** DurationUntilRemoval** ** 3600** <key>PayloadContent</key> <array> <dict> <key>PayloadDescription</key> <string>Configures restrictions</string> <key>PayloadDisplayName</key> <string>Restrictions</string> <key>PayloadIdentifier</key> <string>com.apple.applicationaccess.82B4587F-86F6-406B-9D27-03A799379EB5</string> <key>PayloadType</key> <string>com.apple.applicationaccess</string> <key>PayloadUUID</key> <string>82B4587F-86F6-406B-9D27-03A799379EB5</string> <key>PayloadVersion</key> <integer>1</integer> <key>allowActivityContinuation</key> <true/> <key>allowAddingGameCenterFriends</key> <true/> <key>allowAirPlayIncomingRequests</key> <true/> <key>allowAirPrint</key> <true/> <key>allowAirPrintCredentialsStorage</key> <true/> <key>allowAirPrintiBeaconDiscovery</key> <true/> <key>allowAppCellularDataModification</key> <true/> <key>allowAppClips</key> <true/> <key>allowAppInstallation</key> <true/> <key>allowAppRemoval</key> <true/> <key>allowApplePersonalizedAdvertising</key> <true/> <key>allowAssistant</key> <true/> <key>allowAssistantWhileLocked</key> <true/> <key>allowAutoCorrection</key> <true/> <key>allowAutoUnlock</key> <true/> <key>allowAutomaticAppDownloads</key> <true/> <key>allowBluetoothModification</key> <true/> <key>allowBookstore</key> <true/> <key>allowBookstoreErotica</key> <true/> <key>allowCamera</key> <true/> <key>allowCellularPlanModification</key> <true/> <key>allowChat</key> <true/> <key>allowCloudBackup</key> <true/> <key>allowCloudDocumentSync</key> <true/> <key>allowCloudPhotoLibrary</key> <true/> <key>allowContinuousPathKeyboard</key> <true/> <key>allowDefinitionLookup</key> <true/> <key>allowDeviceNameModification</key> <true/> <key>allowDeviceSleep</key> <true/> <key>allowDictation</key> <true/> <key>allowESIMModification</key> <true/> <key>allowEnablingRestrictions</key> <true/> <key>allowEnterpriseAppTrust</key> <true/> <key>allowEnterpriseBookBackup</key> <true/> <key>allowEnterpriseBookMetadataSync</key> <true/> <key>allowEraseContentAndSettings</key> <true/> <key>allowExplicitContent</key> <true/> <key>allowFilesNetworkDriveAccess</key> <true/> <key>allowFilesUSBDriveAccess</key> <true/> <key>allowFindMyDevice</key> <true/> <key>allowFindMyFriends</key> <true/> <key>allowFingerprintForUnlock</key> <true/> <key>allowFingerprintModification</key> <true/> <key>allowGameCenter</key> <true/> <key>allowGlobalBackgroundFetchWhenRoaming</key> <true/> <key>allowInAppPurchases</key> <true/> <key>allowKeyboardShortcuts</key> <true/> <key>allowManagedAppsCloudSync</key> <true/> <key>allowMultiplayerGaming</key> <true/> <key>allowMusicService</key> <true/> <key>allowNews</key> <true/> <key>allowNotificationsModification</key> <true/> <key>allowOpenFromManagedToUnmanaged</key> <true/> <key>allowOpenFromUnmanagedToManaged</key> <true/> <key>allowPairedWatch</key> <true/> <key>allowPassbookWhileLocked</key> <true/> <key>allowPasscodeModification</key> <true/> <key>allowPasswordAutoFill</key> <true/> <key>allowPasswordProximityRequests</key> <true/> <key>allowPasswordSharing</key> <true/> <key>allowPersonalHotspotModification</key> <true/> <key>allowPhotoStream</key> <true/> <key>allowPredictiveKeyboard</key> <true/> <key>allowProximitySetupToNewDevice</key> <true/> <key>allowRadioService</key> <true/> <key>allowRemoteAppPairing</key> <true/> <key>allowRemoteScreenObservation</key> <true/> <key>allowSafari</key> <true/> <key>allowScreenShot</key> <true/> <key>allowSharedStream</key> <true/> <key>allowSpellCheck</key> <true/> <key>allowSpotlightInternetResults</key> <true/> <key>allowSystemAppRemoval</key> <true/> <key>allowUIAppInstallation</key> <true/> <key>allowUIConfigurationProfileInstallation</key> <true/> <key>allowUSBRestrictedMode</key> <true/> <key>allowUnpairedExternalBootToRecovery</key> <false/> <key>allowUntrustedTLSPrompt</key> <true/> <key>allowVPNCreation</key> <true/> <key>allowVideoConferencing</key> <true/> <key>allowVoiceDialing</key> <true/> <key>allowWallpaperModification</key> <true/> <key>allowiTunes</key> <true/> <key>forceAirDropUnmanaged</key> <false/> <key>forceAirPrintTrustedTLSRequirement</key> <false/> <key>forceAssistantProfanityFilter</key> <false/> <key>forceAuthenticationBeforeAutoFill</key> <false/> <key>forceAutomaticDateAndTime</key> <false/> <key>forceClassroomAutomaticallyJoinClasses</key> <false/> <key>forceClassroomRequestPermissionToLeaveClasses</key> <false/> <key>forceClassroomUnpromptedAppAndDeviceLock</key> <false/> <key>forceClassroomUnpromptedScreenObservation</key> <false/> <key>forceDelayedSoftwareUpdates</key> <false/> <key>forceEncryptedBackup</key> <false/> <key>forceITunesStorePasswordEntry</key> <false/> <key>forceLimitAdTracking</key> <false/> <key>forceWatchWristDetection</key> <false/> <key>forceWiFiPowerOn</key> <false/> <key>forceWiFiWhitelisting</key> <false/> <key>ratingApps</key> <integer>1000</integer> <key>ratingMovies</key> <integer>1000</integer> <key>ratingRegion</key> <string>us</string> <key>ratingTVShows</key> <integer>1000</integer> <key>safariAcceptCookies</key> <real>2</real> <key>safariAllowAutoFill</key> <true/> <key>safariAllowJavaScript</key> <true/> <key>safariAllowPopups</key> <true/> <key>safariForceFraudWarning</key> <false/> </dict> </array> <key>PayloadDisplayName</key> <string>papala</string> <key>PayloadIdentifier</key> <string>MacBook-Pro-Kyrylo-2.4A2954CA-57A5-44D9-8AD3-546407A0CAD4</string> <key>PayloadRemovalDisallowed</key> <false/> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>BEED8448-8866-43EB-AC3C-1C3C652AADE4</string> <key>PayloadVersion</key> <integer>1</integer> it's just test profile, without difficult stuff, but it doesn't work too What is wrong?

We are trying to develop an app that will be responsible for managing 5000+ managed iPads through Intune MDM. The user flow is to have a device locked to a single app when a user is not logged in, but to make the device available to other apps once a user is authenticated. We already tried UIAccessibility GuidedAccess Mode and autonomous single app mode but those were not sufficient due to our need to be able to toggle this from the background. When the device may be asleep. So another way we could achieve this functionality would be to control all app access under a launching mechanism. That way we could allow one app to be visible in our MDM configuration and try to access our business app through that using deep links. If this were to work, we would have to be able to hide an app and still make it launchable from the manager. Any ideas? Thanks

Hi We've had an Enterprise Developer a/c for years. But last year they asked a bunch a questions to confirm we were a company. I answered them all and then it said it would review the answers. Were a big company and answered these questions before so just expected it to go through. Then our Enterprise Program a/c was up for renewal in April. But the money was never taken from the company cc and every expiry date the renewal date keeps moving forward a month. Its now been moved to Sep 2025. Either were getting April-Sep free or were going to be landed with a CC bill for 12+5 months soon. Anyone else seeing this. Is there an email or webpage for Enterprise a/c support? We have the money :)

Can someone help me, every time I insert a new attribute in the Table, the Query stops working, the bank keeps giving these messages, thank you

Environment Devices: e.g., iPhone 12 mini, iPhone 16 (multiple units) OS: iOS 26 beta 2 and beta 4 (23A5297m) Distribution: Apple Enterprise Program (In-House), deployed via MDM InstallApplication Tooling: Xcode (latest available for iOS 26 betas) Summary Apps signed for Enterprise (In-House) distribution install successfully on iOS 26 betas via MDM, but terminate immediately on launch. The same builds run if installed from Xcode on the same devices. This is a regression from pre-iOS 26 versions where Enterprise builds installed via MDM launched normally. Steps to Reproduce Archive an iOS app and export for Enterprise (In-House) distribution. Deploy the .ipa via MDM using InstallApplication to a device on iOS 26 beta (e.g., 23A5297m). Tap the app icon to launch. Actual Result The app quits instantly on launch. System logs show launchd/runningboard errors, including NSPOSIXErrorDomain Code=85 (“Bad executable (or shared library)”): runningboardd(RunningBoard)[34]: Process start failed with Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)" UserInfo={NSLocalizedDescription=Launchd job spawn failed} runningboardd(RunningBoard)[34]: Launch failed with Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)" SpringBoard(FrontBoard)[35]: Bootstrapping failed ... NSUnderlyingError = { NSLocalizedDescription = Launchd job spawn failed; } Expected Result Enterprise-signed builds installed via MDM should launch as they did on iOS 25.x and earlier. Regression? Works on iOS versions prior to 26. Works on iOS 26 betas when installed from Xcode (developer-signed run). Fails only for Enterprise (In-House) builds delivered via MDM. Additional Notes / Possibly Related We also reproduced a similar failure mode with a minimal Safari Web Extension project: it installs and appears under Settings → Safari → Extensions, but enabling it and opening Safari produces: “ is no longer available.” Building a fresh project with a new bundle ID shows the same behavior on iOS 26 beta (23A5297m). Logs contain: Error occurred during transaction: The provided identifier "" is invalid. Running from Xcode (debug build) works. Workarounds None identified for Enterprise/MDM distribution. Only Xcode-installed builds run. Impact Blocks Enterprise deployment to our fleet on iOS 26 betas. Feedback / Attachments Included: sysdiagnose from an affected device, minimal Xcode project demonstrating the issue, Enterprise-exported app, and reproduction notes. Happy to share additional logs or perform targeted tests if needed. Request Can Apple confirm whether this is a known regression vs. a policy/validation change in iOS 26 for Enterprise/MDM installs? Any guidance on a short-term mitigation or build/signing change we can apply would be appreciated.