Closed noahtalerman closed 2 months ago
noahtalerman
commented
3 months ago Hey @sharon-fdm, @rachaelshaw is current drafting the "OS updates for iOS/iPadOS" story (#19852).
Before we settle and estimate designs, we would like some help from folks on the endpoint ops team (probably @lucasmrod if he has the time) to research how OS updates works on iOS/iPadOS.
Can we bring this research story into the current sprint? If we do, do we have to kick something else out?
FYI @lukeheath
sharon-fdm
commented
3 months ago @noahtalerman, I'd agree the best person to look at this will be @lucasmrod (but others could as well.) We may put at risk #19043 and/or #19561 depending on Lucas.
noahtalerman
commented
3 months ago Hey @sharon-fdm, if we need to drop one of the 3 (#19043, #19561, #20202), then I think we should drop #19043.
Supporting mission critical iOS/iPadOS features is important for the business.
lucasmrod
commented
2 months ago @rachaelshaw @noahtalerman
I've answered the first two questions on this public Google Doc (TL;DR: it works): https://docs.google.com/document/d/1G4mzx81ZhMoGDowv1Dp8e1izxqEtWwJe1cXC9Z20nSw/edit
I'll work on the third question tomorrow, hoping that the answer to the first two questions unblock the drafting of the feature.
lucasmrod
commented
2 months ago @noahtalerman @rachaelshaw I've answered the third question on the document.
I'm moving this story to "In review". Feel free to add comments/questions to the document.
noahtalerman
commented
2 months ago Thanks @lucasmrod!
Since we have the research in a public Google doc here, I think we can move this story to "Ready." cc @sharon-fdm
A “Content filtering ”profile failed to apply on the BYOD iPad with the following error (confirming that there are some differences on what one can do with AMB enrolled vs BYOD, however as stated previously it seems OS update enforcement works the same)
MCInstallationErrorDomain (4001): Profile Installation Failed\nMCInstallationErrorDomain (4001): Profile Failed to Install\nMCProfileErrorDomain (1009): The profile “Content filtering” could not be installed.\nMCWebContentFilterErrorDomain (40003): Unsupervised devices require a ContentFilterUUID in the content filter payload.\n
Interesting finding here. Looking at the error, it seems like BYOD iPhones require a slightly different payload than company-owned iPhones: BYOD requires ContentFilterUUID.
This error shows up in the Fleet UI/API right? That's important so the IT admin knows why the profile isn't installed and how to resolve.
lucasmrod
commented
2 months ago Interesting finding here. Looking at the error, it seems like BYOD iPhones require a slightly different payload than company-owned iPhones: BYOD requires ContentFilterUUID.
Yeah, many settings are available on ABM/DEP enrolled only.
This error shows up in the Fleet UI/API right? That's important so the IT admin knows why the profile isn't installed and how to resolve.
Yes, it does show up in the UI (as a tooltip).
sharon-fdm
commented
2 months ago Since we have the research in a public Google doc here, I think we can move this story to "Ready."
@noahtalerman, did you mean to close the ticket? Or you want to put follow-up tasks here?
noahtalerman
commented
2 months ago Hey @sharon-fdm I think we can close the issue.
fleet-release
commented
2 months ago iOS updates refined, For Fleet's contributors aligned, Ease in design, we find.
Goal
Context
Changes
Product
Google doc
https://docs.google.com/document/d/1G4mzx81ZhMoGDowv1Dp8e1izxqEtWwJe1cXC9Z20nSw/edit
Engineering
QA
Risk assessment
Manual testing steps
Testing notes
Confirmation