IOS中的MDM如何真正起作用？ [英] How does MDM in IOS really work?

问题描述

我将在 iOS （客户端）参加 MDM 项目，但在搜索之后，我仍然不知道怎么 MDM 真的有效。谁能为我解释一下？

I'm going to attend a MDM project in iOS (client side) but after searching, I still don't know how MDM really works. Can anyone explain something for me?

问题：

我的服务器需要控制设备上安装的应用程序列表（安装和删除应用程序）。

My server needs to control the list of applications are installed on devices (install and remove app).

预期解决方案：

• 需要在设备上安装一个扮演客户端角色的应用程序（MY APP）。


• 需要时，服务器会发送通知通过Apple推送通知服务器连接到客户端。


• 收到通知后，客户端应用程序将连接到服务器以获取服务器命令（例如：安装应用程序A）


• 获取命令后，我的APP会自动下载并安装它。

• There need an app installed on devices which plays the role of client (MY APP).
• When needed, server will push a notification to client via Apple push notification server.
• After receiving notification, client app will connect to server to get server command (ex: installing app A)
• After getting command, MY APP automatically download A and install it.

我的问题：这是MDM的工作方式吗？

• 如果是，我的APP如何在没有权利的情况下安装另一个应用程序（由于sandbox）以及服务器是否可以为设备上的应用程序配置访问权限。如果可能的话，任何人都可以给我一个MDM客户端代码的示例来清除我的东西吗？

• If yes, how MY APP can install another app when it has no right to do it (due to sandbox) and whether server can config the access right for an app on devices. If possible, anyone can give me an example of code for MDM client side to clear my stuff things?

如果不是，这意味着服务器将是在设备上安装app A的人（而不是MY APP）。在这种情况下，服务器如何做到这一点？

If no, it means that the server will be the one who install app A on device (instead of MY APP). In that case, how server can do that?

推荐答案

iOS MDM是无客户端协议。因此，您开发了一个服务器，但是您没有为它开发客户端应用程序。实际上，有一个客户端应用程序，但它是由Apple开发并内置到操作系统中。

iOS MDM is clientless protocol. So, you develop a server, but you don't develop a client application for it. Actually, there is a client app, but it's developed by Apple and built into operation system.

因此，您的服务器将发送命令，内置MDM客户端将收到

So, your server will send a command, built-in MDM client will receive and execute it.

一般来说，如果你想开发MDM服务器，你需要注册到Enterprise Developer Program并获得MDM文档。

Generally speaking, if you want to develop MDM server, you need to register into Enterprise Developer Program and get MDM documentation.

这里有一些逆向工程文档： http：// media。 blackhat.com/bh-us-11/Schuetz/BH_US_11_Schuetz_InsideAppleMDM_WP.pdf

There is some reverse engineered documentation here: http://media.blackhat.com/bh-us-11/Schuetz/BH_US_11_Schuetz_InsideAppleMDM_WP.pdf

iOS MDM协议支持安装/删除应用程序命令。

And iOS MDM protocol support Install/Remove application command.

这篇关于IOS中的MDM如何真正起作用？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！