MDM client - server communication

0
votes

After reading and searching, apple MDM client - MDM server interaction seems to be:

  • When Server wants do sth on devices, it sends a notify to APNS (with device token & AppID for APNS to know which devices and application need to receive notification).
  • APNS send notify to provided app on provided device
  • when receive notify from APNS, Apple-MDM-client will connect to server, get command and do the command task on devices.

My questions are:

  • The application that registered for APNS is my application (MY_APP, not Apple-MDM-client). That means the one which receive notification is my MY_APP. Then how Apple-MDM-client know about the notification in order to connect to MDM server?
  • The solution can be: MY_APP receive notification, then connect to server, get command and push received commands to Apple-MDM-client, tell Apple-MDM-client do the task. If this approach is correct, how MY_APP can communicate to Apple-MDM-client?

There must be API for that purpose but I can not find it via google...

2
iosapple-push-notificationsmdm
I edited your question to get rid of mentioning me. It's not common to ask somebody personally on StackOverflow.Victor Ronin

2 Answers

2
votes

Please take a look at my answer for your original question: How does MDM in IOS really work?

MDM is clientless protocol. Your MY_APP is not involved in MDM protocol.

What happens is:

  • Your server send push notification using device token, topic and PushMagic.
  • This is a little bit unusual push notification, because you don't specify AppID (Check "Structure of MDM Messages" section in the MDM documentation
  • This push message goes directly built-in MDM client
  • MDM client will go and talk to server (to get new commands)

As you can see your app isn't involved in MDM at all.

2
votes

I would like to enforce Victors answer(because answers to Apple's MDM are so few on the internet)!

Again, in MDM protocol the is no application that has to subscribe to Apple's push notification service, the iOS is the client here. He will be dealing with handling the requests from APNS, but for this to happen the device must have a special kind of configuration profile installed, named an enrollment profile, which is like a normal configuration profile with two payloads in it: an MDM payload, and a Certificate payload, and thats it! After the user install is, the iOS client is ready to receive requests from APNS.