Updated:
To send any command to the device we first need to install the MDM
Profile into the device profiles which will contain a server-url
which will be used by the device to poll for commands whenever the
device receives push notification.
Refer http://media.blackhat.com/bh-us-11/Schuetz/BH_US_11_Schuetz_InsideAppleMDM_WP.pdf
for in detail enrollment also refer "Sending Push Notifications"
section and sections following it from the above link for detailed device commands.
To send push notification we need to have an apns push certificate which we can create from apple's identity portal refer: http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning
For mdm, we send push notification payload to APNs as {mdm : "PushMagicToken-of-device"}
When push notification is received by the device it will contact mdm server's server-url for command to be executed.
Answering your questions: (P.S Used Java for communication)
Q1. "Can you suggest me how server is interacting with the device and device with the server in the form of request"
Answer: Device will interact to the server when it receives push notification from APNs. It will contact to the url of key ServerUrl which you provide in the mdm payload.
This is PUT request method type, device sends an Idle status to server in the plist format.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Status</key>
<string>Idle</string>
<key>UDID</key>
<string> [ redacted ] </string>
</dict>
</plist>
All the communication with the device is done using the Plist (Property list format), device understands this format easily.
Q2: "It means in what form you send command from server and how you check that the command is done and send the feedback to the device"
Server too sends command to the device in form of plist.
For Example: Below is the plist sent for DeviceLock command from my mdm server when the device sends an Idle status response.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Command</key>
<dict>
<key>RequestType</key>
<string>DeviceLock</string>
</dict>
<key>CommandUUID</key>
<string>ph_mdm_command_uuid</string>
</dict>
</plist>
Please Note: each command has a CommandUUID field which we can use to check the current commands at server end, it maintains the current session. Whatever command we send to the device with the CommandUUID, device responds back with the status of that command back with the same CommandUUID.
So in response to DeviceLock Command RequestType, device sends back a response:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CommandUUID</key>
<string>ph_mdm_command_uuid</string>
<key>Status</key>
<string>Acknowledged</string>
<key>UDID</key>
<string>device_udid</string>
</dict>
</plist>
Here the CommandUUID is similar to the one sent by the server, UDID is the device udid and the status is Acknowledged, which denotes that the command was successfully executed on the device.
Note: All this is sent in the response of Java in form of bytes. If you meant which format i was sending the response to the device.
I assume To send feedback to device means to either send next request or to stop polling:
Similar steps are to be followed if you have list of commands to be sent to the device, as currently we can send only one command at a time.
If there are no commands to execute and you want the device to stop polling you need to send empty response. Refer iOS MDM - How to close or stop connection after device responds back with valid response for more details.
Hope this cleared the doubts.
If you are at the enrollment phase please refer @Victor's comments before following this.
Let me know in case of any clarifications.
Currently I have an mdm setup running on iOS device successfully.
Thanks.
