VMware Workspace ONE Community
SampathkumarKes
Contributor
Contributor
‎07-03-2019 11:34 PM

Users who updated to iOS 13 beta, post enrollment, Exchange , Passcode and Restriction Profile not installing

We noticed that users who enrolled their phone and post iOS 13 beta upgrade everything works fine. Means all the profiles shows as installed and able to access the emails. But the same user when enrolled again, Exchange, passcode and restriction profiles not installing on phone.
Labels (1)
Labels
0 Kudos
14 Replies
WatsonDoug
Contributor
Contributor
‎09-24-2019 06:57 AM

WE are having the same issue. Any resolution yet?
0 Kudos
SebastienRodrig
Contributor
Contributor
‎09-25-2019 02:08 AM

We have the same issue here with our test devices.
Upgraded from iOS 12.4.1 to IpadOS 13.1, Exchange and restriction profiles are not installing/refreshing
0 Kudos
SampathkumarKes
Contributor
Contributor
‎09-25-2019 02:17 AM

while creating a profile, in General tab, if you have  selected Allow Removal as ' With Authorization'  this issue will occur. Solution to this is, change the Allow Removal option either ' Always'  or ' Never' .
0 Kudos
SebastienRodrig
Contributor
Contributor
‎09-25-2019 02:21 AM

Our Allow removal option was already set to Never.
We also tried editing the policies and saving them again, suspecting a format change, but it didn't work either.
0 Kudos
SampathkumarKes
Contributor
Contributor
‎09-25-2019 02:28 AM

In our environment it worked when we made changes to Allow Removal from With Authorization to Never/Always.
0 Kudos
SampathkumarKes
Contributor
Contributor
‎09-25-2019 02:45 AM

Are you getting the error as '
29000 This Profile can only be installed in a Supervised device'  if you check in event data when profile installation failed?
0 Kudos
SebastienRodrig
Contributor
Contributor
‎09-25-2019 02:53 AM

Nope, the ones we're getting are (roughly translated) :

(Restrictions Profile) 40000 The Content Filter service has encountered an internal error.
(Exchange Profile) 21005 An identical Exchange account already exists
0 Kudos
MarkHagen
Contributor
Contributor
‎09-25-2019 10:55 AM

AirWatch has confirmed an issue with iOS 13 on non-supervised devices that profiles with ' Allow Removal'  set to ' With Authorization'  will fail to load properly. They suggested upgrading to iOS 13.1 (!) but the results were the same.

In addition, they have confirmed an issue with the current Hub app build, where the app ' loses'  its connection to the console and prompts for Group ID, Username, and Password. The device enrollment isn't affected -- the device stays enrolled, but the Hub app doesn't recognize it.

Pity AirWatch doesn't do better QA testing on major releases anymore.....
0 Kudos
JasonNugent
Contributor
Contributor
‎10-01-2019 07:46 AM

Any update to this ?... I'm seeing this issue now too and I really don't want to go through all my Profiles and change the ' Allow Removal'  option (because we have over 700 Profiles across our Organization and around 2000 enrolled devices and the impact of that would be quite significant).


 


If we have iOS 12.x Users who were previously enrolled and they upgrade to iOS 13,. they seem to be fine. However brand new iOS 13 (never enrolled) seem to be encountering this problem. 

0 Kudos
Stansfield
Enthusiast
Enthusiast
‎10-01-2019 07:52 AM

No they confirmed in their getting ready for iOS 13 page it is an Apple change for profiles with allow removal to not install.  Also why do you have that many profiles? That seems extremely excessive, you have a profile for every three devices.
0 Kudos
JasonNugent
Contributor
Contributor
‎10-01-2019 07:57 AM

Stephen - We have that many Profiles because our environment is that big and we have that many Smart Groups (different Policies and Restrictions for different groups). We're a small City Government,. so groups like Forestry or Museum or Execs may have different Profiles from Police or Fire or Water or Power. So is the only resolution at this point to change the ' Allow Removal'  option ?.. or is VMWare working on a different fix ?.. Because me going through 700+ Profiles is going to take months.
0 Kudos
Stansfield
Enthusiast
Enthusiast
‎10-01-2019 08:02 AM

That is a terrifying level of fragmentation but I would ticket with Airwatch it can likely be mass changed in the database
0 Kudos
SampathkumarKes
Contributor
Contributor
‎10-01-2019 08:08 AM

when i raised a ticket the L2 team said this and to double check, i had call with our Account manager and he checked with their R&D team and they also confirmed there is no work around. This change is from Apple end not VMware end they said.
0 Kudos
JasonNugent
Contributor
Contributor
‎10-01-2019 08:20 AM

Stephen - Yeah,. but Airwatch's ' Best Practice'  recommendation has always been to make your Configuration Profiles as granular as possible. So for example, if I want to change Passcode Policy on ONLY the Forestry iPads,. I can do that without effecting anyone else. Or if I want to VPP a new App,. and only push it out to ' StreetSweeper'  iPads.. I can do that without effecting anyone else. So yeah.. it's a lot of granularity.. but also offers a lot of precise control. I did open a ticket with Airwatch,. I see now digging into the ' Changes in iOS13'  document where this was changed. But I'm not sure that's going to help me on modifying 700 to 800 profiles. (even if they can mass-change those,. the signature will change and mass-redeploy to my environment.. which we cannot do willy-nilly. Would have to be communicated and scheduled to help minimize impact).


 


EDIT - to be fair,. there's only maybe 5 to 10 Profiles (total) that being changed will directly impact Users (Password prompt popups).. so that # of Profiles is small, but the impact could be big (especially on a week when our Helpdesk is short people). ;/

0 Kudos