+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 25
Mac Thread, Apple enterprise and iOS: how would you want it to work? in Technical; I got asked a bit recently about some info on ipads and managing them and it got me thinking, how ...
  1. #1


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141

    Apple enterprise and iOS: how would you want it to work?

    I got asked a bit recently about some info on ipads and managing them and it got me thinking, how would/could/should they work in an environment such as ours?

    My biggest bugbear, is annoying and seemingly pointless restrictions.
    -5 computers per account
    -5 accounts per device
    -10 devices per account

    This is such a useless restriction in our environment. Even if you follow 'Apples advice' and use multiple accounts for different device banks, these numbers are so abritrary. The average home user might not have more than 5 computers/devices or whatever, but we do! I have approximately 20 teachers with staff ipads, all wanting the same apps, and all want to be able to sync their work. So to use the devices I need 2 accounts, and I need to gift each app to myself 9/10 times. Great, except now I've got the restriction on computers, therefore I need to find shared-computers for them to sync to. This means they can't be used individually, since your now sharing your account and your syncs with 9 of your peers. So you need another account per device to handle the 'teachers' individual work which they can sync to their own computer.
    Now you have 40 more ipads used by the students in loan sets. So that's 4 more accounts you need, each of which need a machine to sync to. But the teachers need access to these accounts so they can get at the work themselves, so now you've passed the account-per-device restriction.

    The limiting factor here, is the 'personal computer'. Each device NEEDS one, and doesn't really work without it. So I'm hearing some chirping in the background about 'iCloud'..... Great! cloud based syncing, apps, mails, calendars, files! But ah, do you setup one per student? if so, expect a bill worth millions by the time you buy each app 500 times ( I recently passed 250 apps in the store, at least 40 of them are paid for, meaning I would be looking at 20,000 if each of the 40 apps only cost 1, which they did not!)
    Not going to happen, so you setup your 6 school accounts to work with iCloud.. Problem solved! Except ah, now class 1 used set 1 last week which had account 1, and now they are using set 2 which is based on account 2.... So they need to login to iCloud account 1. This then REMOVES all the apps on the device, and ADDS the account 1 apps, files etc. (If anyone wants to correct me on this feel free, I've not tried iCloud as I don't own any personal Apple devices, but i've been told by people who have that it does this)
    You've got 8gb of apps and files on your ipads, there's 10 devices, and you've got a 10mb internet connection. Assuming you're using 100% of the connection, you're going at 1.25mb per second, which if I'm right, will take 18 hours to download.... You've got 45 minutes of a lesson.

    So say goodbye to iCloud here, it's not going to work.

    Ok, so enough ranting.

    What do I want it to do?

    I want firstly a single-account volume licensing model, with no arbitrary limits on devices per account, be that computers or iOS devices.
    I want iCloud to be able to pull down 'new' things and allow syncing, but don't touch what I've got on the device already you little bugger. What I'd like even more, is for them to work 'like computers do' and allow the ability to control the apps seperate to the login accounts, ideally with domain login ability.
    I want a server based app-repository, which I can dynamically push out, recall and deploy apps from and to. Therefore, if an app is purchased on a device, it is then syncing to the server, and can if allowed be then pushed out via the server to all devices.
    I want to tailor access to the App store on the Apple ID's, one for getting what is already purchased on the account, and another for 'adding new apps'.

    What do you want, what would make this apple gear friendly enough to bring it into your environment and not cause you headaches from restrictions?

  2. Thanks to Rydra from:

    Abaddon (28th May 2012)

  3. #2
    Abaddon's Avatar
    Join Date
    Mar 2006
    Location
    Middlesex
    Posts
    593
    Thank Post
    70
    Thanked 68 Times in 63 Posts
    Rep Power
    59
    To be honest, at a bare minimum I'd settle for the volume licensing arrangement they have in the states. Yes, managing the iPads would still be a pain, but at least it would be easy to stay within licensing agreements.

    Not sure about the 10 device per account limit - I have significantly more than that on the main school iTunes acccount here.

    Everything you say seems reasonable though - if Apple really want this to work in UK schools, somthing has to be done about the mess that it currently is.

  4. #3

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    Windows Pro editions are designed for multi-user use, however Apple is definitely aimed more at personalised use - one device per user, but realistically this is too expensive for most businesses and schools.

    In my opinion if you want to go Apple, you may as well do it throughout (including a Mac server). Getting Apple to talk to Windows isn't straight forward. WebDav opens options, but it isn't necessarily secure.

    As you've also pointed out syncing iPads, updating apps and updating iOS is problematic when you have 30+ iPads. It's a full time job in itself. Without something third party, there doesn't appear to be a method by default of dynamically updating iPads. This may be possible with a Mac server though.

  5. #4


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141
    Quote Originally Posted by Abaddon View Post
    To be honest, at a bare minimum I'd settle for the volume licensing arrangement they have in the states. Yes, managing the iPads would still be a pain, but at least it would be easy to stay within licensing agreements.

    Not sure about the 10 device per account limit - I have significantly more than that on the main school iTunes acccount here.

    Everything you say seems reasonable though - if Apple really want this to work in UK schools, somthing has to be done about the mess that it currently is.
    Apple's T&C's and several of their services have a 10 device restriction. But so far it's not 'enforced' for the store, not sure if iCloud restricts/enforces this, but it states in their unreadable-small-grey-text-at-the-bottom-your-supposed-to-miss that some iCloud services are restricted to 10 devices.

    Frankly I dont care much about their licensing agreements, they aren't there for me or to make my life better, they are for them to milk us for more money. The volume licensing I want is to make it so I dont have to mess about to get Apps onto multiple devices, and dont have a paperwork nightmare declaring the costs of it.

    Quote Originally Posted by Michael View Post
    Windows Pro editions are designed for multi-user use, however Apple is definitely aimed more at personalised use - one device per user, but realistically this is too expensive for most businesses and schools.

    In my opinion if you want to go Apple, you may as well do it throughout (including a Mac server). Getting Apple to talk to Windows isn't straight forward. WebDav opens options, but it isn't necessarily secure.

    As you've also pointed out syncing iPads, updating apps and updating iOS is problematic when you have 30+ iPads. It's a full time job in itself. Without something third party, there doesn't appear to be a method by default of dynamically updating iPads. This may be possible with a Mac server though.
    There's other threads about it, I've got a lion OS server here specifically for the ipads and macs, but if I'm honest it's not really doing what I want, and the way I'm doing it is not the way Apple want me to.

  6. Thanks to Rydra from:

    ste1988 (28th May 2012)

  7. #5

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,799
    Thank Post
    272
    Thanked 1,134 Times in 1,030 Posts
    Rep Power
    349
    They need to sort out something for VL but found this tool last week for managing - Free and cloud based

    Meraki Systems Manager

  8. Thanks to glennda from:

    ste1988 (28th May 2012)

  9. #6
    ste1988's Avatar
    Join Date
    Jan 2012
    Location
    West Midlands
    Posts
    176
    Thank Post
    77
    Thanked 24 Times in 23 Posts
    Rep Power
    13
    Quote Originally Posted by glennda View Post
    They need to sort out something for VL but found this tool last week for managing - Free and cloud based

    Meraki Systems Manager
    That tool is worth a bit of time looking at, adding apps etc is so easy, i cant wait to roll it out on a few ipads to see how it goes.

    Not sure you can lock them down as much as you can with profile manager but i might of just been missing something

  10. #7

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,799
    Thank Post
    272
    Thanked 1,134 Times in 1,030 Posts
    Rep Power
    349
    Quote Originally Posted by ste1988 View Post
    That tool is worth a bit of time looking at, adding apps etc is so easy, i cant wait to roll it out on a few ipads to see how it goes.

    Not sure you can lock them down as much as you can with profile manager but i might of just been missing something
    You can lock them down from the web interface - but although i don't like apple as they control what goes into the store they remove most of the threat to the devices. You can use it on windows machines as well. We where playing in the office the other day running commands on each others pc's from the meraki system manager!

  11. Thanks to glennda from:

    ste1988 (28th May 2012)

  12. #8


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141
    Apple will either sue them for allowing people to use their product effectively in some patented way, or buy them out and break it knowing they way they've worked in the past

  13. #9

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,799
    Thank Post
    272
    Thanked 1,134 Times in 1,030 Posts
    Rep Power
    349
    Quote Originally Posted by Rydra View Post
    Apple will either sue them for allowing people to use their product effectively in some patented way, or buy them out and break it knowing they way they've worked in the past
    Meraki themselves are actually a wireless vendor who are unique in the fact the controller is based in the cloud and you pay a yearly fee for it rather then have a hardware controller - this is why we found the free software. they also have a pretty good wifi analyzer which is also free on Android and also Windows. I should have a couple of NFR access points arriving at work in the next day or so (we have signed a partnership with them to resell in the uk).

    The company started as a Uni project at MIT

  14. #10

    Join Date
    May 2009
    Location
    kidderminster
    Posts
    119
    Thank Post
    27
    Thanked 23 Times in 21 Posts
    Rep Power
    0
    Quote Originally Posted by Rydra View Post
    Apple will either sue them for allowing people to use their product effectively in some patented way, or buy them out and break it knowing they way they've worked in the past
    So you can expect them to do this with all the hundreds of other enterprise based MDM Solutions that support iPhone/iPads then......?

  15. #11


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141
    Quote Originally Posted by Sean-OC04 View Post
    So you can expect them to do this with all the hundreds of other enterprise based MDM Solutions that support iPhone/iPads then......?
    No don't be silly. They only do it under circumstances

    -It's successful
    -It's useful
    -It's innovative
    -It works better than their own versions

    For reference, see every tablet based device, every mobile OS, half the desktop OS's, anything with a menu, anything you click/touch/lick/look at in a specific manner, and of course anything beginning with one of the 24 letters* of the alphabet.




    *Apple decided it didn't count the letters Z and J, and they've released these "NEW AND IMPROVED NEVER USED BEFORE" letters which I cannot type here as it's not apple. Z has been replaced with a complex pattern of swirls and pronounced "Uck" and the other has been replaced by something unpronounceable with a human tongue, but is a little like "NGHUER" then relieving yourself in someone elses underwear. The letter itself is a bulbous upside down 'T' with a pineapple on top.

  16. #12
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34
    I'd want to have a locally based 'iCloud' server, so that the Ipads and stuff would sync from this server rather than using using the internet, in the same way as we have WSUS \ WDS \ SCCM servers for the Microsoft.

    One server locally, could also have the license server included, so that Apple would be able to keep rack of what software we're using (not sure I like this idea, but it's a way to control it).

    Ideally there'd be a way in the settings in there to sync all the data onto a different server (IE the current data store you have for user files).



    Assuming we're not able to get one device per user, then there should also be a way to uniquely identify a specific Ipad, and then this would lead onto a way of scheduling apps for certain times: Period 1 -> Maths -> Show all the Maths Apps; Period 2 -> French -> Show all the French apps; Period 3 -> not booked -> block internet access; etc etc. These rules would have to be created by the network admin, and there'd have to be some way to programmatically communicate these changes.


    I'm going to go and have a look at the Meraki stuff now, so it may or may not do this.
    Last edited by User3204; 29th May 2012 at 11:04 PM.

  17. #13


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141
    Quote Originally Posted by User3204 View Post
    I'd want to have a locally based 'iCloud' server, so that the Ipads and stuff would sync from this server rather than using using the internet, in the same way as we have WSUS \ WDS \ SCCM servers for the Microsoft.

    One server locally, could also have the license server included, so that Apple would be able to keep rack of what software we're using (not sure I like this idea, but it's a way to control it).

    Ideally there'd be a way in the settings in there to sync all the data onto a different server (IE the current data store you have for user files).



    Assuming we're not able to get one device per user, then there should also be a way to uniquely identify a specific Ipad, and then this would lead onto a way of scheduling apps for certain times: Period 1 -> Maths -> Show all the Maths Apps; Period 2 -> French -> Show all the French apps; Period 3 -> not booked -> block internet access; etc etc. These rules would have to be created by the network admin, and there'd have to be some way to programmatically communicate these changes.


    I'm going to go and have a look at the Meraki stuff now, so it may or may not do this.
    The internal iCloud I like, not sure about the point of the licensing server though. That can be cloud-based, since licensing is already handled at the Apple end rather than client end, they just track number of times license is used/tied against serial numbers of devices which apple pulls down anyway when you register them etc.

    As to the time-controls of apps, that sounds needlessly complicated to me, and I've not heard of a PC based system that allows this level of application control based on times, at least not so dynamically, since windows relies on physical files for it's linking, so to turn that on and off would be a nightmare. It's begging for things to go wrong. Much better to have open access and have users with the concentration above a gnat and someone to manage the class effectively.

  18. #14


    Join Date
    May 2009
    Location
    UK
    Posts
    2,105
    Thank Post
    256
    Thanked 450 Times in 251 Posts
    Rep Power
    141
    I've tried to signup and try out Meraki stuff today, and the site won't go past registering name/email/company etc.


  19. #15

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,190
    Thank Post
    299
    Thanked 215 Times in 185 Posts
    Rep Power
    56
    Most of you have said what I think would be the best way to do this. I think the local iCloud server is the best solution along with a process to push stuff out to devices. While we are at it can we stick a local facetime/messages service on there as well.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 7
    Last Post: 28th November 2011, 12:32 PM
  2. New Virtualized Servers - how would you do it?
    By sonofsanta in forum Hardware
    Replies: 43
    Last Post: 21st June 2011, 08:58 AM
  3. Software updates - How would you do it if you were me?
    By jmair in forum How do you do....it?
    Replies: 9
    Last Post: 15th April 2011, 12:59 AM
  4. Record data during login, how would you do it?
    By jmair in forum Windows Server 2008 R2
    Replies: 3
    Last Post: 2nd December 2010, 04:08 PM
  5. How would you do it?
    By jayemm in forum How do you do....it?
    Replies: 7
    Last Post: 17th August 2010, 11:24 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •