2

I see through the Apple iOS enterprise deployment guide,

http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf

that you can deploy apps you develop and sign, but what if you want to deploy some other 3rd party app that is managed by Apple (ie through iTunes)?

Is there a way to deploy iPhone apps to enterprise users that you didn't develop yourself? Is there any 3rd party management systems that allow you to deploy apps you didn't develop?

Or, are you left with providing instructions to users on how to download through iTunes themselves?

Anjisan
  • 121
  • 2
  • 2
    All my experience with "Enterprise" deployment of Apple iPhone, iPod, and iPad products has been terrible. It feels, to me, like Apple doesn't actually use their own products in an "Enterprise" setting (or, more likely, has a wholly different idea of what "Enterprise" means compared to me). – Evan Anderson Sep 24 '10 at 17:35

2 Answers2

1

The way it works currently is any app developed in house can be deployed OTA, but third party apps must be installed through the App Store. Enterprises that setup a MDM solution to manage their iOS devices usually choose something that comes with a feature to install a WebClip on the devices. This WebClip will open a website (maintained by the tool) and will display a list of "recommended" applications for users, any of which they can tap and will be brought to the App Store page for that app. All the user has to do is tap the Install or Buy button using either their own iTunes account or a shared company iTunes (depending how large the company is, this may not be feasible). Apple has recently rolled out a volume purchasing program for education institutions only. This means they can buy in bulk and deliver these to their devices, I believe OTA, but not positive on that one. Apple has within the last few weeks announced they will be extending the program to businesses as well, but not a timeline in which they will do it. This may allow bulk purchasing and delivering OTA, but again not positive on that point.

With iOS devices, one of the very common strategies you will see in the enterprise, is what they call the carrot and the stick approach (I did not coin the term). The list of required and recommended apps is published to users, and the installed applications are monitored. If a required application is not installed, then they have the MDM solution deny the device access to corporate resources until they become "compliant." This strategy is used for other things the company wants to "require" as well.

casey
  • 218
  • 1
  • 8
1

Yes - several commercial MDM packages like Lion Server's Profile Manager and JAMF's Casper Suite allow for over the air (OTA) deployment of iOS app packages, but it is somewhat fragile and also less useful since the apps being deployed are generally not signed in a way that the receiving iOS devices can run based on the current code signing implementation on iOS.

Specifically, you can get away with this when the device has already downloaded one app from the App Store directly and then the MDM subsequently pushes out an app signed for that same Apple ID as the device already has self-installed to set up the signing certificates needed to let the OTA app run.

You will quickly run into Apple ID limitations (10 devices per 90 days) and password tracking hassles if you want to scale this to more than a handful of users.

bmike
  • 283
  • 1
  • 19