NOTE: This article applies to iOS devices.
To ensure reliable check out, your devices must check in reliably. This page is intended to document Imprivata’s recommendations for a reliable check in experience.
Assumptions
- This article assumes you are running Locker for iOS 3.6.1 or later.
Recommendations and Considerations
- Imprivata no longer recommends launching com.apple.Preferences. This app triggers a bug in iOS 16.2 (apparently fixed in 16.3). Additionally, we want to discourage users from opening Settings, usually.
- If you are hiding com.apple.webapp, ensure that you are not blocking com.apple.webapp from the MDM using a configuration profile. This can be blocked if you are using an allowlist and don’t have com.apple.webapp as part of the allowlisted apps. If you are building a blocked list, do not include com.apple.webapp.
Your Check In workflow must contain the following actions, at a minimum:
- Perform MDM Command: Clear Passcode
- Check In Device
- On Failure: Retry 3x
Every Apple DEP workflow will additionally include the following actions, which should be left untouched for Check In workflows:
- Device Enrollment Program
- Add WiFi
Optionally, you may add the following actions:
- Check In options to log out of third party apps
- Set Wallpaper to clear out personalized wallpaper
- Perform MDM Command to assign a staging user or remove tags
- Set Attributes to clear any additional data set during Check Out