Impact of iOS 13 update on MDM

Problem

Apple has introduced new security requirements for managing Apple devices with iOS 13 update. These changes impact the device management workflow in MDM. All managed iOS and iPad devices updated to iOS 13 and iPadOS 13 in the incompatible build version will have issues in

Cause and Resolution

Clear passcode profile

A token is mandatory for MDM to execute the clear passcode command. MDM will not be able to clear passcode due to lack of the required token. To be able to clear passcode using security commands or profiles, customers should upgrade to the latest build versions. If you have devices already affected by this issue, you will need to re-enroll the devices to enable clear passcode command.

Certificate issues

With iOS 13 update, CAs must not issue server certificates with a validity period of more than 825 days after the 1st of March 2018. Since the server certificate issued by MDM is valid upto 20 years, when you update a managed iOS device registered with incompatible build to iOS 13 the server certificate will become invalid. These devices will then stop communicating with the server and will become unmanaged. To continue managing these devices, you must upgrate the build to the latest version.