How to check iOS MDM performance in Kaspersky Security Center
Latest update: 8 April 2024
ID: 12432
Show applications and versions that this article concerns
- Kaspersky Security Center 14.2 (version 14.2.0.26967)
- Kaspersky Security Center 14 (version 14.0.0.10902)
- Kaspersky Security Center 13.2 (version 13.2.0.1511)
- Kaspersky Security Center 13.1 (version 13.1.0.8324)
- Kaspersky Security Center 13 (version 13.0.0.11247)
If you encounter problems when using the iOS MDM Server:
- Check the certificates of the iOS MDM Server for accuracy using these instructions.
- Check APNs service for accessibility using this guide.
- Create an event selection of the iOS MDM Server in the Administration Console. Check the selection for errors and incomplete commands. To learn how to create an event selection, see the instructions. When creating a selection, go to the Events tab and select iOS MDM Server from the Application drop-down list.
- Check the trace files of the iOS MDM Server according to this guide. Internal services such as RPC and WEB must be started.
How to check network accessibility and iOS MDM Server certificates for accuracy
- Go to Administration Server → Mobile Device Management → Mobile Device Servers.
- Select the required iOS MDM Server from the server list and click Configure iOS MDM Server.
- Go to Certificates.
- Make sure the iOS Mobile device server certificate block has the correct server address. The address must be specified in the FQDN format, not as an IP address.
- Make sure that the iOS MDM Server address is accessible on the network where the devices are located. Run the following command:
powershell Test-NetConnection <address of your iOS MDM Server> -port <iOS MDM port>
- Examine the command result and follow the instructions from this table: the actions to follow are specified in the Solution column.
- Make sure that the Vendor of the certificate from step 4 matches the data from the OpenSSL utility output. Run the following command:
openssl s_client -connect <address of your iOS MDM Server>:<port>
- Check the certificate validity period: according to the Apple requirements, it must not exceed 825 days.
If the data is different, then the iOS device connection to the iOS MDM Server uses traffic decryption and analysis technology (SSL inspection) as part of third-party security solutions, which may disrupt proper data exchange.
How to check the APNs service for accessibility
- On the device with the iOS MDM Server installed, run the command:
powershell Test-NetConnection api.push.apple.com -port 2197
- Examine the command result and follow the instructions from this table: the actions to follow are specified in the Solution column.
- On the device with iOS MDM, run the following command via the telnet utility under the network where the device must work:
telnet 1-courier.push.apple.com 5223