How to configure Restrictions on iOS

The Restrictions section of a Apple Device Profile is a collection of various settings that can be configured so that can be applied on a device.


Assuming that you are creating or editing a Apple Device Profile in MobiLock Pro Dashboard, once you navigate to the Restrictions tab you would see the following screen.

Described below are the various options available,

Single App Mode

From the list of applications that you have allowed, choose one application run always. This helps you in setting up the device as a Kiosk. You can choose additional settings as well. Please read our How to Setup an iOS Device as Kiosk to learn more.

Network Settings

A collection of network related settings that you lets you control Network settings. These are:

  1. Wifi Configuration - Select a Wifi configuration and enforce it on Supervised device.
  2. Hotspot Setting - Choose whether the user can turn on/off the hotspot.
  3. Roaming Setting - Choose to enable/disable the Voice and Data roaming settings.

Safari Settings

In this section you can control Safari related settings,

  1. Enable Safari - If you have Whitelisted websites then this cannot be disabled.
  2. Allow AutoFill - Choose to Allow/Restrict the user to turn on/off the Auto-Fill feature.
  3. Allow Javascript - Choose to Allow/Restrict javascript to run.
  4. Allow PopUps - Choose to Allow/Restrict pop-up tabs.

iCloud & Siri Settings

Please find below the list of settings that are available.

 

Settings

Description

Support

Allow iCloud Backup

Allow/Restrict backing up the device to iCloud.

All

Allow iCloud Keychain Sync

Allow/Restrict iCloud keychain restriction.

All

Allow Siri

Allow/Restrict usage of Siri.

All

Force Siri Profanity filter

Force the use of Siri’s profanity filter.

Supervised

Allow iCloud Documents Sync

Allow/Restrict document and key-value syncing to iCloud.

Supervised

Lock Screen Settings

A collection of documents that drive the experience on Lock Screen that can be applied to all iOS devices.

 
 

Settings

Description

Support

Allow Touch-ID for Unlock

Allow/ Restrict users to use Touch Id for unlocking device. If the setting is already enabled, then user will not be able to change it.

All

Allow Lock Screen Control Center

Allow/Restrict Control centre on Lock screen.

All

Allow Lock Screen Notification View

Allow/Restrict Notifications view on Lock screen.

All

Allow Lock Screen Today View

Allow/Restrict Today View notifications when the device is locked.

All

Allow Passbook Notifications

Allow/Restrict the usage of passbook on lock screen.

All

Allow Assistant while Locked

Allow Siri on Lock screen. Works only if Siri is Allowed in iCloud and Siri settings.

All

Allow Voice Dialing

Disable Voice dialing using Siri on Lock screen.

All

App Settings

A collection of application related settings, that can be enforced on the devices.

 
 

Settings

Description

Support

Allow trust for Enterprise Apps

If set to false removes the Trust Enterprise Developer button in Settings->General->Profiles & Device Management, preventing apps from being provisioned by universal provisioning profiles. This restriction applies to free developer accounts but it does not apply to enterprise app developers who are trusted because their apps were pushed via MDM, nor does it revoke previously granted trust.

All

Allow iMessage

Allow/Restrict the use of Messages app.

Supervised

Allow App Installation

Allow/Restrict the installation of apps. Enables App store on devices.

Supervised

Allow Interactive Apps Installation

When disallowed, the App Store is disabled and its icon is removed from the Home screen. However, users may continue to use Host apps (iTunes, Configurator) to install or update their apps.

Supervised

Allow App Removal

Allow/Restrict removal of applications

Supervised

Allow System App Removal

Allow/Restrict removal of system applications from iOS 11.0.

Supervised

Allow iTunes App

Allow/Restrict use of iTunes Application.

Supervised

Allow News

Allow/Restrict the users to add the News widget.

Supervised

Allow Podcasts

Allow/Restrict the use of Podcasts app.

Supervised

Allow Music Service

If disallowed Music service is disabled and Music app reverts to classic mode.

Supervised

Allow Bookstore

Allow/Restrict iBook store app.

Supervised

Allow AirDrop

Allow/Restrict the usage of AirDrop.

Supervised

General Settings

A collection of common settings that can be enforced on devices.

 

Settings

Description

Support

Allow Camera

Allow/Restrict the usage of Camera. Required to be Allowed if you want to use Photobooth app.

All

Allow ScreenShot

Allow/Restrict users to take screenshot.

All

Allow Enabling Restrictions

Allow/Restrict users to access Restrictions in Settings.

Supervised

Allow Erase Content and Settings

Allow/Restrict users to erase all the content and settings on the device.

Supervised

Allow Account Modification

Allow/Restrict the users to modify the iTunes account configured on device. Note that if it is disallowed and an iTunes account is not already configured on the device, then the Apps pushed from Apple App Store will not be installed.

Supervised

Allow Device Name Modification

Allow/Restrict users  to modify name of the device.

Supervised

Allow Wallpaper Modification

Allow/Restrict users to modify wallpaper of the device.

Supervised

Allow Connection with Apple Devices

Allow/Restrict the devices to be connected to other Apple devices. If disallowed, host pairing is disabled with the exception of the computer that you used for supervisioning. If no supervision host certificate has been configured, all pairing is disabled.

Supervised

Allow VPN Creation

Allow/Restrict users to create VPN connections.

Supervised

Allow Explicit Content

When disallowed, explicit music or video content purchased from the iTunes Store is hidden. Explicit content is marked as such by content providers, such as record labels, when sold through the iTunes Store.

Supervised

Allow Bluetooth Settings Modification

Allow/Restrict the users to modify Bluetooth settings.

Supervised

Allow Open From Managed to Unmanaged

Allow documents to be opened in unmanaged applications from managed.

Supervised

Allow UI Configuration Profile Installation

You are allowed to install UI Configuration profile.



How did we do?