Forum Discussion

Suleyman Ali's avatar
Suleyman Ali
Iron Contributor
Jul 20, 2022

iOS dep phone home screen stuck after restore

environment:

ios 15

VPP tokens

User affinity with company portal

Apple Business Manager integration

corporate apple IS integrated with AZUREAD

 

So, when we deploy these iphones, everything works fine.  users gets asked with company remote management, they can sign into their apple id (azure AD accounts) and when  on home screen are presented with the 'admin guided message' before company portal pops up and signs in.  all works well for years.

 

We have had this a few times when users restore their iphones, a couple of things happen.

 

1 - they go into their home screen and their apps seemingly are restoring but then after 2-3 mins the home screen freezes.  you cannot press anything.  when it locks you cannot swipe up to unlock.  we then restart the phone via volume up/down and that will go in for a 2-3 minutes but still freezes.  it looks like the company portal should come up but does not

 

2 - when they do go in for 2-3 minutes, there is a company portal app with the cloud download button.  when they press it says "unable to install <app name> this app needs to reinstalled from your organisations device management app"

 

we are testing further.  but a few unhappy users.

 

NOW, we can start from scracth without restore.  BUT the issue is text messages.  currently corporate apple ID does not synch text messages (there a few limitations like fund my app blah)

Intune
mobile device management (mdm)

4 Replies

Sort By
  • somesh_pathak's avatar
    somesh_pathak
    Iron Contributor
    Aug 02, 2022
    Also, you should avoid backup-restore your supervised devices using iCloud as it generally breaks the management profile.
    • Suleyman Ali's avatar
      Suleyman Ali
      Iron Contributor
      Jun 26, 2023
      i should of replied much sooner than nearly a year, but our resolution was to change the authentication method in the enrollment profile to 'setup assistant with modern authentication' rather than 'company portal'. a much better experience for end users
  • somesh_pathak's avatar
    somesh_pathak
    Iron Contributor
    Aug 02, 2022

    Hi Suleyman Ali , Please verify below in your tenant:

     

    1. You should have enough VPP licenses available for Intune comp portal app in Intune-Apps-iOS apps and in ABM. 
    2. The status of VPP token should not be expired. 
    3. VPP token is selected in your DEP profile.
    4. As you are using DEP, make sure you have deployed Configuration profile for Intune comp portal app to your iOS devices.
    5. Intune comp portal is deployed as "Required" to your devices.
  • NielsScheffers's avatar
    NielsScheffers
    Iron Contributor
    Jul 22, 2022

    So, to be clear, you are basically trying to enable iOS's supervised mode on existing (unmanaged) iOS devices and don't want to reset them (or at least be able to restore data)?

     

    To be honest, I've never used this approach but I've read a few articles about it. I guess I've always been lucky enough to convince people a reset is unavoidable.

     

    From what I've read, the workaround involves first restoring the backup to a different device, like this:

    • Backup the main device;
    • Restore this backup to a temporary device;
    • Backup the temporary device;
    • Use this last backup to restore during Setup Assistant on the main device.

    That, I've been told, is the workaround to get this working. I'm very keen to hear your experience in this.

Resources