前面我們介紹了IOS上MDM幾個簡單的控制命令的發送和返回數據的解析處理,下面我們介紹一下MDM涉及到的命令的操作介紹:
一、Control Commands(控制類命令)
1、Device Lock(設備鎖屏)
RequestType為RequestType:
原文:Immediately locks the device. If a passcode is present, that passcode will be required to unlock the device.
譯文:設備鎖屏后,如果你的設備以前設置了鎖屏密碼,那么你的設備就會要求輸入你以前的鎖屏密碼來解除屏幕鎖。
2、Erase Device(擦出設備數據)
RequestType為EraseDevice:
原文:Immediately wipes the device memory and resets it to a “clean from factory” state.Requires connection to iTunes to restore from backup or configure as new.
譯文:擦拭設備的內存數據和重置為“恢復出廠”的狀態,需要連接到iTunes備份或恢復配置新的。
3、Clear Passcode(清除鎖屏密碼)
RequestType為ClearPasscode,另外需要TokenUpdate時返回的UnlockToken數據:
原文:If a passcode is present on the device, this command will clear that passcode. If a passcode is required by other configuration controls, the user will be given a grace period in which to set a new passcode.
譯文:如果設備以前設置了鎖屏密碼,當發送此命令時會清除設備設置的密碼。如果密碼被其他配置控制需要,用戶將可以在寬限期內設置一個新密碼。
二、Device Queries(查詢設備信息類)
1、Security Information(安全信息)
RequestType為SecurityInfo,另外需要查詢的數組列表,例如:“HardwareEncryptionCaps”, “PasscodePresent”等
原文:Lists specified security-related settings for the device, including hardware encryption capabilities, and whether a passcode is present (and if so, whether it is compliant with configuration). If the passcode is present, the device must be unlocked for this command to execute.
譯文:列出指定的安全相關的設置裝置,包括硬件加密功能,以及是否存在一個密碼(如果是這樣,是否符合配置)。如果密碼是目前,裝置必須解鎖執行這個命令。
2、Installed Application List(應用程序列表)
RequestType為InstalledApplicationList
原文:Lists all the applications currently installed on the device. Includes the overall persistent storage used by the application, expressed in bytes, along with the application’s name, version, and bundle identifier. Does not list applications installed via jailbreaking methods.
譯文:所有的應用程序目前安裝在設備列表。包括應用程序所使用的總體持久性存儲,表示字節,隨着應用程序的名稱,版本,和束標識符。沒有列出應用程序安裝通過破解方法。
3、Device Information(設備信息)
RequestType為DeviceInformation
原文:Retrieves specified general information about the device, including MAC phone number, software version, model name and number, serial number.
譯文:檢索指定的一般信息的裝置,包括MAC的電話號碼,軟件版本,模型的名稱和編號,編號。
4、Certificate list(證書列表)
RequestType為CertificateList
原文:Lists all certificates currently installed on the device.
譯文:列出所有目前在設備上安裝證書。
5、Profile List(描述文件列表)
RequestType為ProfileList
原文:Lists configuration profiles installed on the device. Includes Common name, whether a remove passcode is required, whether removal is disallowed, unique identifiers, and other similar information.
譯文:安裝在設備配置文件列表。包括普通的名字,是否刪除密碼是必需的,是否去除無效,唯一的標識符,和其他類似的信息。
6、Provisioning Profile List(預裝的描述文件列表)
Provisioning為ProvisioningProfileList
原文:Lists provisioning profiles installed on the device (similar to the Profile list).
譯文:安裝在設備列表配置配置文件(類似於配置文件列表)。
7、Restrictions List(限制列表)
RequestType為RestrictionsList
原文:Lists restrictions currently in effect on the device. For example, lists disabled applications,whether backup encryption is forced on, etc.
譯文:列出目前在設備上的限制的影響。例如,列表禁用應用程序,無論是備份加密是被迫的,等等。
三、Device Configuration(設備配置)
1、Install Profile(安裝描述文件)
RequestType為InstallProfile,另外需要Payload((data) IPCU .mobileconfig file, base-64 encoded)
原文:Given a base-64 encoding of a .mobileconfigprofile (as created by the IPCU or other tools), installs the profile on the device.
譯文:給定一個base64編碼的.mobileconfig描述文件(由IPCU或其他工具創建),安裝在裝置的配置。
2、Remove Profile(卸載配置文件)
RequestType為RemoveProfile
原文:Given a payload identifier (which is typically shown as a reverse-DNS identifier such as “com.example.cfg.restrictions”), removes the profile from the device.
譯文:給定一個載荷標識符(通常是作為一個反向DNS的標識符,如“com.example.cfg.restrictions”),刪除從設備的配置文件。
3、Install Provisioning Profile(安裝預裝描述配置文件)
RequestType為InstallProvisioningProfile,另外需要Payload((data) IPCU .mobileprovision file, base-64 encoded)
原文:Given a base-64 encoding of a .mobileprovisionprofile (as created by the IPCU or other tools), installs the profile on the device.
譯文:給定一個base64編碼的.mobileprovision文件(由IPCU或其他工具創建),安裝在裝置的配置。
4、Remove Provisioning Profile(卸載預先安裝的描述配置文件)
RequestType為RemoveProvisioningProfile,另外還需要UUID((string) Provisioning profile UUID)
原文:This command removes the provisioning profile from the device, given the profile’s UUID.
譯文:該命令會刪除配置文件從設備,給出了配置文件的UUID。
四、Device to Server Commands(發送給服務器的命令)
1、Authenticate(設備認證)
MessageType為Authenticate,會返回Topic和UDID
原文:This is a client command, sent by the client to initiate enrollment. Can be used by the server to permit or deny enrollment based on the device’s UDID. NOTE – Does not follow same format as server-to-client commands. Has no CommandUUIDfield nor the Commanddict structure — all parameters are top-level items in the main property list dict.
譯文:這是一個客戶端的命令,由客戶端發送啟動招生。可以使用的服務器以允許或拒絕基於設備的UDID登記。注意:不遵循相同的格式為服務器到客戶端的命令。沒有CommandUUID 也不Command 結構——所有的參數都在主屬性列表指定頂級項目.
2、Token Update(Token信息更新)
MessageType為TokenUpdate,會返回PushMagic、Token、Topic、UDID、UnlockToken等數據。
原文:This is a client message, sent by the client during enrollment. Provides the server with tokens used to contact device via APNS, as well as a key to unlock the device through the Clear Passcode command. NOTE – Does not follow same format as server-to-client commands. Has no CommandUUID field nor the Command dict structure — all parameters are top-level items in the main property list dict。
譯文:這是一個客戶端的消息,在招生過程中由客戶端發送。提供服務器標記用於通過APNS接觸裝置,以及解鎖裝置通過一個關鍵清除密碼命令。注意:不遵循相同的格式為服務器到客戶端命令。沒有CommandUUID也不Command結構——所有參數在主要的屬性列表的頂級項目。
總結,到目前為止,我們已經介紹了MDM的四大類,總計16個小類的控制類命令信息,很感謝你的閱讀。轉載自:移動互聯百科