Best approach for enterprise integration
Solution 1:
While Apple puts their iOS Enterprise Deployment documentation in their developer area, it doesn't mean that you need custom software to handle iPhones and iPads. It's all pretty much what I think of as standard sysadmin-type work, so while it does require some knowledge of XML files and scripting, it's fairly well documented.
Here are some places to start:
- iPhone Configuration Utility
- Distributing Enterprise Apps for iOS 4 Devices
- Over-the-Air Profile Delivery and Configuration
- iPhone Configuration Profile Key Reference
Solution 2:
With more and more companies deciding to go with iPhones and iPads, enterprise deployment of iOS devices is becoming a new focus Apple. In my mind, it's broken up into two segments.
The process Dori outlined is 100% end user driven. You can setup the architecture to have end users navigate to iPCU generated Configuration Profiles via Apache, which will then prompt the user to install them. The same with OTA Application installations. But at the end of the day, you have to either A) Get the user to follow you instructions or B) Do it all by hand. And even then the end user can just go and remove the profile at their will. This is fine for things like VPN and Exchange where the end users want the profile. But if it's something like a passcode or a restriction on App Store content, then you don't have a great way to keep it on the device.
Option B is something called MDM. That's what you were referring to in the beginning. And yes, the last time I check there is absolutely nothing on Apple's developer portal about it. But if you have access to last years WWDC session you can catch a demo of it. It allows for over the air management of iOS devices. Things like the ability to push configuration profiles to devices. But since Apple's not telling anyone how to do this, it looks like you'll have to rely on a vendor for it. Check out a quick Google search for some examples.
So my take is if you're cool with everything be end user initiated, go with A. But if you need to enforce things, I think your only option is B.