MDM Related Policy Settings

In EMM, administrators can define policies, which include a set of configurations. EMM policies are enforced on EMM users' devices, based on the policy hierarchy, when new users register with MDM and also when a policy is edited. The MDM related policy settings will vary based on the mobile OS type (i.e., iOS or Android) of the device. The policy settings have been categorized as follows:

General settings

The following settings are common irrespective of the mobile OS.

Policy Settings	Description
Wifi	Configurations used to configure Wifi access on the end-user's device.
SSID	SSID refers to the Service Set Identification, which is used to differentiate one WLAN from the other, as all wireless devices on a WLAN must employ the same SSID in order to communicate with each other.
Password	The password used to enable Wifi settings. The password should be between 8 to 20 alphanumerical values in length and it can have complex characters.
Passcode policy	The end-user will have to ensure to set his/her device passcode in compliance with the corresponding passcode policy.
Maximum failed attempts	The maximum number of times the end-user can enter his/her device passcode incorrectly. EMM will take different courses of action based on the OS, when the failed attempts exceed the maximum failed attempts. Android-powered devices will be automatically reset to the original factory settings. While, iOS-powered devices will be automatically disabled. Thereby, making the user reset the iOS device to the original factory settings.
Minimum length	The minimum number of alphanumerical values that the end-user can enter as his/her passcode. However, if the "Allow Simple" option is set, this rule will be overridden and the user will be allowed to have a passcode of even one alphanumerical value.
Days of Expiration	The number of days after which the end-user will have to change his/her passcode.
Minimum complex characters	The maximum number of special characters (e.g., @ # etc.) that the end-user will have to enter in his/her passcode. However, if the "Allow Simple" option is set, this rule will be overridden and the user will be allowed to have a passcode without a single complex character.
Password History Length	The end-user will not be allowed to reuse a passcode that he/she previously entered until he/she exceeds the set password history length (e.g., if the passcode history length is 3 and your passcode currently is 21345, you can not enter 21345 as the passcode in the next three consecutive passcode rotation cycles).
Allow Simple	If this checkbox is selected, the end-user will be able to have a simple passcode (e.g., a, 123,abc, a1bc) and the following criteria in the passcode policy will not be applicable to the end-user's passcode: Minimum length Minimum complex characters
Require Alphanumeric	If this checkbox is selected, it is mandatory for the end-user to have a mix of digits and characters in his/her passcode.
Operation Restrictions	Restrictive operations that will be enforced on the end-user's device, when the policy is enforced.
Disable Camera	The camera on the end-user's device will be disabled together with all apps using the camera (e.g., FaceTime, Instagram, and more)
Lock Device	The end-user's device lock will be automatically applied.
Clear Passcode	The end-user's device passcode lock will be automatically cleared.

Android-based settings

The following settings are only relevant to Android devices.

Policy Settings	Description
Encryption	Configuration used to encrypt data on an Android-powered device, when the device is locked and make it readable when the password is entered.
Passcode	Optional. If the passcode policy has been set, the passcode has to comply to it. The user will have to enter this passcode to access his/her device data that is decrypted. In the event the passcode is not entered, the device prompts the end-user for it when the profile is being enforced.
Encrypt	If this checkbox is ticked the data on the device will be encrypted when the device lock is enabled.
Operation Restrictions	Restrictive operations that will be enforced on the end-user's Android-powered device.
Change Lock Code	If the passcode policy has been set, the newly entered passcode has to comply to the passcode policy. The end-user's device lock will be automatically changed with the newly entered passcode.

iOS-based settings

The following settings are only relevant to iOS devices.

Policy Settings	Description
APN Configurations	Configurations used to configure APN on the end-user's device. In iOS, the EMM server does not detect whether a device (i.e., iPad) has only Wifi, or whether the device has 3G and Wifi. If there is only Wifi, the APN configurations can not be pushed, and a policy violation will occur.
Carrier	The Access Point Name.
Username	Optional. The username of the specified APN. In the event the username is not entered, the device prompts the end-user for it when the profile is being enforced. This is used for authentication purposes.
Password	Optional. The password of the specified APN. In the event the password is not entered, the device prompts the end-user for it when the profile is being enforced. This is used for authentication purposes.
Proxy Server	Optional. The IP address or the URL of the APN proxy.
Proxy Port	Optional. The port number of entered APN proxy.
Use SSL	This determines whether or not to use SSL. If this option is not selected `http` will be used as opposed to `https`. By default, SSL will not be used.
LDAP Configurations	Settings used to configure a LDAP account on a device when the policy is enforced.
LDAP Description	Optionals. A description on the LDAP account.
Host Name	The host name of the LDAP account.
Use SSL	This determines whether or not to use SSL. If this option is not selected `http` will be used as opposed to `https`. By default, SSL will not be used.