Is it possible to do either of the following:
- Remove Air Watch from an iOS device without deleting WiFi/Exchange profiles
- Backup the profile and restore it after removing Air Watch?
IOS – Removing Air Watch without removing WiFi/Exchange profiles
configuration-profilesexchangeiosSecuritywifi
Related Solutions
When you have a profile that enforces encryption of backups, you really only have three options:
- Live with the encrypted backups and do nothing.
- Get someone to remove the profile (or wipe the device along with the profile and start over being careful to not allow profiles that force you into encrypted backups).
- Somehow exploit a bug or flaw in the security of iOS and bypass this lock. I would expect you to pay big money or have some assistance from NSA-like organization to accomplish this last item unless someone publishes a weakness in iOS that we could take advantage of to bypass the security your iPhone has configured.
As it stands, you will likely have to remove the profile to bypass the restriction that iOS has on not doing a backup in the manner you wish.
I have done some in depth analysis for the same error on my MBA.
Basically there seems to be a MBA software problem somewhere in the Airport application.
In my case it looses the last digit of the Network Name (SSID) and then it claims it can not find it (what a surprise).
Then it issues the generic Connection time out Error.
Here is what it looks in my Console:
The actual name is Eurona900850808-81 as shown in the WiFi scan.
I would check the Console report on your computer to see what is going on.
If you need help how to get the report on your computer let me know.
I have been able to partially overcome this issue by disabling the Auto Join, and Auto remember networks.
Related Question
- IOS – How are apps like Mail+ connecting to Exchange, while Apple’s Mail.app is blocked by the IT dept
- IOS – Will removing developer devices break apps with old UDIDs on Provisioning profiles
- IPhone – Apple Watch notifications over WiFi
- IOS – Create WPA2 Enterprise Wifi + Certificate Apple Device Configuration Profile Without a Mac
- IOS – How to restrict a novice user from installing configuration profiles on their devices
- IOS – How to delete a certificate that got restored from a backup under iOS 10/11
- IOS – How to remove configuration profiles (.mobileconfig files) using MDM
Best Answer
Apple signs the profiles cryptographically so this would most likely require a jailbreak to even attempt modifying the OS code that handles chaining MDM enrollment with MDM granted Apps, profiles, shared secrets, and MDM delivered trust certificates.
Unless there is an exploitable bug in either the MDM (AirWatch in this case) or iOS, you won't be able to accomplish either of your goals. Apple restricts the MDM technical documentation to enterprise level developers and to selected partners - even paid developers cannot generally see the details of the implementation, so I can't link to an official Apple page listing how this works.
Now - here's what you can to to learn more about the certificates and the profile you (the end user) can control:
You should be able to see who has signed the profile and whether your device trusts / can verify the cryptographic chain used to sign that certificate for the date/time your device reports. These profiles generally have a start and end time bracket that automatically invalidates the profile except for a window of time.
The system is designed to keep you from changing anything in the file - and you can either opt in to keeping the restrictions or Remove Management which removes everything that depends on this profile in a cryptographic/mathematical sense.
Now for the good news, you can try this management for free with one MDM solution I'm familiar with: http://www.bushel.com
You'll also want to watch some introductory presentations about certificates. I'd recommend the "Let's Talk about Certificates" by Ben Toms (a.k.a. mac mule)
Warning, the last link contains humor since there are a lot of acronyms and technical jargon to be cut through that dryness with some levity. Skip to 2:30 to learn about trust and identification and whether you want to watch the entire presentation or not. And, what you ask would be like Apple and AirWatch being crew there to catch the woman in her "trust" fall.