Welcome to Brown’s Bytes! Your weekly insight from Mobliciti’s CTO Andy Brown. Follow #brownsbytes
25th September 2020
Well that didn’t take long…
As mentioned previously, iOS14 has launched into the world. Generally, it’s been a much quieter time than last year with iOS13, but…
What is it with Apple and ActiveSync?
If there is one area that is sure to cause a fuss in the Enterprise space, it will be Email and ActiveSync. The Native Email client on iOS is one of the key features that a lot of corporate users have for the iOS fleets. Email is still the killer use case for many corporate smartphones…
And yet it is also the area that always seems to slip through the cracks and bugs find their way in. Every Exchange Admin used to dread a new release of iOS and what it might do to their Email environment… and unfortunately, it seems iOS14 isn’t immune to Email woes.
The bug that we’ve picked up is nuanced, but in summary:
- If you use MDM to push an Exchange mail payload (which a large percentage of organisations that have MDM will be doing)
- And you use OAUTH authentication (which many will be as it’s recommended these days)
- Sorry, but iOS14 is unable to Authenticate
Curiously, if you manually create the email account then that will work! But then you have an unmanaged email on the device (which creates a different problem/risk).
This is only just coming to light as most people will have upgraded their phone to iOS14 with the profile for Email already in place (and thus already authenticated). In these cases, the Email client continues to work fine…
…until eventually it doesn’t!
This problem will grow and grow as people need to re-auth over time (password expiry etc), or if you reactivate a device, replace a device etc…
Right now, we’ve only really got workarounds:
- Use an alternative Email Client (such as MobileIron Email+ or Microsoft Outlook)
- Switch back to Basic Authentication (old school username and password on ActiveSync) which isn’t really ideal, to say the least.
- Create an ‘unmanaged’ email profile manually (as above), but note it then is outside MDM control.
- Don’t upgrade to iOS14.
We’ve just tested iOS 14.2 Beta to see if it’s fixed….and sad to say it isn’t.
It looks like this one may drag on for a while. Admins might want to confirm if this applies to them.