WWDC 2023: What’s new in shared device deployments

WWDC 2023 introduced several new improvements on how organizations will be able to provide shared devices to their users.

Apple introduces Return to Service

Historically, iPhones and iPads were predominately a one to one (1:1) type of deployment, but as they have made larger inroads into education, enterprise and the growing deskless workforce, Apple has been consistently giving people more flexibility on how those devices are being used.

Shared iPad for businesses and schools allowed for multiple users to log in to a single iPad with Managed Apple IDs and use it as their assigned device for the day or their shift. This is really useful for organizations that are able to federate their identities into managed Apple IDs, but less useful for people who want to use iPhones or who don’t have any credentials in an identity provider.

For devices managed by the Jamf platform, the Jamf Setup app worked around these limitations by allowing users to select a role for the day and use Jamf Reset to completely wipe the device once they are done. The downside of that workflow is that someone would need to go through the Setup Assistant again in order to get it back under management. This was time consuming and simple mistakes can be made while selecting the Wi-Fi, language and region.

At this year’s WWDC, Apple announced Return to Service which will totally change that experience. Return to Service is a new MDM action that will send an EraseDevice command along with the previously selected language, region and critically — a Wi-Fi profile. Previously, these un-skippable user selections had to be performed each time a device was wiped and reenrolled. Being able to send a wipe command to a device and have it completely set itself back up again is a game changer in the deskless workforce and should improve the troubleshooting experience for support calls to IT.

Shared iPad updates

But Apple isn’t sleeping on Shared iPad. It can be confusing when you log into a device and don’t see the apps you were expecting to see right away; delaying access until everything is in place means you won’t be too early to the party. The AwaitUserConfiguration key lets you keep a user at the login screen until the device is totally ready and released by the MDM server. Apple also sped up logging in to Shared iPad for new users with the SkipLanguageAndLocaleSetupForNewUsers key. The shared iPad will use the selection made during the initial provisioning and not ask each new user to make those selections. This feature is off by default, so you will need to turn this on via MDM once available.

Additionally, changes in the way Shared iPad handles quota configurations will make it easier for IT admins to reserve the space needed for new apps and content while the device is in use.

Jamf has lots of ways to help IT deliver an excellent shared experience for their users and students while Shared iPad grants access to people with appropriate managed Apple IDs at a device level:

• Shared iPad’s Temporary Sessions allow access for people who just need a grab-and-go device or for people who don’t have any credentials by offering a Guest login, deleting all data once the user logs off
• Jamf Setup and Jamf Reset allow you to select a role and destroy all your data when you are done with it
• Our new Single Login feature — used with Jamf Setup and Jamf Reset — personalizes the device for each user based on their Azure credentials.

Being able to be flexible with your shared iOS and iPadOS devices is getting easier each year, and we look forward to seeing how all these changes will be used by our customers.