Hello internet people!
Wanted to post about a recent issue that came up at a client. This particular client was using corporate owned Apple Business Manager (new DEP) devices that were being locked down with a white list of applications. This customer also wanted to allow people to sign into iCloud to retrieve their personal contacts and photos and things like that.
The issue was every time we attempted to sign into iCloud it would fail. We narrowed it down to the white list policy by flipping the policy off and trying again, seeing a success, wiping and flipping the policy back on and seeing a failure again.
After we had narrowed it down I did a little digging and found this gem
Maybe this was common knowledge, but it wasn't for me or the customer I was working with.
Sure enough after adding com.apple.CoreCDPUI.localsecretprompt to the app white list we were able to log into iCloud without issue.
If you are wondering what I mean when I say an app "white list" inside of Intune its the show/hide application settings and looks like the image below.
Hey, I mean is the word 'secret' is in the app name it cant be that well known right?
Have a good one!