I have implemented some Shared iPads at my company. These are to be single-purpose devices that are shared among the staff at particular offices and are used to run a single App that is important to them.
It should be noted that the app requires some permissions before it can be used properly and so these, while not amazingly hard to agree to, are just kind of annoying for the end user to constantly be challenged with while trying to get on with their job (Camera access kind of things). The app has its own security so locking down the device and then making use of the Guest (Temporary) session meets our needs.
I also have a need to keep the devices’ iPadOS up-to-date* and this requires that they are signed off of the device to work correctly.
Counting on the end user to reliably sign out at the end of the week so the OS updates can occur over the weekend is not likely to be successful, so Apple thoughtfully provided an attribute that I could use called TemporarySessionTimeout. The only problem is… it didn’t work.
But finally, after over 5 months working with Microsoft and Apple it seems the issue is now settled.
Here are my conclusions:
- iPadOS 15.5 is required for the TemporarySessionTimeout attribute to work correctly.
- Apple assures me that any value from 1 to 129,600 seconds (36 hours) will work. I am using this as my upper limit.
- I have tested, multiple times now, 86,400 seconds (24 hours) and this works fine. This is the value I agreed upon with my business partner that should permit the session to persist throughout the week but then timeout on the weekend and leave enough time for iPadOS updates* to occur.
- The timer is reset with pretty much ANY interaction with the device. In my earlier testing I was checking at 16 hours, 20 hours, etc. with the intent of catching if the device was timing out sooner than expected. But when I did this, it would also NOT timeout after 24 hours. Only if I left it completely alone and then checked after 24 hours was the guest session signed-out. All I did was press the power button to check if the “Sign out” button was still present.
* I keep mentioning iPadOS updates like they work. They don’t. I have cases open with both Microsoft and Apple on this issue. As of iPadOS 15.5, using an Intune iOS/iPadOS Update policy does not cause the update to occur successfully, at least on my devices. There is some kind of permissions error buried in the logs and the direction I’m getting from Apple is that we will need to wait for a future release of iPadOS to see if it’s fixed. Yay team!