The only thing you need to have to complete this task is a profile exported into a .mobileconfig file and a copy of TextEdit, which comes with every copy of OS X. If you don't have a profile, create one without any settings or simply perform the rest of the tasks in this book and come back to this one when finished. Alternatively, read this section just to get an understanding of what's in a profile and come back to it.

If you have a profile, provided it isn't encrypted (an option available in iPhone Configuration Utility), you can view it in clear text using the TextEdit application, built into every copy of OS X.

If you double-click on a .mobileconfig file (which again is just a profile) in OS X, then the computer will attempt to install the profile by default. Therefore, to view a profile, follow the given steps:

The profile also has keys at the bottom for a name for the profile (usually the filename), whether the profile can be removed (the PayloadRemovalDisallowed key), a unique identifier (the information provided at the time the profile was created, followed by a generated ID to keep two profiles from accidentally occupying the same namespace), a version number, a UUID for the profile, and possibly other information if the profile requires it.

No matter which tool is used to create a profile, they will all have the same structure and if the same information is put into them, it should also have a similar makeup. This is because the iOS device (or OS X computer as profiles can be used to configure preferences in OS X) has a built-in interpreter for the profile and expects them to follow certain rules.

Over the years there have been features that weren't supported in graphical interfaces but that were made available in property lists. As such, you can hand create these files, or even use custom scripts to create them. Doing so enables these hidden features, such as the ability to disable the home button before App Lock mode was introduced.

These days, there's very little reason to create a profile manually. You can create one using iPhone Configuration Utility, Apple Configurator, Profile Manager (built into Server.app in Lion and above), and a variety of third-party MDM utilities. Profiles, once created, can then be ported between systems using the .mobileconfig files and installed on devices. When installing .mobileconfig files, you can use a web server, e-mail, Apple Configurator, or even use an MDM server to enforce the policies without a static profile.

For more information on what Apple Configurator is doing under the hood, check out http://krypted.com/iphone/talking-a-look-under-apple-configurators-hood.

Profiles and OS X

Many profiles can be installed on iOS or OS X. Installing a profile on an OS X computer is done by simply double-clicking on a profile. Once installed, you can then view what the profile does by clicking on the profile and viewing the details from the Profiles System Preference pane.

For example, the details of the profile we just looked at in this task can be seen in the following screenshot:

Viewing profiles from iOS

The contents of a profile can also be viewed in iOS. To do so, open the Settings app and then click on General and scroll down until you see Profile. Click on Profile and then on the specific profile whose contents you'd like to see. The following screenshot shows the payloads configured for the profile viewed previously in this task:

Provided the profile is removable, simply click on the Remove button to delete it. If there is no Remove button, then the profile cannot be removed.