Apple TV Availability control

  • 1
  • Question
  • Updated 4 years ago
  • Answered
We are a school district that will soon have over 100 Apple TV devices on our network. We would like to make it so that a teacher with her Ipad can only see the Apple TV in her class room, the computer lab and possibly a couple more. They might all be on the same sub net and they might not be.
Photo of Brian Heironimus

Brian Heironimus

  • 2 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
Get in line - everyone wants this feature

JAMF software seems to be headed in the direction of letting you control the Apple TVs more, but for now your options are limited.

Cisco has an option called Location Specific Services (LSS) but I have yet to see it work in our enviornment as promised.

with ios 7
Apple TV Management:

Configure device sources with whitelist of targets and pass-codes
Collect inventory data and other information

The issue that I saw was that Casper captured the ethernet mac address and not the wifi mac address, which makes white listing difficult if appleTVs are using wifi to connect.

I would recommend you wire in all appleTVs
they will be more stable
there will be less contention for air
and you might be able to whitelist them using appleconfigurator or JAMF casper suite

On the Aerohive side of things you might want to create separate network policies to run more then one bonjour gateway and squeeze the appleTVs into zones. Place the bonjour gateway AP [I believe it is the lowest mac addresses AP] in a quiet location, since having wifi users and bonjour gateway may tax the memory of the AP. It would be good it you could select which AP would become the Bonjour Gateway. Of course if you are using another device as the Bonjour Gateway ignore this last bit.

Here is what Apple recommended, although I have not gotten around to doing this, because of the amount of work involved.

add the appletv mac addresses to whitelist and then deliver the profile payload to the client device.



I did play around with JAMF a bit, but like I said when the device registered it used the ethernet mac address in the JAMF database, and since all our AppleTVs are using wifi, it made things difficult. This was a few months back so maybe things may have changed since then.
Photo of Bradley Chambers

Bradley Chambers, Champ

  • 302 Posts
  • 53 Reply Likes
I'll 2nd JAMF here, but all MDM providers can only do what Apple allows through its APIs.
Photo of McArenas

McArenas

  • 16 Posts
  • 1 Reply Like
What is the maximum number of AirPlay devices can an iPad/Mac list out? Will it provide you with a scrollbar if you have say 100 devices broadcasting? 

Can we make use of the "Bonjour Realm filtering" to limit the number of devices we can present to the user?
Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
From training documents
Network Policy = Configuration
Hive = Cooperative Control Protocols

Aerohive Devices configured with the same Network Policy will be in the same Hive, and can use cooperative control protocols for mesh, dynamic RF, layer 2/3 fast secure roaming, VPN failover, etc..

http://www.aerohive.com/330000/docs/help/english/6.1r3/hm/full/help.htm#monitor/bonjour.htm?Highligh...

The BDD in each VLAN begins scanning its local VLANs to learn which services are available. The BDDs also scan radio channels to discover other BDDs. If the two BDDS are within radio range, they automatically discover each other. If they are both Bonjour Gateways in the same hive but in different VLANs, they form a single realm and then advertise services to each other.

http://blogs.aerohive.com/blog/the-wireless-lan-training-blog/bonjour-gateways-cross-subnet-communic...





Photo of Tim Jennings

Tim Jennings

  • 1 Post
  • 0 Reply Likes
Great question on the AirPlay limit.  I've heard there is a limit of 50 devices, but can't seem to confirm whether that's true or not in any documentation.  
Photo of Brian Heironimus

Brian Heironimus

  • 2 Posts
  • 0 Reply Likes
Aruba Will also let you control what Apple TV devices an Ipad can see.  You can limit it by Domain groups and by what APs they are actual connected to.  There software is called Clearpass.  It is not an MDM however.  It is more of an advanced Authentication and intranet / internet access controller and recorder.  (They also sell AP but I don't think you need their APs to use the product.)

Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
The Orange company uses a combination of Airgroup and Clearpass and mobility controller. To filter bonjours services by user or location you need mobilty controller with The Orange company APs or their instant APs. You can use their mobility controller on none Orange company WLANs but the functions are limited. You can not filter bonjour services by user role, owner or location. There are also imitations when user and bonjour device are on the same vlan.

It would be awesome to have that level of control on the Aerohive Bonjour realms.