Configure an iOS device for network payload capture

Learn how to configure an iOS device for network payload capture (NPC).

You’ll need to configure each iOS device you want to use for network payload capture.

Before you start

You’ll need to:

Make sure that the current deviceConnect version on the Mac mini hosting the device is at least 4.18. Update deviceConnect if the version is lower.
Confirm your system administrator configured your local Kobiton server.
Have access to a Mac machine that is not running Kobiton software including deviceConnect or deviceShare. This machine will be used to supervise iOS devices.

Install Apple Configurator and automation tools

Access the Mac machine that is not running Kobiton software.

Open the App Store, search for and install Apple Configurator.

Apple Configurator in the Mac App Store

An Apple ID is required to download and install Apple Configurator.

Open Apple Configurator. On the menu bar, select Apple Configurator, then Install Automation Tools.

A pop-up appears, select Install and provide the administrator password to continue.

The Install Automation Tools confirmation pop-up

Create an organization, then export the supervision identity

On the Apple Configurator menu, select Settings.

Select the Organizations tab. Select the Plus sign to add a new organization.

The Organizations tab under Apple Configurator Settings

Select Next and log in using the Apple Business or School Manager account. If you do not have such an account, select Skip. The next step assumes that you have selected the Skip button.

The Sign in to Apple School or Apple Business Managager screen with the field to input Apple ID and the Skip button

Enter your organization’s information in the below screen and choose Next.

The form to input the organization details with the Next button

Choose Generate a new supervision identity and select Done.

Choose Generate a new supervision identity option and select Done

Input the administrator password in the pop-up and select Update Settings.

Your organization should now appear in the list. Highlight it, then click the three-dot icon and select Export Supervision Identity.

The newly created organization under the list with the menu expanded and the Export Supervision Identity option visible

In the export supervision identity pop-up:

Select a location to save the exported files.
Select Unencrypted DER … for Format.
Select Save, then Export.

The Export Supervision Identity pop-up with the Unencrypted DER select for Format

Under the selected location, there is now a .crt and a .der file with the same name. Rename those files to organization.crt and organization.der, in that order. Transfer these 2 files into the Mac mini host (the Mac mini with Kobiton software running).

On the Mac mini host, open Finder, copy the 2 files above, then enter Shift + Command + G on the keyboard and input the following location: /usr/local/deviceconnect.

Paste the 2 files into the folder. The result in Finder should look similar to the below:

The organization.crt and organization.der file under the deviceconnect folder in Finder

Supervise the device

During this process:

The device will be unplugged from the Mac mini host to be supervised.
The device’s data will be erased. Back up the device data before proceeding (if needed).

Locate the iOS/iPadOS device to set up NPC.

Disconnect the device from the Mac mini host.

Open Settings on the device and sign out of any Apple ID. A signed in Apple ID will prevent the supervision of the device.

Connect the iOS device to the Mac machine that is not running Kobiton software and has all steps from the previous section performed on it. Tap Trust on the device.

The Trust this computer prompt on the iOS device screen

Open Apple Configurator on the Mac machine.

In the main screen of Apple Configurator, select the Supervised and the Unsupervised tabs to check where the device appears.

If the device is under the Supervised tab, then it is already supervised. Right-click the device and select Get info.

The device under the Supervised tab with the Get Info option

Double-check the Organization that supervises the device:

If it is the same organization that you created, skip supervising the device.
If it is not the same organization, double-check with your team that you can erase and re-supervise it. If yes, erase the device, then follow the steps for an unsupervised device.

The device info screen with the supervision Organizatin information visible

If the device is under the Unsupervised tab, right-click the device and select Prepare.

Select Manual Configuration for Prepare with, check Supervise devices, then choose Next.

The prepare devices screen with the Manual Configuration selected and Supervise devices checked

Select Do not enroll in MDM, then Next.

The Enroll in MDM Server screen with Do not enroll in MDM selected

Choose your organization in Organization, then select Next.

The Assign to Organization screen with the created Organization selected

Select Don’t show any of these steps for Setup Assistant, then Prepare.

The Configure iOS Setup Assistant screen with Don’t show any of these steps selected

If there is a Configurator could not perform the requested action… pop-up, select Erase.

The Configurator could not perform the selected action pop-up with the Erase button

The device will be factory reset. When you can access the device, follow the on-screen prompts until you are at the Home screen.

At this time, the device should be under the Supervised tab. Right-click the device and select Get info, then double-check the Organization that supervises the device.

The device under the Supervised tab with the Get Info option

Now, prepare and connect the device into the Mac mini host. See the linked guides for instructions.

The device is now ready for Network Payload Capture.

Next steps

Create a configuration for network payload capture, launch a manual or automation session with NPC enabled, then review the network payload data.