【笔记】Apple描述文件

发表于 更新于 阅读次数:

前言

Apple的描述文件用来统一企业级配置,类似Windows上的组策略
常见的描述文件有:Apple提供的App的内测权限配置、Apple提供的App的开发者权限配置、企业内用于定义App权限的配置
描述文件的扩展名为.mobileconfig

Mac上通过描述文件自定义MicrosoftEDGE配置

<key>DiagnosticData</key><integer>0</integer>:关闭诊断数据
<key>NewTabPageAppLauncherEnabled</key><false/>:关闭新页面左上角的微软应用菜单
<key>NewTabPageContentEnabled</key><false/>:关闭资讯内容
<key>NewTabPageHideDefaultTopSites</key><true/>:隐藏快捷链接
<key>AddressBarMicrosoftSearchInBingProviderEnabled</key><false/>:关闭搜索栏建议

edge.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <!-- 配置文件名称(选填) -->
  <key>PayloadDisplayName</key>
  <string>com.microsoft.edgemac</string>
  <!-- 配置文件反向 DNS 格式的识别符(必填) -->
  <key>PayloadIdentifier</key>
  <string>com.microsoft.Edge.13D4EE1D-74BF-4963-AE69-88E61F9FD9EA</string>
  <!-- 配置文件类型(必填) -->
  <key>PayloadType</key>
  <string>Configuration</string>
  <!-- 配置文件 UUDI 格式的识别符(必填) -->
  <key>PayloadUUID</key>
  <string>6BAC9A8B-19F3-4876-99D9-BCA6C8B30238</string>
  <!-- 配置文件的版本号(必填) -->
  <key>PayloadVersion</key>
  <integer>1</integer>
  <!-- 配置文件的适用设备(选填,5 表示 Mac 平台) -->
  <key>TargetDeviceType</key>
  <integer>5</integer>
  <!-- 下方拼接 PayloadContent 键及其内容 -->
  <key>PayloadContent</key>
  <dict>
    <key>PayloadDisplayName</key>
    <string>Microsoft Edge</string>
    <key>PayloadIdentifier</key>
    <string>com.microsoft.Edge.13D4EE1D-74BF-4963-AE69-88E61F9FD9EA</string>
    <key>PayloadType</key>
    <string>com.microsoft.Edge</string>
    <key>PayloadUUID</key>
    <string>AB70BBA2-D881-4C1A-8E36-9EE591429F3E</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <!-- 下方编写自定义配置 -->
    <key>NewTabPageAppLauncherEnabled</key>
    <false/>
    <key>NewTabPageContentEnabled</key>
    <false/>
    <key>NewTabPageHideDefaultTopSites</key>
    <true/>
  </dict>
</dict>
</plist>

配置默认搜索引擎

name:配置搜索引擎名称
search_url:配置搜索URL,{searchTerms}为搜索的关键词的占位符

edge.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <!-- 配置文件名称(选填) -->
  <key>PayloadDisplayName</key>
  <string>com.microsoft.edgemac</string>
  <!-- 配置文件反向 DNS 格式的识别符(必填) -->
  <key>PayloadIdentifier</key>
  <string>com.microsoft.Edge.13D4EE1D-74BF-4963-AE69-88E61F9FD9EA</string>
  <!-- 配置文件类型(必填) -->
  <key>PayloadType</key>
  <string>Configuration</string>
  <!-- 配置文件 UUDI 格式的识别符(必填) -->
  <key>PayloadUUID</key>
  <string>6BAC9A8B-19F3-4876-99D9-BCA6C8B30238</string>
  <!-- 配置文件的版本号(必填) -->
  <key>PayloadVersion</key>
  <integer>1</integer>
  <!-- 配置文件的适用设备(选填,5 表示 Mac 平台) -->
  <key>TargetDeviceType</key>
  <integer>5</integer>
  <!-- 下方拼接 PayloadContent 键及其内容 -->
  <key>PayloadContent</key>
  <dict>
    <key>PayloadDisplayName</key>
    <string>Microsoft Edge</string>
    <key>PayloadIdentifier</key>
    <string>com.microsoft.Edge.13D4EE1D-74BF-4963-AE69-88E61F9FD9EA</string>
    <key>PayloadType</key>
    <string>com.microsoft.Edge</string>
    <key>PayloadUUID</key>
    <string>AB70BBA2-D881-4C1A-8E36-9EE591429F3E</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <!-- 下方编写自定义配置 -->
    <key>ManagedSearchEngines</key>
    <dict>
      <key>is_default</key>
      <true/>
      <key>keyword</key>
      <string>d</string>
      <key>name</key>
      <string>DDG Lite</string>
      <key>search_url</key>
      <string>https://lite.duckduckgo.com/lite/?q={searchTerms}</string>
    </dict>
  </dict>
</dict>
</plist>

在MicrosoftEDGE上查看策略

IOS上通过描述文件自定义蜂窝网络的DNS

阿里DNS

DoT

AliDNS-DoT.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>PayloadContent</key>
    <array>
      <dict>
        <key>DNSSettings</key>
        <dict>
          <key>DNSProtocol</key>
          <string>TLS</string>
          <key>ServerAddresses</key>
          <array>
            <string>2400:3200::1</string>
            <string>2400:3200:baba::1</string>
            <string>223.5.5.5</string>
            <string>223.6.6.6</string>
          </array>
          <key>ServerName</key>
          <string>dns.alidns.com</string>
        </dict>
        <key>PayloadDescription</key>
        <string>Configures device to use AliDNS Encrypted DNS over TLS</string>
        <key>PayloadDisplayName</key>
        <string>Ali DNS over TLS</string>
        <key>PayloadIdentifier</key>
        <string>cc.lxd.alidot.dnsSettings.managed</string>
        <key>PayloadType</key>
        <string>com.apple.dnsSettings.managed</string>
        <key>PayloadUUID</key>
        <string>53456719-458f-4940-8741-83414b22f5ae</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
        <key>ProhibitDisablement</key>
        <false/>
      </dict>
    </array>
    <key>PayloadDescription</key>
    <string>Adds the AliDNS to Big Sur and iOS 14 based systems</string>
    <key>PayloadDisplayName</key>
    <string>Ali DNS over TLS</string>
    <key>PayloadIdentifier</key>
    <string>cc.lxd.alidot</string>
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>a389c299-c229-4e35-9cba-75c3a7bc268b</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
  </dict>
</plist>

DoH

AliDNS-DoH.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>PayloadContent</key>
    <array>
      <dict>
        <key>DNSSettings</key>
        <dict>
          <key>DNSProtocol</key>
          <string>HTTPS</string>
          <key>ServerAddresses</key>
          <array>
            <string>2400:3200::1</string>
            <string>2400:3200:baba::1</string>
            <string>223.5.5.5</string>
            <string>223.6.6.6</string>
          </array>
          <key>ServerURL</key>
          <string>https://dns.alidns.com/dns-query</string>
        </dict>
        <key>PayloadDescription</key>
        <string>Configures device to use AliDNS Encrypted DNS over TLS</string>
        <key>PayloadDisplayName</key>
        <string>AliDNS</string>
        <key>PayloadIdentifier</key>
        <string>cc.lxd.alidoh.dnsSettings.managed</string>
        <key>PayloadType</key>
        <string>com.apple.dnsSettings.managed</string>
        <key>PayloadUUID</key>
        <string>39e6a9fb-9532-461e-a73d-97e744bbe4e9</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
        <key>ProhibitDisablement</key>
        <false/>
      </dict>
    </array>
    <key>PayloadDescription</key>
    <string>Adds the AliDNS to iOS or MacOS</string>
    <key>PayloadDisplayName</key>
    <string>AliDNS</string>
    <key>PayloadIdentifier</key>
    <string>cc.lxd.alidoh</string>
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>c9b1404a-a873-4b08-b051-48c6f6c4d6aa</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
  </dict>
</plist>

腾讯DNS

DoT

DNSPod-DoT.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>PayloadContent</key>
    <array>
      <dict>
        <key>DNSSettings</key>
        <dict>
          <key>DNSProtocol</key>
          <string>TLS</string>
          <key>ServerName</key>
          <string>dot.pub</string>
        </dict>
        <key>PayloadDescription</key>
        <string>Configures device to use DNSPod Encrypted DNS over TLS</string>
        <key>PayloadDisplayName</key>
        <string>DNSPod DNS over TLS</string>
        <key>PayloadIdentifier</key>
        <string>cc.lxd.dnspoddot.dnsSettings.managed</string>
        <key>PayloadType</key>
        <string>com.apple.dnsSettings.managed</string>
        <key>PayloadUUID</key>
        <string>1ec0214a-0704-47ce-932d-960affedc562</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
        <key>ProhibitDisablement</key>
        <false/>
      </dict>
    </array>
    <key>PayloadDescription</key>
    <string>Adds the DNSPod to Big Sur and iOS 14 based systems</string>
    <key>PayloadDisplayName</key>
    <string>DNSPod DNS over TLS</string>
    <key>PayloadIdentifier</key>
    <string>cc.lxd.dnspoddot</string>
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>7aabc40f-6428-476a-b6cf-05791a432000</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
  </dict>
</plist>

DoH

DNSPod-DoH.mobileconfig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>PayloadContent</key>
  <array>
    <dict>
      <key>DNSSettings</key>
      <dict>
        <key>DNSProtocol</key>
        <string>HTTPS</string>
        <key>ServerURL</key>
        <string>https://1.12.12.12/dns-query</string>
      </dict>
      <key>PayloadDescription</key>
      <string>Configures device to use DNSPod Encrypted DNS over TLS</string>
      <key>PayloadDisplayName</key>
      <string>DNSPodDNS</string>
      <key>PayloadIdentifier</key>
      <string>cc.lxd.dnspod.dnsSettings.managed</string>
      <key>PayloadType</key>
      <string>com.apple.dnsSettings.managed</string>
      <key>PayloadUUID</key>
      <string>fb54cc64-baa0-4271-86d5-8ea30d6bca87</string>
      <key>PayloadVersion</key>
      <integer>1</integer>
      <key>ProhibitDisablement</key>
      <false/>
    </dict>
  </array>
  <key>PayloadDescription</key>
  <string>Adds the DNSPod to iOS </string>
  <key>PayloadDisplayName</key>
  <string>DNSPodDNS</string>
  <key>PayloadIdentifier</key>
  <string>cc.lxd.dnspod</string>
  <key>PayloadRemovalDisallowed</key>
  <false/>
  <key>PayloadType</key>
  <string>Configuration</string>
  <key>PayloadUUID</key>
  <string>3008bb2d-806c-4760-a34a-04ff58719557</string>
  <key>PayloadVersion</key>
  <integer>1</integer>
</dict>
</plist>

完成

参考文献

少数派——PlatyHsu
知乎——Mm5M
xiaodongus/encrypted-dns