Advanced searching

True / false if devices' app traffic is routed through the network 5G slice.

Once automated Android registration is completed, the following values display:

• Google Zero Touch

• Knox Mobile Enrollment

• Non Zero Touch AE Enrollment - this is for Managed Devices / Device Owner types (afw#, QR code, NFC)

• Unknown - this value displays if versions before Ivanti EPMM 10.6.0.0 were used. This means the "In-App Registration Requirement field in Settings > System Settings > Users & Devices > Device Registration was used. It can also mean that an old client was used with Ivanti EPMM version 10.6.0.0 or later.

Docs/Tooltip: Battery health status as reported by Android OS.
Field Name: Android Battery Health Status
property: health
Possible values: COLD, DEAD, GOOD, OVERHEAT, OVER_VOLTAGE, UNKNOWN, UNSPECIFIED_VALUE

Version code of the client.

Result of Samsung Attestation.

This field will only populate if the device is a Zebra device; otherwise blank.

Docs: Battery health in percentage for supported device manufacturers such as Zebra devices.
Field Name: Battery Health Percentage
property: health_percentag
possible values: Integer

Brand of the device.

Code name of the Ivanti Mobile@Work client

True if the Android device has Developer mode enabled, otherwise false. This is reported on all Android device configurations and also on Knox.

Device encryption status.

Indicates, in minutes, the amount of time since the device was last rebooted.

GCM token of the device if present, otherwise blank.

Integrated Circuit Card Identifier number.

True if the device is kiosk enabled, otherwise false.

True if MDM is enabled, otherwise false.

Amount of free memory on the media / SD card.

True if Non GMS device is enabled, otherwise false.

OS build number.

OS Update Status.

Represents the number of days before the password / PIN will expire. This numerical value is controlled by the Security policy's Maximum Password Age field value. This field is a dynamic field, its value decreases every day by 1 until the password / PIN is renewed. At renewal, the value returns to the original number stated in the Maximum Password Age field and starts a new daily count-down. See Working with default policies.

Registration status of the device. Registration Status can be used as part of a dynamic label evaluation and criteria for tier compliance.

In the Select Type drop-down, select one of these options:

• Device Admin

• Device Admin Not Required

• Work Managed Device

• Managed Device with Work Profile

• Work Profile

• Work Profile on Company Owned device

• Unknown

SafetyNet exception during error.

Timestamp of when last SafetyNet check was run.

Indicates if the Samsung DualDAR on client is enabled. If not client enabled or device is in Device Owner mode, lists as "Unsupported."

True if the device supports Samsung E-FOTA, false otherwise.

Samsung Firmware E-FOTA has been decommissioned. As of August 2022, Samsung discontinued the Samsung E-FOTA service. For more information, see Activating the Samsung firmware E-FOTA license .

Samsung Model Number.

Indicates if device user was prompted to change the device's screen lock password / PIN and the device user skipped the prompt. Values are:

• Unknown - If coming from an older client device, value is unknown.

• True - Indicates the PIN is to expire in 7 days or less.

• False - (default) Indicates the device user is not being prompted to change the password / PIN (it has not reached its 7-day expiration window.)

The value listed stays until the device user successfully changes the password /PIN on the device. See Working with default policies.

True if Secured Apps Encryption is enabled, otherwise false.

Reason for security failure if it occurs.

Date of the Security Patch Level of the OS.

True if USB debugging is enabled, otherwise false.

True if one or more Wear OS device is paired to device via Bluetooth.

Fingerprint of the firmware build currently present on the Zebra device.

• Unknown - Not supported by client or OS version
• Current - The most current update is installed. Applicable to Android 8. 0 or supported newer versions. Applicable to Zebra 6 or supported newer versions.
• Pending - The client has accepted a system update configuration, but the update is not yet downloaded or installed. Applicable for Zebra 6 or supported newer versions.
• Downloading - An update is being downloaded. Applicable for Zebra 6 or supported newer versions.
• Available - An update is available (Android 8 or supported newer versions) or downloaded (Zebra 6 or supported newer versions) but is not yet installed.

The version of firmware for the Zebra device to be upgraded to. This is the target firmware version of the firmware applied to the Zebra device through firmware policy.

Status of VPN which analyzes malicious URLs when MTD Anti-phishing is configured.

True/false for if the AppConnect Terms of Service was accepted.

True/false if the device is registered in Authenticator Only mode.

Lists the device's compliance status in Azure. Possible values are:

• In-progress

• Compliant

• Failed

Indicates Azure account has been deactivated or the device is not in compliance. Possible values are: Compliant / Not Compliant.

True if iOS background status is enabled, otherwise false.

A list of reasons why the device is blocked.

GSM, CDMA, or blank if the device does not support cellular.

The unique client ID if the device was registered with Ivanti Mobile@Work client.

Status of Ivanti Mobile@Work client migration from Ivanti EPMM to Cloud (true/false).

The version of the client, if registered with Ivanti Mobile@Work client; otherwise, false.

A field that the administrator uses to add their own comments for the device.

The creation date of this device record.

Current country name of the device.

Current phone number of device, if the device has cellular service.

True if the device is encrypted, otherwise false.

Locale of the device.

Name of the space the device belongs to.

Size of device's display.

unique ID that identifies the work profile enrollment in a particular organization, and will remain stable across factory resets

Home (Initial) country code of the device.

Home Operator Name.

IMEI (International Mobile Equipment Identity) number.

IMEI information about the device information on active and inactive SIM slots is displayed in Ivanti EPMM. In addition, CSV-exported data includes the information for inactive slots.

Current IP address of the device.

If you configured the GDPR, and you want to hide new fields that are added in new Ivanti EPMM releases (such as IP Address and eSIM ID), edit the GDPR profile.

Last check-in time of the device.

Last MDM check-in time of the device.

Memory capacity of the device.

Mobile Threat Defense Status.

Model of the device.

Date/Time for last updates to device details.

MTD Anti-Phishing Status.

OS version number string.

The expiration time for the registration pin for a prereigstered device, empty if none exists.

Operating system and OS version of the device.

True if the device is quarantined, false otherwise.

Registration date of the device.

Unique ID when registering from the client.

True if the device is roaming, otherwise false.

Security state of the device.

Status of the device.

Number of bytes of free storage on the device.

Date for when the End User Terms of Service was accepted, otherwise blank.

Displays the battery information of the device.

True if Activation Lock is enabled on the device, otherwise false. Applicable to iOS.

iPhone (media access control address) MAC address. Applicable to iOS and OS X.

Available OS update product key. Applicable to iOS and macOS.

OS update status. Applicable to iOS and macOS.

Bluetooth MAC address. Applicable to and OS X.

Carrier settings version. Applicable to iOS.

Current mobile network code. Applicable to iOS.

True if device is data roaming enabled, otherwise false. Applicable to iOS.

True if the device is Apple Device Enrolled, otherwise false. Applicable to iOS.

Name of the device. Applicable to iOS and OS X.

True if backups are forced to be encrypted, otherwise false. Applicable to iOS.

True if full disk encryption has institutional recovery key, otherwise false. Applicable to macOS 10.9+.

Hardware encryption capabilities. Applicable to iOS.

True if iOS background status is enabled, otherwise false. Applicable to iOS.

Applicable to iOS.

Ttrue if iTunes Store Account is active, otherwise false. Applicable to iOS.

PIN to unlock a locked macOS device. Applicable to macOS.

Last iCloud backup date. Applicable to iOS.

Locale of the device. Applicable to tvOS.

macOS user's long name. Applicable to OS X.

The Apple ID allocated by the company to the device user. For Shared iPad devices, this field is populated once the iPad user logs in.

True if the device is was enrolled via MDM Service (non-over air Apple Device Enrollment), otherwise false. Applicable to iOS.

Modem firmware version. Applicable to iOS.

Organization for the device. Applicable to iOS.

The OS version that is pending for update on the device.

True if passcode is compliant with rules specified from profiles. Applicable to iOS.

True if Personal Hotspot is enabled, otherwise false. Applicable to iOS.

Product name. Applicable to iOS and OS X.

Security reason code. Applicable to iOS.

Lists the number of user sessions that can be stored on the device. If more users log in, older users will be removed to make room for the new user. This is configured in the Device enrollment profile and will either be the number set as the Maximum Resident Users or will be calculated if the Quota size is set.

Lists the timeout for guest/temporary sessions. This will log out the user after inactivity for the allotted time. Guest/temporary users will be completely logged out, not just have the screen locked. This is configured in the Device Enrollment Profile. If set to zero, there will be no timeout.

Lists the Maximum Resident Users allowed to be set on the device. If the Device Enrollment Profile sets the Maximum Resident Users to a number larger than this, the Allocated Resident Users will be set to this number. This number is controlled by the system based on the size of the device.

Lists the timeout for logged-in user sessions. This will log out the user after inactivity for the allotted time. Users will be completely logged out, not just have the screen locked. This is configured in the Device Enrollment Profile. Maximum limit is 1800 seconds.

The label for the associated SIM card. Up to 3 SIM cards, physical and virtual, are stored.

SIM card mobile network code associated to the phone number

• Lists the number of SIMs associated to the device. This includes embedded SIMs (eSIM) and physical SIMs.

• There can be multiple SIMs associated with the eSIM.

• For eSIMs in iPhone XS, iPhone XS Max, or iPhone XR with iOS 12.1 or supported newer versions.

SIM card mobile country code. Applicable to iOS.

True if the device is MDM supervised, otherwise false. Applicable to iOS.

True if device is trusted.

True if voice roaming is enabled, otherwise false. Applicable to iOS.

Device Wakeup status.

Device user's email address.

Date of admin's last log in into Ivanti EPMM.

The Attribute Distinguished Name for an LDAP user.

LDAP Users who are members of an LDAP group with a specific group name.

An LDAP User who are members of a specific locale.

Value of the attribute specified as the User ID in the LDAP server configuration.

Indicates whether the LDAP user account is disabled (true/false).

Indicates whether the LDAP user 's password has expired (true/false).

The value of the LDAP user attribute is defined in Services > LDAP.

The LDAP user ID.