We’ve run into what looks like a gap in how forceAirDropUnmanaged is enforced on iOS devices.
Setup:
- Device: iOS 17.x (unsupervised, enrolled in MDM)
- MDM Restriction: forceAirDropUnmanaged = true
- Managed Open-In restriction also applied (block unmanaged destinations).
- Verified: from a managed app, the AirDrop icon is hidden in the share sheet. This part works as expected.
Issue: When two iOS devices are brought close together, the proximity-initiated AirDrop / NameDrop flow still allows transfer of photos, videos, or files between devices. In this path, forceAirDropUnmanaged does not appear to apply, even though the same restriction works correctly in the standard sharing pane.
What I’d expect: If forceAirDropUnmanaged is enabled, all AirDrop transfer paths (including proximity/NameDrop) should be treated as unmanaged, and thus blocked when “Managed Open-In to unmanaged destinations” is restricted.
What I observe instead:
- Share sheet → AirDrop hidden ✅
- Proximity/NameDrop → transfer still possible ❌
Questions for Apple / Community:
- Is this a known limitation or expected behavior?
- Is there a different restriction key (or combination) that also covers proximity-based AirDrop?
- If not currently supported, should this be filed as Feedback (FB) to request alignment between share sheet AirDrop and NameDrop enforcement?
This behaviour introduces a compliance gap for organisations relying on MDM to control data exfiltration on unsupervised or user-enrolled devices. Any clarification or guidance would be greatly appreciated.