Troubleshooting iOS USB Connection Issues Related to Feature Control

• Connecting a supervised iOS device to a computer via USB does not trigger the 'Trust This Computer?' prompt, preventing the establishment of a connection.
• This issue may persist even if settings like "Allow USB file transfer" appear to be enabled.

• SOTI MobiControl Server

• Supervised iOS Devices

• Host Computer (Windows PC or Mac) connecting via USB/Thunderbolt

• The 'Trust This Computer?' prompt does not appear on the iOS device when connected to a computer via USB.

• Alternatively, if the prompt does appear (less common in restricted scenarios), selecting 'Trust' has no effect and fails to establish a connection.

• Computers (iTunes, Finder, Apple Configurator, XCode) do not recognize the connected iOS device or show it as unavailable, locked, or requiring trust that cannot be granted.

• Inability to sync data, perform backups via USB, use developer tools, or perform any action requiring a paired USB connection, unless the connecting computer is a specifically configured supervision host.

To achieve the desired USB connection behavior and prevent issues:

• To Prevent Pairing with Unauthorized Computers (High Security): Ensure the 'Allow Host Pairing' option is disabled (unchecked) in the assigned Feature Control profile. Be aware that this blocks pairing with all hosts.

• To Allow Pairing with Any Computer (User Convenience): Ensure the 'Allow Host Pairing' option is enabled (checked) in the assigned Feature Control profile. This allows the 'Trust' prompt to appear and function.

• Regularly audit Feature Control profiles to ensure restrictions align with current organizational security policies and operational needs.

To resolve the issue where the 'Trust This Computer?' prompt is missing or non-functional due to a SOTI MobiControl restriction

1. Navigate to the Profiles tab.

2. Identify and select the profile assigned to the affected device(s) containing Feature Control.

3. Within the profile settings, go to Configurations > Feature Control.

4. Select the category Security And Privacy to locate the Allow Host Pairing option.

5. To Allow Pairing (Fix the missing 'Trust' prompt issue): Ensure the checkbox next to Allow Host Pairing is Toggled on (enabled). This explicitly permits the device to pair with host computers when prompted.

6. To Restrict Pairing (Maintain high security, blocks 'Trust' prompt): Ensure the checkbox next to Allow Host Pairing is Toggled off (disabled). Be aware that this is likely the cause of the reported connection issue if the user expects to connect.

7. Review any other restrictions in the Feature Control profile to ensure they meet requirements.

8. Click Save or Save and Assign to apply the updated profile to the targeted devices or device groups.

9. Wait for the device(s) to receive the updated profile. Once updated, disconnect and reconnect the USB cable; the "Trust This Computer?" prompt should now appear if 'Allow Host Pairing' was enabled.

Note: For SOTI MobiControl 14.3 and earlier, if the device had been enrolled with restrictions set in the add device rule while configuring Apple DEP (see Apple Device Enrollment Program), and you are unable to allow pairing despite making changes to the Feature Control profile, it is advised to update or create a new add device rule with host pairing allowed in your DEP configuration and reenroll the device.

• This restriction applies only to Supervised iOS/iPadOS devices.

• The SOTI MobiControl setting 'Allow Host Pairing' corresponds to the Apple MDM restriction allowHostPairing.

• Distinction from USB File Transfer: 'Allow Host Pairing' controls the initial 'Trust This Computer?' handshake. 'Allow USB file transfer' (a separate restriction) controls whether files can be moved after a successful pairing. Pairing must be allowed for file transfer to be possible.

• Disabling 'Allow Host Pairing' blocks connections to standard computers but may still allow connections to specially configured 'supervision hosts' (managed via Apple Configurator). If no such hosts are configured or recognized, all pairing is blocked.

• This modern restriction (allowHostPairing) replaces the deprecated allow_pairing setting (iOS 12 and earlier). Changes do not require a device wipe.

• See the Apple documentation topic Manage accessory access to Apple devices.

• See the SOTI MobiControl online help documentation topic Feature Control (iOS).