From The Apple Wiki

lockdownd is a daemon that provides system information to clients using liblockdown.dylib, e.g. the IMEI, UDID, etc. Every information provided by lockdownd can be obtained via other means, e.g. the IMEI can be found using IOKit. The only advantage of using lockdownd is it has root privilege, hence avoiding having to assume super user.

See also LibMobileGestalt.dylib (which you should use if you need a device's UDID).

Data Ark

Non-default information of lockdownd is stored in the data ark as a dictionary in /var/root/Library/Lockdown/data_ark.plist. The keys are represented as domain-key, e.g. com.apple.mobile.iTunes.store-AppleID.


lockdownd communicates with its clients via a UNIX socket /var/run/lockdown/localcomm with SSLv3 encryption. The contents exchanged are encoded property lists. Clients will initiate an action with a plist message like this:

Request = action;
ProtocolVersion = "2";
Label = execName;
Domain = domain;
Key = key;

Server may response with

Error = errMsg;
Value = value;

lockdownd understands the following actions:

  • ServiceCheckin
  • Goodbye
  • RemoveValue
  • SetValue
  • GetValue


The UDID is not an internal property. It is computed with a formula as described in the UDID article.

As noted above: if you need the device's UDID, use libMobileGestalt - don't compute it yourself, as the formula can change between device generations (and has changed multiple times).