免费版
移动设备管理
移动应用管理
移动安全管理
移动电子邮件管理
BYOD
合规
- CJIS
- HIPAA
- ISO
- PCI
- GDPR
奖项和评价
支持的平台
- iOS
- 安卓
- Android for Work
- Windows
- 三星
- 三星KNOX

How to add an iOS 11 device to Apple DEP?

Description

Device enrolled with ME MDM through Apple DEP, has a whole lot of advantages such as mandatory MDM management, simplified device onboarding etc., However, enrolling iOS devices to DEP had mandatory requirements with the most important being the where/how the devices were purchased. Only devices purchased from Apple or Apple-authorized resellers can be enrolled with DEP. However, MDM now provides a work to enroll devices to DEP using Apple Configurator.

Prerequisites

DEP must be available in your country.
A Mac machine running Apple Configurator 2.5
Devices to be enrolled must be iOS 11 devices or must be capable of upgrading to iOS 11.

Steps

1. Create a new profile and add it to a blueprint as explained here. Click on Prepare after which the following screen is shown.

2. Ensure Add to Device Enrollment Program as well as Activate and complete enrollment is selected. Then follow the on-screen instructions to proceed with the enrollment.

3. You will be prompted to enter your Apple DEP credentials as shown below. Provide the required details to proceed with enrollment.

4. Once the device has been prepared, the device is activated and gets enrolled with ME MDM. However, these devices are by default added to server automatically created by Apple Configurator named Devices Added by Apple Configurator 2 as shown below.

5. If you are yet to configure Apple DEP,

On the MDM server, navigate to Enrollment and then select Apple Enrollment(DEP).
Click on the download link given to download the public key certificate. This is to be uploaded in Apple DEP portal.

Go back to Apple DEP portal, click on the server automatically created by Apple and select Add Key as seen below

Provide the downloaded public key certificate when prompted.

Click on Next and select Your Server Token, to download Apple DEP token which is to be uploaded back on the MDM server. You can optionally change the name of the DEP server, if need be. You can also re-generate the DEP token any time by clicking on the server and selecting Generate Token.

Upload the token back into MDM server as shown in the following screen and follow the on-screen instructions to complete configuring Apple DEP.

6. If you have already configured DEP in MDM, you need to reassign the devices from the auto-created group to the existing group as explained below:

On the Apple DEP portal, click on Manage Devices from the left pane.
Under Choose devices by, add devices enrolled into DEP through Apple Configurator by specifying their serial numbers/order number. You can also add these devices using a CSV file containing details of these devices.
Under Choose Action, select Assign to Server and select your existing DEP server from the dropdown. Click on OK to complete the device re-assignment.
Once the re-assignment is complete, go back to MDM server, navigate to Enrollment tab and select Apple Enrollment(DEP) and click on Sync devices. The re-assigned devices get listed on the MDM server.

7. Now assign users on the MDM server to these devices, to complete enrollment.

NOTE: The devices are added to provisional DEP and can be removed by the user within 30 days of adding to the server. To remove the device from management navigate to Settings -> General -> Device Management -> Remove Device Management. This is important if the wrong devices have been added to the portal.