Do you have iOS devices that were not purchased through an authorised Apple dealer and want to retrospectively add them to your Apple Business Manager and manage them with MDM? This How To shows you how to configure the devices and take advantage of the benefits (enhanced anti-theft protection, automatic setup, supervision).
Apple Business Manager (formerly Device Enrollment Program (DEP)) offers the opportunity to quickly and easily integrate iOS devices into the enterprise’s IT. For a long time, this was only available for devices that were purchased from an authorised dealer. (See how to integrate those devices here.)
In the meantime, it has also become possible to manually register iOS devices (from version 11) with Apple for your company. In the following, we’ll show you how to go about this.
- Load the Apple Configurator 2 (2.5 or later) onto your Apple Mac. The configurator can be downloaded for free from the Mac AppStore.
- Restore the device to factory default settings and connect it to the Mac via USB.
- Start the Apple Configurator 2.
Note! If you want to register a device again, first delete the server under Preferences. Otherwise certificate errors may occur.
Note for Cortado Server users! Manual device integration only works if you are using a server certificate for Cortado Server that was purchased from an official certification authority. Apple will not accept self-generated certificates in this case.
- Select the device in the Apple Configurator and click on Prepare (arrow in illus.).
- Check the checkboxes Add to Apple School Manager or Apple Business Manager and Allow devices to pair with other computers.
- Click on Next to proceed.
- In the next window, select New Server and confirm with Next.
- In the next window, enter the server name (your choice) and the host name or the URL. Complete the URL as follows: <serverurl>/up/Portal/GetAppleDepMdmProfile
- If you are using Cortado MDM: You can find the URL in the management console browser (go.mycortado.com) (example: https://go.mycortado.com /up/Portal/GetAppleDepMdmProfile)
- If you are using Cortado Server: Use the host name or the IP address of the Cortado server. (example: https://mdm.ccsdemo.de/up/Portal/GetAppleDepMdmProfile).
- If you receive an error notification (see illus.), ignore and click on Next.
- In the next step, select the SSL certificate for Cortado MDM or the Cortado server. If you are using a proxy server (with the Cortado Proxy Extension), please select the SSL certificate for the proxy server.
- Click on Next to continue.
- Create a new organisation or select an existing one.
- In the next step, enter your Apple ID for Apple Business Manager.
- Select Generate a new supervision identity, if you are creating a new organisation.
- Then specify which setup steps should be carried out on the device by the user (example in illus.).
- Then click on Prepare.
- Wait till the iPhone is configured and give it to a user.
Now the user use their access data to log in to the iPhone/iPad and can then carry out the setup steps you specified. The user has to be imported into the management console beforehand for this (see Cortado MDM or Cortado Server). Cortado MDM users must then register in the User Self Service Portal. Cortado Server users use their access data (email address and company password) for the domain.
Following completion of the setup in the Apple Configurator, you can find the device in the Apple Business Manager.
- Regardless whether you have configured automatic assignment of new devices to an MDM server in the Apple Business Manager or not, the device still has to be manually assigned to your Cortado server.