In Part 1 of the series on Apple’s new deployment program, I wrote about the enrollment process. This part, part 2, assumes that you have been approved and are ready to create a connection between DEP and your MDM product. In my district, we are using AirWatch but I am going to keep this guide as generic as I can to ensure it can be used by anyone, regardless of the MDM solution your organization has chosen.
After signing in to http://deploy.apple.com, you’ll be brought to the “Welcome” page. On the left side, click on Device Enrollment Program or click on “Get Started” to the right. Here, you will make the connection between Apple and your MDM server. This connection is in addition to any others you may have made for VPP or for managed apps licenses.
Click “Add MDM Server”
Create a name for your MDM Server. This can be anything you’d like. Choose whether or not you want to automatically assign new devices. Checking the box will automatically assign all new devices to that server automatically. Click Next.
You’ll then be asked to upload the public key from your MDM product. The process of creating this public key will vary from product to product but in every case, this file will end in file extension “.pem.” Please refer to your product’s documentation to generate this public key.
After successfully uploading the public key, you’ll be able to download “Your Server Token.” This file ends in file extension “.p7m.” This token will then need to be imported into your MDM console. Again, these steps will vary from product to product. Please refer to your MDM’s documentation to complete this step.
The connection between Apple and your MDM is now complete.
If your organization has people (administrators) at multiple locations that will be using this program, it would be prudent to add multiple locations. This makes the process of assigning specific responsibilities to specific people much easier.
On the left side, in the sidebar, click on Locations, them “Add Locations”
Enter the Name, Address, City, Phone Number, State and Zip Code. When all information has been entered and is correct, click Add. Repeat this process for each location you’d like to add.
Once additional locations have been added (if any) the next step in the process is to add administrators (those who will have permission to use DEP.)
On the left side, in the sidebar, click on Admins, then “Add Admin Account.”
Select the access the user will have on the right. Then, enter the name and work email address for the trusted user that will be adding devices in to the program. Ensure this is a work e-mail address and not already used for iTunes Store or iCloud. Select the location this user will have access to and whether or not the person will have the ability to create and edit other admin accounts.
NOTE: Creating accounts here means those people do not need to know the program Apple ID we created in the previous steps.
Overall, adding an MDM solution to Apple’s Deployment Program is a pretty simple process. Finding where these settings exist in your particular MDM product is the toughest part. If you are an AirWatch user, sign in to Ask AirWatch to find all of the documentation outlining the steps to complete the process.
Tomorrow’s post: Adding Devices to DEP