Cortado MDM – Manual

Configure DEP devices (iOS)

98 views November 26, 2018 August 9, 2019 0

Apple´s Device Enrollment Program offers the opportunity to quickly and easily inte­grate iOS devices into the firm’s IT. In the process, the DEP greatly simplifies the ini­tial device configuration. MDM profiles and certificates are rolled out automatically. A separate DEP profile can be created for each user group, if required..

select Global Settings

select Global Settings

  • In the DEP tab under DEP Certificate, you have the following options (right column):
    • Download: Download the DEP certificate here. This is a Cortado gener­ated certificate.
    • Renew: You can generate a new DEP certificate here, if necessary (for example, if the old one expires).
    • Import: If required, you can import a previously generated certificate here.
Global Settings: DEP

Global Settings: DEP

  • In the next step with Apple, the DEP certificate downloaded under Download heruntergeladene DEP-Zertifikat (upper arrow in illus.) has to be uploaded.
  • For this purpose, open the Apple Business Manager under https://business.apple.com/ and select Settings→ Device Management Settings→ Add New MDM Server (arrows in illus.).
Apple Business Manager: adding MDM server name

Apple Business Manager: adding MDM server name

  • Under MDM Server Info enter a name of your choice (e.g.: department, location, user groupe) (upper arrow in illus.).

Note! At this point, you need to add a separate MDM server for each DEP profile you want to add, since a separate server token is needed for each profile.

  • Under MDM Server Settings→ Choose File (lower arrow in illus.) select the DEP certificate, that you down­loaded in the Management Console under Global Settings→ DEP→  Download.
  • Then save the settings by clicking Save.
upload certificate from the Management Console

upload certificate from the Management Console

  • Download your Token now (arrow in illus.). You must load this token into the DEP profile later in the Management Console.
Apple Business Manager: Download Token

Apple Business Manager: Download Token

  • Then, under Device Assignments (upper arrowin illus.) enter the the serial numbers of the devices, you want to assign.
  • Under Assign to Server (lower arrow in illus.) select your MDM ser­ver (or your DEP profile).
  • Confirm by clicking on Done.
Apple Business Manager: assigning MDM server

Apple Business Manager: assigning MDM server

  • In the Cortado Management Console select Global Settings→ DEP→ Add (arrow in illus.).
add new DEP profile

add new DEP profile

Configure the DEP profile as follows:

configure DEP profile

configure DEP profile

  • Mandatory: Specify here whether the use of the profile should be mandatory for the users. If the checkbox is left empty, the users can choose whether to install the DEP profile or to create a profile of their own.
  • Verify profile: If this checkbox is enabled, the device configuration can only be completed if all steps required in the Cortado Management Console have been carried out.
  • Supervised: Specify here whether the device should be used in supervised mode and if the user may remove the MDM profile himself.
  • Enable pairing: If this checkbox is enabled, the user may connect his device to a Mac or a PC and connect to iTunes.
  • Upload token: Select the Select token button and upload the Token from the Apple Business Manager (arrow in illus.).
  • Device setup steps: You can specify what steps the user is allowed to make during setup of the device itself.
  • Click on OK to finish configuration.

The newly created DEP profile will now be used for the device configuration (left illus.). Provided that the devices are new and unused or have been reset to factory settings.

During configuration, the user must enter her user name and password (right illus.). Therefore, before the device can be configured, the user must have been imported into the management console and used the welcome email to register in the User Self Service Portal.

configure iOS device with DEP profile

configure iOS device with DEP profile

That means that, during the configuration, the user only needs to carry out the setup steps that you selected under Device setup steps. The MDM profile will be pushed onto the device automatically. No further configura­tion of the device in the User Self Service Portal is required.

Was this helpful?