Free Edition
Mobile Device Management
Mobile Application Management
Mobile Security Management
Mobile Email Management
BYOD
Compliance
- CJIS
- HIPAA
- ISO
- PCI
- GDPR
Awards & Reviews
Supported Platforms
- iOS
- Android
- Android for Work
- Windows
- Samsung
- Samsung KNOX

How to add an iOS 11 device to Apple Business Manager?

Description

Enrolling an Apple device in MDM MSP through Apple Business Manager (ABM), has a whole lot of advantages such as mandatory mobile device management, simplified device onboarding etc., However, enrolling iOS devices to Apple Business Manager mandates certain conditions, with the most important one being, where/how the devices were purchased. Only devices purchased from Apple or Apple-authorized resellers can be enrolled with ABM. However, MDM provides a workaround to enroll devices to ABM using Apple Configurator.

Prerequisites

ABM must be available in your country.
A Mac machine running Apple Configurator 2 or any other compatible version.
Devices to be enrolled must be running iOS 11 or be capable of upgrading to iOS 11.

Steps

Create a new profile and add it to a blueprint as explained here. Click on Prepare after which the following screen is shown.

Ensure Add to Device Enrollment Program as well as Activate and complete enrollment is selected. Then follow the on-screen instructions to proceed with the enrollment.
You will be prompted to enter your ABM credentials as shown below. Enter the details to proceed.

Once the device has been prepared, the device is activated and gets enrolled with ME MDM. By default, these devices are added to the server automatically created by Apple Configurator, named Devices Added by Apple Configurator 2 as shown below.

If you are yet to configure ABM:

On the MDM server, navigate to Enrollment -> Apple Enrollment(ABM/ASM) under Apple.
Click on Download, to download the Public Key. This is to be uploaded on the ABM portal.

On the ABM portal, click on the server, Devices added by Apple Configurator 2.
Click on Edit next to MDM Server Information and select Upload New Public Key, to upload the Public Key that was downloaded from MDM.
Click on Apply, to save and proceed.

Next, click on Download Token, to download the Server Token, generated by Apple and select Download Server Token on the pop-up window.

Upload the Token back into the MDM MSP server as shown below and follow the on-screen instructions to complete configuring on the ABM portal.

If you have already configured a server on ABM, you need to reassign the devices from the auto-created group to the existing group as explained below:
On the ABM portal, click on Device Assignments from the left panel.
Add devices enrolled into ABM through Apple Configurator by specifying their Serial Numbers/ Order Number. You can also add these devices using a CSV file containing details of these devices.
Under Choose Action, select Assign to Server and select your existing ABM server from the drop-down. Click on Done to complete the device re-assignment.

Once the re-assignment is complete, go back to the MDM MSP server, navigate to Enrollment tab and select Apple Enrollment (ABM/ASM) from the left panel and click on Sync devices. The re-assigned devices get listed on the MDM server.

Now, assign users to these devices on the MDM MSP server, to complete enrollment.

NOTE: The devices are added to ABM and can be removed by the user within 30 days of adding to the server. To remove the device from management, navigate to Settings -> General -> Device Management -> Remove Device Management. This can be done if the wrong devices have been added to the portal.