This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Apple MDM Enrollment Walkthrough

JCDavid
Iron II
Iron II
‎04-10-2024 11:10 AM

JumpCloud permits you to manage all of your devices with one platform. Managing your entire device fleet ensures that only known devices with healthy postures can access your resources. Apple provides an MDM interface that JumpCloud supports and integrates into its open directory platform. Combining cross-OS device management with identity and access management provides asset-based security, which is an important Zero Trust approach.

You’ll no longer require an expensive, siloed point solution to support Apple users.

Demo Overview

This demo walks you through the steps of configuring JumpCloud MDM for Apple, creating a certificate that’s necessary to do that, and then enrolling devices into your directory. We’ll list the relevant support content, including a simulation and tutorials for more advanced scenarios.

ios start.png

Prerequisites

Not every step here is necessary to complete this tutorial, but you’ll be doing these things anyway if you want to experience your trial as if you’re implementing the product.

Demo Walkthrough

This simulation will walk you through the process of configuring JumpCloud MDM for Apple devices.

Are you a visual learner? Thy this simulation.

Step 1: Configure JumpCloud MDM

We’ll now walk you through the process of setting up JumpCloud MDM using Apple’s processes.

JumpCloud supports several types of MDM enrollment for these device types:

MacOS devices:

  • Apple’s Automated Device Enrollment (company-owned)
  • Device Enrollment (company-owned)

iOS and iPadOS devices:

  • Apple’s Automated Device Enrollment (company-owned)
  • Device Enrollment (company-owned)
  • User Enrollment (personal iOS and iPadOS devices only)

You’ll use the same JumpCloud Admin Portal that you use to manage Windows and Linux devices and user access to applications, networks, and servers.

To get started

  • Click on MDM in the left pane
  • Next, click Configure MDM

Resources:

Get Started with MDM

Choose an MDM Enrollment Method

Step 2: Set Up the Apple MDM Certificate

  • Select Download CSR to download a certificate signing request that will be used to create your MDM certificate with Apple.
  • Click “Go to Apple” and sign in with the appropriate Apple ID to create your MDM certificate. This will give you access to the Apple Push Certificates Portal.
  • Select Create a Certificate; review and accept the Terms of Use.
  • Select Choose File to upload the CSR that you downloaded from JumpCloud’s MDM interface. You’ll receive a confirmation that the certificate was created successfully. Download the certificate.
  • Return to the JumpCloud MDM interface and fill out Step 3 by providing the email that you used to generate the certificate with Apple.
  • Upload the Apple MDM Push certificate and click Complete Setup. Be sure to read the confirmation prompt and then select Complete Setup. Note that the email that was used to generate the certificate can only be updated or changed at renewal.
  • You’ve now successfully confirmed JumpCloud’s MDM.

JumpCloud will let you know when it’s time to renew your certificates.

Resources:

Set up Apple MDM

Step 3: Add a Device Using MDM

Tutorial: Intro to MDM

mdm enroll.png

If your company-owned Apple devices have been added to Apple Business Manager (ABM) or Apple School Manager (ASM), you can use Automated Device Enrollment to enroll those devices. If the device was not added to ABM or ASM or it is a personal device, there are other MDM enrollment methods you can use. See Choose an MDM Enrollment Method.

MDM commands and customized policies let you securely maintain your devices. You can use these features after you set up MDM. Note that user self-enrollment is also available.

Resources:

Intro to MDM (Tutorial)

Un-enroll Devices from MDM

MDM in JumpCloud

Create an MDM Policy

Create a Mac MDM Enrollment Policy

Bonus Course

JumpCloud University provides a free advanced course on MDM for Apple Devices.

Topics include:

  • Recognize the differences between Supervised vs. Unsupervised Devices
  • Identify what policies can be applied to supervised vs. unsupervised devices
  • Understanding Policies & Deploying Apple Devices with Automated Device Enrollment
  • Understanding how Software Updates from MDM happen
  • Understanding & Managing Patch Policies
  • Recognizing specific use cases for MacOS, iOS & iPadOS

Also, check out thisAndroid EMM Setup  walkthrough for Android Enterprise Mobility Management (EMM).

Final Results

Apple MDM ensures tamper-proof management of your devices. You’ve just learned how to get past the first hurdles, which is setting up the basic configuration. Now, you’ll be able to deploy JumpCloud’s ready-to-use policies, such as disabling Siri, or build ones that meet your requirements for compliance and security. Having a managed device also allows you to deploy Conditional Access policies that will limit access to your apps and other resources to only devices that are under your control. We also provide EMM features for Android devices. 

Get prepped now

Take the JumpCloud University Course on Apple MDM

0 Kudos
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.

Popular Articles