To get started, go to deploy.apple.com
This is the portal that Apple uses for managing DEP, app purchases, and Apple IDs for students under 13. The setup process will involve you creating a new Apple ID just for use with the Apple Deployment Programs. This Apple ID will require you to set up two-factor authentication. Keep in mind, two factor authentication takes up to three days to be authorized. In addition, Apple can take up to a week to authorize your DEP account. Plan ahead.
Need help with two factor authentication? - http://support.apple.com/en-us/HT204152
From the page shown above, choose Enroll Now this will walk you through setting up an account. You need to be a person in your organization authorized to do this. The requirements are that you are a C level employee (CEO, CIO, etc... ) There is a list of options to choose from. If you are not, you will need the assistance of one of these people in your organization to enroll. I was not able to set up our DEP account, I needed to have our Director of Technology do it. Apple is pretty strict on this point. They will call you to verify this, they also look at your organization’s website to make sure you are listed with the proper title. In our case, they called HR to make sure our Director of Technology was who he said he was. (I think there were less hoops to jump through in getting a mortgage.)
Once you have been approved by Apple, you can login and start deploying devices. Please note: each time you login, you will be prompted to authenticate via two-factor authentication. If you are in an environment with multiple administrators, it seems the limit is five phone numbers. Once you select the appropriate number, Apple will send you a text with a four-digit PIN.
Again the MDM we use is Meraki. If you are using a different MDM, the screens will look different but the process should be similar. Once logged into Meraki, in the side navigation I will choose MDM, then I will choose DEP.
- Green cloud: settings pushed
- Yellow cloud: settings assigned, but not pushed. In most cases this means the device has just not hit the internet to have the settings applied yet.
- Grey cloud: settings not assigned.
To apply settings check the box to the left of a device (or check the box at the top to select all). Then choose Assign settings. The settings box should look like this.
- Allow pairing - this allows the user to pair the device to their computer.
- Supervise - previously the only way to supervise the device was with Apple Configurator. You can now do it over the air using this method. Some benefits are the ability to remove an activation lock and the ability to assign increased security settings. Also if you supervise the device the end user can not remove the MDM management.
- Mandatory - this means that the device has to enroll. If it is not mandatory and there is a connection issue to the Internet, then the device will set up unmanaged.
- Removable - this setting would allow the end user to remove the MDM management.
- Skip - these are items that can be skipped during the set up process to make setup quicker for the end user. We don’t skip any. If you did, you could always go back and make changes under Settings. You can skip the following settings: Location Services, Restore from Backup, Apple ID, Terms and Conditions, Siri, and Diagnostics.
Once you assign the settings to the devices you simply need to turn on a new device and connect it to the internet. It will pull down the settings as specified. If you device is already set up you can go into settings and do an Erase All Content and Settings. This will allow you to set it up as a new iPad.
These are the steps needed to setup DEP for iPad management. In a later post I will discuss security setting settings and assigning apps via Managed Distribution.
- Jason Marshall Technology Consultant, Grant Wood AEA