Apple DEP
Synchronization with Apple Device Enrollment Program provides a fast and easy way to deploy MDM profile on your corporate iOS devices.
For more info about DEP, please refer to Apple documentation at:
https://www.apple.com/business/docs/site/Apple_Business_Manager_Getting_Started_Guide.pdf
Connecting DEP account with FAMOC
To configure DEP enrollment in FAMOC go to DEVICES and select BULK ENROLLMENT.
Then choose the Apple DEP method and click Start now.
In the first step download the FAMOC DEP public key and click Next.
Once you have downloaded the key go to DEP portal and follow the instructions on screen.
Login to the Apple portal using your Apple ID.
Go to Settings -> Device Management and click Add MDM server.
Provide the name of the server, upload the public key downloaded from FAMOC and click Save.
Then download the Token and upload it to FAMOC.
In FAMOC DEP settings select the default user. Setup device synchronization interval and press Save.
After configuration is saved, Start initial synchronization to synchronize all currently assigned devices on virtual MDM server. FAMOC synchronizes devices as planned.
Initial synchronization button is now replaced by Force synchronization button to run device synchronization.
Available options in DEP synchronization
General |
Allow MDM removal by user | If checked, the MDM profile can be removed by the user. |
Require user credentials for enrollment | If checked, the user will have to provide credentials during enrollment. The user can log in with the login data to FAMOC manage or (if configured in the organization settings) with the data of any SSO service based on the SAML protocol (as shown on the screen below). |
|
Authentication by enrollment code | To add an additional level of verification, you can use the ‘Authentication by enrollment code’ option. This means that the user will have to enter upon registration a unique code assigned to a given user. If you check this option you will be able to adjust the code requirements in the organization settings. |
Basic authorization | If checked, the user can only log in with the FAMOC manage console login credentials. |
Default user of the device | Select the default user of the device. |
Require admin approval before enrolling a device | If checked, the admin will have to approve a device during enrollment. |
Department | MDM profile information: department. |
Support phone number | MDM profile information: support phone number. |
Support email address | MDM profile information: support email address |
Startup settings | Here you can decide which panels will be skipped during the initial setup |
|
Accounts setup (macOS) |
|
Configure automatic accounts creation during system installation for macOS 10.15+ (Catalina) | Here you can configure the configuration screen displayed during system installation Settings available: Skip primary account setup screen Give administrator rights automatically Disable modification of primary account during system installation Short account name (enter manually or get from the user field) Full account name (enter manually or get from user field) Create admin account
|
Active Directory | Here you can enter Active Directory data that will be used during account setup |
You can always change the above options. To do this, go back to the Bulk enrollment section, select Apple DEP and then click the three dots icon next to the selected DEP account and select Edit.
