Setting Up Mobile Security for the Device Enrollment Program Parent topic

Before you can configure Mobile Security for the Device Enrollment Program (DEP), make sure that you have already enrolled your organization to the DEP program on the following Apple website:

Procedure

  1. Click Devices on the menu bar.
    The Devices screen appears.
  2. Click the Device Enrollment Program tab.
  3. Click Settings.
  4. Click the Download link before Public Key to download the public key to the local computer from Mobile Security Management Server.
  5. Click the Apple Deployment Programs link before Deployment.
    The Apple Deployment Programs web portal opens in the Internet web browser.
  6. Sign in to your Device Enrollment Program account and create a new MDM server using the public key you downloaded from the Mobile Security Management Server. Refer to the following document for the detailed steps to enroll to the Device Enrollment Program.
  7. On the MDM server, generate an access token and save the token file to a suitable location, and then assign mobile devices for enrollment to the MDM server.
  8. Upload the token file you generated through the Apple Deployment Programs web portal to the Mobile Security Management Server. Wait until the upload completes.
    After the upload completes, the Device Enrollment Program Settings screen appears.
  9. Under the Device Enrollment Program Detail section, configure the following setup profile settings for mobile devices.
    • Profile name: a name for the setup profile displayed on the mobile device.
    • Require supervision: to place the mobile devices enrolled through the Device Enrollment Program to the supervised mode.
    • Removable configuration: to allow users to remove the device management configuration from devices enrolled through the Device Enrollment Program.
    • Allow pairing: to enable devices enrolled through the Device Enrollment Program to be managed through Apple tools such as iTunes and Apple Configurator.
    • Mandatory configuration: to prevent users from skipping the Mobile Security enrollment step in the device activation process.
    • Business unit: the name of the department to which the mobile device is assigned to.
    • Unique service ID: if you have multiple Mobile Security deployments, enter in the Unique service ID box a name that uniquely identifies the deployment you are configuring.
    • Support phone number: the phone number for users to call for assistance.
    • Required setup items: the setup items that are required for the users to configure. By default, all the setup items are required. If you disable any of these items, the users will be able to skip that item during setup.
  10. Click Save.
    Mobile Security Management Server synchronizes the mobile device list with the Apple Device Enrollment Programs server and displays the mobile devices on the Devices Enrollment Program tab on Devices screen.