Jump to:navigation, search
Wiki

Connection to Apple's DEP

From Securepoint Wiki




























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden
































  • Note

    This article includes descriptions of third-party software and is based on the status at Sepember 2025.
    Changes to the user interface on the part of Apple are possible at any time and must be taken into account accordingly in the implementation.
    All information without warranty.









    • Connection of the Mobile Security Portal with the Apple DEP

    Last adaption: 09.2025

    New:
    • Aktualisierung der Benutzeroberfläche vom Apple Business Manager / Apple School Manager
    notempty
    This article refers to a Beta version
    Access: portal.securepoint.cloud  Mobile Security Settings


    Introduction

    • Devices can be assigned to an MDM with the help of the Device Enrollment Program
    • DEP is a prerequisite for rolling out centrally purchased and licensed software to devices via VPP (Volume Purchase Program).

    Requirements

    Requirements

    The following requirements are necessary:

    notempty
    The devices must not be added to the resller's ABM/ASM! Doing so would violate Apple's terms and conditions!
    It is recommended that each end customer has their own ABM/ASM account and the devices are added there accordingly.


    • For subsequent device registration: An Apple MAC with installed
      Apple Configurator 2 (Free of charge in the App Store)

    Establish connection to DEP (Device Enrollment Program)

    Establish connection to DEP (Device Enrollment Program)

    To be able to use Apple's DEP (Device Enrolment Program), a link between the Securepoint Mobile Security Portal and the Apple DEP must be established.
    The connection is done in three steps at  Mobile Security Settings Apple DEP  Add profile

    1. download the Apple push certificate (*.pem file)
    2. upload this certificate in the Apple Business Manager or Apple School Manager menu Preferences (Click on the user name in the menu bar)
      •  ABM: If no corresponding MDM server has been created yet:
        •  ABM: Menu Preferences / Device Management Services /  Add
        •  ABM: Service Info Service Name Unique name
        •  ABM: MDM Server Settings Upload Certificate: Upload the .*.pem file previously downloaded from the Securepoint Mobile Security Portal and Save
      •  ABM: Selection of the corresponding MDM Server ttt-point-mdm-Server-123456.sms
      •  ABM: Download the dep token  Download Token (*.p7m file) in the Apple Business Manager or Apple School Manager in the menu
    3. upload the *.p7m file in the dial window opened under point 1 in the Securepoint Mobile Security Portal. Finish with  Done
    notempty
    DEP tokens have a term of 12 months and must be updated regularly!


    Multi-client solution

    If a multi-client solution is to be implemented, this is possible as follows:

    Example scenario:
    A school board with one Apple Schoolmanager account and several schools.

    • In the Reseller Portal in the menu  Customers create a customer for each client (in the example: for each school).
    • Create a licence for each client via the button   in the column Actions (product: Mobile Security )
    • In Apple Schoolmanager (or Apple Busines Manager) under  Locations create a separate location for each school/client
    • An Account with the function Content Manager must be registered for each location in the ABM / ASM so that each client / school can obtain its own licences.
    • Add a MDM serverfor each school / client
    • Then establish the connection between Securepoint Mobile Security Portal customer and the respective location in Apple School Manager or Apple Business Manager as described above.

    DEP Token renew

    The configured Apple DEP Token has a validity period of one year. Upon reaching its exipiration date, the Apple DEP Token must be renewed.

    1.  Mobile Security Settings  Apple Push Certificate download current push certificate using  Download Download
    2.  ABM: Log in to Apple Business Manager and open Settings (Click on the username in the menu bar)
    3.  ABM: Select the desired MDM server ttt-point-mdm-Server-123456.sms Edit
      •  ABM: In the MDM Server Settings use Replace Certificate add the previously uploaded certificate
      •  ABM: Download the newly created server token
    4.  Mobile Security Settings  Apple DEP via  Add Add Upload the previously downloaded server token there

    Troubleshooting

    Problem / Error message Cause Solution
    DEP token has become invalid
    • The account of the Apple Business Manager or Apple School Manager user who created the token is locked or deleted.
    • The ABM/ASM user who created the token has changed his/her password
    		 Renew DEP token with a valid account
    Message when logging in to https://portal.securepoint.cloud :
    Check your Apple business account
    We retrieved an error while fetching your data from Apple
    This could happen due to updated software license agreements.
    Please check your apple business account, for further information.    		 Apple has changed its T&Cs. Login to Apple Business Manager or Apple School Manager and confirm the new terms and conditions.
    Retrieved from "https://wiki.securepoint.de/index.php?title=MS/iOS-DEP-verbinden&oldid=98726"