Jump to:navigation, search
Wiki

Connection to Apple's DEP

From Securepoint Wiki





























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden
































  • Note

    This article includes descriptions of third-party software and is based on the status at Sepember 2025.
    Changes to the user interface on the part of Apple are possible at any time and must be taken into account accordingly in the implementation.
    All information without warranty.










    • Connection of the Mobile Security Portal with the Apple DEP

    Last adaptation to the version: 2.17(05.2026)

    New:
    • Aktualisierung der Benutzeroberfläche vom Apple Business Manager / Apple School Manager
    notempty
    This article refers to a Beta version
    Access: portal.securepoint.cloud  Mobile Security Settings


    Introduction

    • Devices can be assigned to an MDM with the help of the Device Enrollment Program
    • DEP is a prerequisite for rolling out centrally purchased and licensed software to devices via VPP (Volume Purchase Program).

    Requirements

    Requirements

    The following requirements are necessary:

    notempty
    The devices must not be added to the resller's Apple Business/Apple School Manager! Doing so would violate Apple's terms and conditions!
    It is recommended that each end customer has their own Apple Business/Apple School Manager account and the devices are added there accordingly.


    • For subsequent device registration: An Apple MAC with installed
      Apple Configurator 2 (Free of charge in the App Store)

    Establish connection to DEP (Device Enrollment Program)

    Establish connection to DEP (Device Enrollment Program)

    To be able to use Apple's DEP (Device Enrolment Program), a link between the Securepoint Mobile Security Portal and the Apple DEP must be established.
    The connection is done in three steps at  Mobile Security Settings Apple DEP  Add profile

    1. download the Apple push certificate (*.pem file)
    2. upload this certificate in the Apple Business or Apple School Manager menu Preferences (Click on the user name in the menu bar)
      •  Apple Business: If no corresponding MDM server has been created yet:
        •  Apple Business: Menu Preferences / Device Management Services /  Add
        •  Apple Business: Service Info Service Name Unique name
        •  Apple Business: MDM Server Settings Upload Certificate: Upload the .*.pem file previously downloaded from the Securepoint Mobile Security Portal and Save
      •  Apple Business: Selection of the corresponding MDM Server ttt-point-mdm-Server-123456.sms
      •  Apple Business: Download the dep token  Download Token (*.p7m file) in the Apple Business or Apple School Manager in the menu
    3. upload the *.p7m file in the dial window opened under point 1 in the Securepoint Mobile Security Portal. Finish with  Done
    notempty
    DEP tokens have a term of 12 months and must be updated regularly!


    Multi-client solution

    If a multi-client solution is to be implemented, this is possible as follows:

    Example scenario:
    A school board with one Apple School Manager account and several schools.

    • In the Reseller Portal in the menu  Customers create a customer for each client (in the example: for each school).
    • Create a licence for each client via the button   in the column Actions (product: Mobile Security )
    • In Apple School Manager (or Apple Business) under  Locations create a separate location for each school/client
    • An Account with the function Content Manager must be registered for each location in the Apple Business/Apple School Manager so that each client / school can obtain its own licences.
    • Add a MDM serverfor each school / client
    • Then establish the connection between Securepoint Mobile Security Portal customer and the respective location in Apple School Manager or Apple Business as described above.

    DEP Token renew

    The configured Apple DEP Token has a validity period of one year. Upon reaching its exipiration date, the Apple DEP Token must be renewed.

    1.  Mobile Security Settings  Apple Push Certificate download current push certificate using  Download Download
    2.  Apple Business: Log in to Apple Business and open Settings (Click on the username in the menu bar)
    3.  Apple Business: Select the desired MDM server ttt-point-mdm-Server-123456.sms Edit
      •  Apple Business: In the MDM Server Settings use Replace Certificate add the previously uploaded certificate
      •  Apple Business: Download the newly created server token
    4.  Mobile Security Settings  Apple DEP via  Add Add Upload the previously downloaded server token there

    Troubleshooting

    Problem / Error message Cause Solution
    DEP token has become invalid
    • The account of the Apple Business or Apple School Manager user who created the token is locked or deleted.
    • The Apple Business/Apple School Manager user who created the token has changed his/her password
    		 Renew DEP token with a valid account
    Message when logging in to https://portal.securepoint.cloud :
    Check your Apple business account
    We retrieved an error while fetching your data from Apple
    This could happen due to updated software license agreements.
    Please check your apple business account, for further information.    		 Apple has changed its T&Cs. Login to Apple Business or Apple School Manager and confirm the new terms and conditions.
    Retrieved from "https://wiki.securepoint.de/index.php?title=MS/iOS-DEP-verbinden&oldid=105064"