Jump to:navigation, search
Wiki

User Enrollment for iOS Devices

From Securepoint Wiki



















































{{var | App der AppleID zuweisen--Menu |  Mobile Security iOS/iPadOSapp App öffnen / Reiter Lizenzzuordnung | Open  Mobile Security iOS/iPadOSapp



















De.png
En.png
Fr.png






Managing Organization apps on private Apple devices using Managed Apple IDs
New article: 12.2022
New:
  • New feature
notempty
This article refers to a Resellerpreview
Access: portal.securepoint.cloud  Mobile Security and https://business.apple.com
Private devices within an organization's environment

To install paid apps provided by an organization on private Apple devices, Managed Apple IDs are used.


notempty

    • Managed apps can be configured on private devices via MDM
    • Via a managed Apple ID paid VPP licenses are assigned
    • Separation of data (addresses, files) from managed and private apps is possible
  • It is not possible to install an app 2 times (private and managed)

    • notempty

      • These devices require a private, personal Apple ID.
        Otherwise, these devices will not receive operating system updates, for example.
      • Both the password of the personal Apple ID and the password of the managed Apple ID must be known to the user in order to use e.g. two-factor authentication
      • Resetting the device to factory settings is only possible if you know the access data of your personal Apple ID
      • The final control over the device itself is thereby the user of the device
  • The model device belongs to the company, personal use enabled (COPE) is not available for Apple.

    • Link local user to Managed Apple ID

    Create user with Managed Apple ID

    Create a Managed Apple ID in ABM/ASM

    Open the Apple Portal at https://business.apple.com respectively https://school.apple.com

    • Log in to ABM:
      The user account for the setup must have the permission Administrator or Personmanager
    • Click on your own name at the bottom of the sidebar: Menu Settings and / Accounts
    • Select button Add and fill in all mandatory fields
      or
      Connecting Apple Portal to an Azure AD
      Users in the Apple portal automatically have a managed Apple ID
    • Select Save button
    • Further instructions in the Apple document for creating managed Apple IDs
    Create local user

     General User  Add user bzw. /  Edit

    • Activate Link to managed Apple ID   
    • Managed Apple-ID m.mueller@anyideas.de
      Enter the Apple ID you created earlier
    •   Save

    Assign objects

    Assign VPP licenses to the Managed Apple ID

     Mobile Security iOS/iPadOS VPP Licenses  Assign licenses

    Caption Value Description Datei:MSP v1.18 VPP Lizenze AppleID zuordnen-en.png
    Dialog Assign VPP licenses
    Managed Apple ID ×m.mueller@anyideas.de Select user with a Managed Apple ID
    VPP Licenses ×VPP-Lizenz ×VPP-Lizenz2 Select VPP License(s)
     Assign licenses
    Assign VPP App to the Managed Apple ID
    Caption Value Description Datei:MSP v1.18 VPP App AppleID zuordnen-en.png
    Assign app to Apple VPP user
    Apple VPP users ×m.mueller@anyideas.de Choose Managed Apple ID
      Save
    Assign user enrollment profile to the Managed Apple ID

     Mobile Security iOS/iPadOS  Profiles  Add profile or /  Edit

    • Add or edit a profile with type User Registration Profile
    • Tab General, option User ×m.mueller add user with Managed Apple ID'
    •   Save

    Enrollment

     Mobile Security iOS/iPadOS Devices  Register new device

    Use managed Apple ID
    Select managed Apple ID
    Scan QR Code
    Caption Value Description MSP Gerät anmelden AppleID-en.png
    Device enrollment with managed Apple ID
    Use managed Apple ID    Enable to manage apps on private devices' manage apps of an organization
    Default:
    Managed Apple ID j.doe@anyideas.com Select managed Apple ID of a user
    License TTT-Point AG The license used for newly registered devices.
    URL …enroll/…36D8416DBA Copy URL to clipboard or scan / print QR code
    On the Apple device:
    • Settings / General / VPN and Device Maintenance / Loaded Profile: Select Securepoint MDM
    • Button Register my device
    • Enter Apple ID and the corresponding password
      Here the password from the Apple Business Manager is required
    • Perform two-factor authentication if necessary
    • The display in the settings changes to Managed account
    Retrieved from "https://wiki.securepoint.de/index.php?title=MS/enrollment/User-Enrollment&oldid=89227"