Skip to content

Scalefusion Apple of the Box Management Guide

  1. Home
  2. Scalefusion Apple of the Box Management Guide

Scalefusion Apple of the Box Management Guide

Download now
Download now

Manage Apple Devices Out-of-the-Box: A Beginner's Guide to Apple Business Manager

Deliver technology to employees with Apple Business Manager, strike productivity right from the time of unboxing.

Index

  1. Apple Devices for Business: An Overview
  2. Apple Business Manager
    1. A Brief Introduction
    2. Features & Capabilities
    3. Device Eligibility
    4. Getting started with Apple Business Manager Account
    5. Adding Device Information
    6. Enrolling the devices into an MDM server- Scalefusion
    7. Distributing content on managed devices
  3. Transition: DEP and VPP to Apple Business Manager
  4. Conclusion

1. Apple Devices for Business: An Overview

Today’s businesses and educational institutes are witnessing a significant influx of Apple devices owing to their cutting-edge user experience and state-of-the-art technology. Modern Businesses and organizations are constantly seeking out best practices to ensure that the assimilation of Apple devices within the enterprise is in alignment with the organizational growth and business objectives. Securing the device data and information is another concern businesses and schools are steadily aiming to address.

Apple devices used in a corporate setting need a centralized and comprehensive mobile device management solution (MDM) to manage and secure these devices. To simplify the Apple device deployment and to enroll these devices into a mobile device management solution, Apple has introduced Apple Business Manager.

We’ve created this guide to walk you through the process of setting up Apple devices for your business to offer unmatched out-of-the-box management of Apple devices.

2. Apple Business Manager

2.1 A Brief Introduction

Apple Business Manager is a simple web-based portal used for unified device deployment and enrollment of, and app distribution on company-owned Apple devices. Using Apple Business Manager, IT admins can deploy iOS, macOS and tvOS devices from a single console, configure device settings and also distribute applications and books to the devices in one go. Apple Business Manager has unified the Apple programs including DEP (Device Enrollment Program) and VPP (Volume Purchase Program). The use of Apple Business Manager eliminates the need to individually enroll the devices into an MDM tool.

Using Apple Business Manager, admins can automatically enroll the devices into an MDM of their choice without touching the devices. The devices can be directly shipped to the end-users and they can have an end-to-end managed device, ready to use out of the box. The device is configured with business-centric apps, books as well as policies that restrict the use of the device.

2.2 Features & Capabilities

• MDM enrollment is imperative for devices

When the devices are added to the Apple Business Manager account, it is compulsory to enroll them into an MDM platform. This ensures that the company policies are pre-applied on the device before it reaches the end-user.

• Devices are wirelessly supervised

The devices added to Apple Business Manager are wirelessly supervised during the setup process. Supervision provides granular control to the IT teams on managed devices without having to manually handle them.

• Devices are configured over the air

Using Apple Business Manager, IT teams can execute large-scale policy deployments on iOS and macOS devices over the air, immediately on device activation. When the device is unboxed and activated, the policies are automatically applied. This nullifies the need to use staging services to apply policies on the device.

• Setup Assistance is streamlined

Device setup of iPads, iPhones, Mac computers and Apple TVs into MDM is simplified by the built-in setup assistant. It can be further streamlined by specifying the screens that can be skipped during the setup process.

2.3 Device Eligibility

The following devices can be deployed using the Apple Device Manager:

  • Devices with iOS 7 or later (for iOS devices)
  • Devices with OS X 10.9 or later (for Mac computers)
  • Devices with tvOS 10.2 or later (for Apple TV)

The devices should also fulfill the following criteria:

  • The devices should be ordered after 1st of March, 2011
  • The device should be purchased from Apple or a participating Apple authorized reseller or carrier.
  • If the devices were purchased from Apple, the admins should have a verified Apple Customer Number with them.
  • If the devices were purchased from a participating Apple authorized reseller or carrier, the devices should be linked to the resellers DEP and Reseller ID.

2.4 Getting started with Apple Business Manager Account

2.4.1. The admins need to ensure they are using any of the following browsers:

  • Safari 9 or later on macOS
  • Google Chrome 35.0 or later
  • Microsoft Edge on Windows

2.4.2. Navigate to business.apple.com. Click on ‘Enroll Now’. This account will be the administrator account and the admin can add up to four managers to this account after enrollment. The admin needs to enter the following details at the time of account setup:

Organizational Info:

  1. Name of the organization
  2. D-U-N-S number
  3. Country/Region
  4. Phone number (Autofilled in correspondence with your entered D-U-N-S number)
  5. Time Zone and Language

Personal Info:

  • First and last name of the individual enrolling on behalf of the organization. Admins need to use the legal, human name and not the designations including IT head/IT admin.
  • A work email ID which is not previously associated with an iTunes/iCloud account or for any other Apple service. This Apple ID will be only used to access Apple Business Manager.
  • Work Phone Number
  • Role/Job Title

Verification Contact Info

Admins need to add a verification contact. This contact, which preferably should be the CEO, CTO or CFO of the organization, will have the legal authority to sign and bind your organization to Apple’s terms of service. The verification contact cannot be the same as the administrator added above.

2.4.3. The administrator information is verified by Apple over a phone call followed by an email. The contact needs to confirm the administrator for the organization’s Apple Business Manager account. At this step, the signing authority can change the administrator for the account.

2.4.4. Once the administrator is verified, the admin will receive a confirmation email for enrollment. To finish the process, the administrator must log in to the Apple Business Manager and set up a password and two-step verification details.

2.4.5. The admin needs to accept the terms and conditions to proceed. Once your account setup is complete, you are eligible for support from Apple Support, AppleCare Professional Support, iTunes Store Customer Support, and AppleCare Enrollment Support.

2.4.6. Once the account is verified, you can start adding additional administrators & start creating roles.

2.5 Adding Devices to Apple Business Manager

2.5.1. To begin with, navigate to Device Purchase section under settings.

2.5.2. Add your Apple Customer Number or DEP Reseller ID.

2.5.3. If your organization makes device purchase from both Apple as well as Authorized resellers, you will have to add both the numbers.

2.5.4. You can also add multiple Apple Customer Numbers and multiple Reseller IDs

After completing this process, you will be provided with a DEP customer ID. This DEP customer ID will be available under the settings section.

To add your devices purchased from Authorized Reseller or carrier to Apple Business Manager, you will have to provide this DEP customer ID at the time of purchase to the reseller or carrier and devices will be added to your Apple Business Manager account.

2.6 Enrolling the devices into Scalefusion MDM

As mentioned before, Apple Business Manager helps the IT admins to extend seamless management to all the devices without having to manually configure them. The devices can be shipped to the user address directly from Apple or its reseller. The MDM is automatically applied to the devices and the end-user can start using them straight of the box.

Apple Business Manager essentially mitigates the IT efforts by automating the device enrollment in an MDM solution before it reaches the end-user. Administrators can opt for multiple MDM servers under one Apple Business Manager account. Each device can be assigned to any one of the MDM servers added in the Apple Business Manager. To configure devices using Apple Business Manager, at least one MDM solution should be added.

You can add one or more MDM servers to your Apple Business Manager.

Let’s learn how to add Scalefusion MDM server to Apple Business Manager:

2.6.1. Set up the APNs (Apple Push Notifications) certificate.

a) This certificate is mandatory to be able to send push notifications on Apple devices. To start creating APNs certificate, log in to Scalefusion dashboard, enter your organization info and your Apple ID. Use the corporate email ID that you used to log in on Apple Business Manager.
b) Download certificate signing request now available on your dashboard.
c) Now, navigate to Apple portal https://identity.apple.com/pushcert and log in. Use two-step authentication to continue
d) Click on ‘create a certificate’ button. Read and accept the terms and conditions. Now, upload the certificate signing request downloaded from Scalefusion Dashboard.
e) A new certificate will be created. Download it and navigate back to Scalefusion dashboard.
f) Upload the APNs certificate that you obtained from Apple. Your APNs setup is now completed.

2.6.2. DEP token setup

a) Download Scalefusion DEP token.
b) Navigate it to Apple Business Manager. Sign in using ID, password and two-factor authentication.
c) Locate MDM servers tab available on the left side and select the Add New MDM server option.
d) Upload the DEP token obtained from Scalefusion. A new server token will be generated.
e) Download this token from Apple Business Manager.
f) Navigate back to Scalefusion and upload the token downloaded from Apple Business Manager.

2.6.3. Adding devices in Scalefusion MDM

a) Navigate to Apple Business Manager. Click on ‘Getting Started’ next to the Device Enrollment Program. Proceed by clicking on Managed devices.
b) Add the devices using the Serial Number or the Order Number. You can also upload a CSV file of all Serial/Order numbers of the devices that you want to enroll.
c) Assign these devices to Scalefusion MDM. These devices will now be available on Scalefusion MDM for configuration.

2.6.4. Create device profiles that you need to apply to managed devices.

a) Create a QR code configuration on Scalefusion for managing the enrolled devices. This configu ration will hold the company policies, app restrictions and other security settings that you need to enforce on managed devices upon activation.
b) In the Apple Setup of Scalefusion, you can start applying QR code configuration to the enrolled devices.

2.6.45. Enrollment of devices is now completed. When the end-users receive the device, they can start using it straight out of the box. The policies and restrictions will be pre-applied on the device & the device will be automatically managed using Scalefusion.

2.7 Distributing content on managed devices

Apple Business Manager streamlines the purchases for apps and content for company-owned devices. Administrators can purchase apps and books using their existing VPP (Volume Purchase Program) Credit or a corporate credit card.

With Apple Business Manager, administrators can assign one Content Manager for managing apps and content on managed devices. Content Manager can purchase iOS apps, macOS apps and books in desired quantity and publish them on managed devices.

Salient Features of Content Management using Apple Business Manager:

  • The apps and books are silently installed on the device and end-user approval is not needed. This eliminates the need for having separate Apple IDs for each user and also provides granular control to IT admins over app download and distribution on managed devices.
  • The license of an app can be revoked from a device that no longer needs it and reassigned to any other device. For Apple books, once distributed, the license for the same cannot be revoked.
  • An app can be purchased from any country/region and can be distributed to any other geogra phy where the managed devices are located, provided the app is available in the App store for that country/region.
  • Distributing third-party custom apps on managed devices is possible with Apple Business Manager. These apps will be only available to your enterprise devices.

3. Transition: DEP and VPP to Apple Business Manager

If you already have enrolled in Apple DEP and VPP program, you need to upgrade to Apple Business Manager. After December 1, 2019, the Apple DEP program will no longer be operational.

If you have already enrolled in Apple DEP, you can simply upgrade to Apple Business Manager using the same account details. In such a case, you can skip the enrollment process completely.

Please note the following changes that will be reflected once you upgrade from Apple DEP to Apple Business Manager:

  • The Program Agent is called Administrator.
  • The Administrators are called managers.
  • The VPP accounts used to buy licenses of apps and books from the Volume Purchase Program are now Content Managers. They can continue to purchase and publish apps and books on managed devices.
  • The accounts used to manage the MDM servers become device managers.
Offering out of the box management experience for Apple devices using Apple Business Manager and Scalefusion eases out IT tasks, improving IT productivity at scale. Having devices managed straight out of the box also helps in leveraging the employee productivity.

4. Conclusion

We hope this guide encompasses everything you need to know about using the Apple Business Manager to extend out of the box management for Apple devices. Choose Scalefusion to grant your employees access to corporate resources while enforcing security policies on Apple devices. With Scalefusion MDM, you can enroll your devices into a dependable MDM, apply corporate policies, install business-specific apps and books and schedule compliance checks to maintain security. Using Scalefusion to manage Apple devices also helps in driving IT productivity and reducing device downtime with the help of Remote Control and ITSM integration to troubleshoot device issues. Eva Communication Suite by Scalefusion further enhances the capabilities by establishing secure, encrypted two-way messaging and VoIP calling between company’s managed Apple devices.

Get in touch with our team and we’ll be happy to help you with your iOS device deployment journey!

About Scalefusion

Scalefusion MDM allows organizations to secure & manage endpoints including smartphones, tablets, laptops, rugged devices, mPOS, and digital signages, along with apps and content. It supports the management of Android, iOS, macOS and Windows 10 devices and ensures streamlined device management operations with InterOps.

Download now
Download now