Jamf Blog
March 28, 2018 by Kerry Fortman

Apple MDM essentials: Part 1

In part one of our Apple mobile device management (MDM) essentials series, we examine how the MDM framework is structured and the role of Apple’s Push Notification Service.

Are you new to Apple device management? Have lingering questions about best practices for deploying, securing and managing the Mac, iPad, iPhone or Apple TV devices you already have or the ones that are coming your way? No, no, this is an incredibly exciting time! Nothing to worry about, because we’re going to help you go from Apple novice to Apple expert.

You’ve come to us at the right time. With the number of Apple devices growing in nearly every organization, it is essential that you know what to do with them so you can maximize your technology investment. Thankfully, with Apple’s built-in mobile device management (MDM) framework and a little tutorial from us, it’s MUCH easier than you may think.

In part one of our Apple MDM essentials series, we start with the basics.

How Apple MDM works


The two core components of the MDM framework are configuration profiles and management commands. These components communicate with Apple’s Push Notification Service (APNs) and tell the devices how to behave.

By obtaining a secure certificate from Apple, APNs is kept private to your organization. APNs maintains a constant secure connection to devices so you don’t have to. Devices communicate with APNs and receive the commands, configuration profiles or apps you send it through your management tool.

Configuration profiles 101

Configuration profiles define various settings for your Apple devices and tell each specific device or group of devices what to do. They can be used to automate:

  • Passcode settings
  • Wi-Fi passwords
  • VPN configuration

And restrict items such as:

  • App Store
  • Web browsers
  • Renaming of a device

Management commands 101

Management commands are singular commands that you can send to your managed devices to take specific actions. Commands include:

  • Setting a device in Lost Mode
  • Remote wipe of a device
  • Download and install updates

As you can see, we’ve only scratched the surface of Apple device management. Over the coming weeks, we’ll post more blogs centered around what Apple can do.

But, if you’re ready to get a jump on Apple management and don’t want to wait for the next blog post, or have questions around putting APNs, configuration profiles or management commands to use in your environment, download our Apple Device Management Guide for Beginners.

Depending on the size and needs of your organization, we have two guides to put you on the fast track to Apple management expertise. Each guide is comprised of everything we will cover in this blog series.

Kerry Fortman
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.