Managing devices at the enterprise level vary greatly from how users manage their personal devices. While the settings and best practices for securing devices are largely similar, the difference comes into play when administrators are tasked with performing the same management processes on several dozens of devices – all the way to tens of thousands of them.
Adding greater complexity to the management process is that enterprise devices are often in the custody of their assigned user, often meaning that there is a physical disparity between where the administrator is and where the device is located. To add to the equation, users rely on these devices to work, meaning any interruptions impact their productivity, leading to possible loss of revenue for the company.
Hence why so many MacAdmins trust Jamf as their MDM solution of choice when remotely managing their Apple fleet. But what happens when a device, for reasons unknown, is no longer able to communicate with your MDM solution? Users may be unable to utilize the device to get it operational once again and management commands won’t work until the issue is resolved.
What is Apple Configurator 2?
Enter Apple Configurator 2.
Referred to here by the abbreviation AC2, Apple Configurator 2 is an application available on the App Store for both macOS and iOS aimed at administrators of macOS, iOS/iPadOS and tvOS devices that need a platform to recover devices manually, allowing them to return them to an operational state.
Some of the features of AC2 are:
- Update devices to the latest versions of software
- Enroll them within your preferred MDM solution
- Wipe, restore, prepare and supervise devices
- Install apps and configuration profiles
- Create blueprints for customized device deployments
- Standardize device deployments
- Back up data and perform advanced troubleshooting
How to use Apple Configurator 2 with Apple Business Manager
Apple Business Manager (ABM) is used in conjunction with your MDM solution to streamline deployment and manage device enrollment from ABM to your MDM, in addition to managing app deployments and user accounts.
ABM can also be linked with AC2 on your Mac to simplify the standardization, configuration and enrollment of tvOS and iOS-based devices. Conversely, AC2 on your iOS-based device provides similar functionality but for macOS-based devices when linked to ABM. This allows MacAdmins to manually prepare devices that:
- have fallen out of scope
- became unenrolled from MDM
- must be added/readded to ABM
- require special use cases
What was DEP?
According to a definition from Apple, “The Device Enrollment Program (DEP) helps businesses easily deploy and configure Apple devices. DEP provides a fast, streamlined way to deploy organization-owned iPad and iPhone devices, Mac computers, and Apple TV purchased directly from Apple or participating Apple Authorized Resellers or carriers.”
In 2022, Apple changed the process name to Apple Device Enrollment Program, integrating it within Apple Business Manager as the means to facilitate full automation of the enrollment process for Apple devices in MDM solutions, like Jamf Pro.
In addition to device enrollment, the expanded DEP contained within ABM allows administrators to:
- enroll organizations with support for multiple locations
- include sales information from Apple and authorized resellers to automate device enrollment
- integrate with specific MDM services
- purchase and deploy apps using the Volume Purchase Program (VPP)
- manually add devices not previously included in ABM
How to add devices to ABM with Apple Configurator 2
As mentioned previously, Apple Configurator 2 allows administrators to manually add devices that were either previously deleted from ABM or were procured outside of Apple or one of their authorized resellers, like donated Macs or iPads.
Before this can be made possible, AC2 and ABM must be linked by exchanging digital identities so the services can securely communicate with each other. Once this has been set up correctly, the steps to add new devices will vary slightly depending on the host device’s OS.
macOS (adding tvOS and iOS-based devices)
1. Connect the device to the Mac-based host.
2. Select the device you wish to add, then click Actions > Prepare.
3. Select Manual Configuration, then choose to Add the devices to Apple Business Manager and choose whether to activate the device and complete the enrollment. Click Next to proceed.
4. If you wish to enroll the device with your MDM solution, first ensure that both AC2 and ABM have exchanged identities as well to secure those communications. To enroll the device, select your MDM from the list; if merely adding the device to ABM without MDM enrollment, select Do not enroll in MDM, then click Next.
5. If prompted to authenticate to ABM, enter your credentials and click Next to authenticate.
6. If Supervision was selected, enter those details now or select the existing organization from the list. If not supervising the device or when done entering the details, click Next.
7. On the following screen, you’ll be prompted to select the Setup Assistant panes to skip. Select only the boxes you wish to see, then click Next.
8. On the following screen, you’re able to add any configuration profiles you wish to install to your device, such as a Wi-Fi payload, by clicking the Choose button. Note: an internet connection is required for the device to successfully be added to ABM.
9. The final step is to click the Prepare button where AC2 will go through each step before adding the device to ABM for subsequent management and enrollment with your MDM.
iOS-based device (adding macOS-based computers)
1. Launch the AC2 app from your mobile device and ensure it can access the internet.
2. Authenticate to ABM using your Managed Apple ID with the Device Enrollment Manager group assigned.
3. Connect your Mac to a power source so it doesn’t go to sleep during the process.
4. Power on the Mac and perform an Erase All Content and Settings to wipe the device.
5. After the Mac restarts, you’ll be presented with the Setup Assistant. Click Continue on the Mac, then stop at the Country or Region pane.
6. The mobile device host must be paired with the Mac to proceed. Bring the host close to the Mac and scan the image that appears in the Setup Assistant or select Pair Manually to pair the two devices.
7. Once the process is complete, click the Shut Down button on your Mac.
Learn more about Apple Business Manager
- Do you really need Apple Business Manager?
- Apple Business Manager and device management explained
- What is Apple Business Manager?
- Benefits of Apple Business Manager and MDM integration
- Verify Apple ID domains with ABM
- How to use Apple Business Manager to manage App licenses
- Where Apple Business/School Manager and Mobile Device Management Intersect
- Are Managed Apple IDs the right choice for your business?
by Category:
Have market trends, Apple updates and Jamf news delivered directly to your inbox.
To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.