Link ABM with SureMDM
In order to perform MDM functions on enrolled iPads, iPhones and Mac OS, the ABM account has to be linked with SureMDM. For linking, a certificate is required which ensures a secure and trusted relationship between ABM and SureMDM. The following are the steps to get successful ABM linking:
ADE Profile and Server Creation
1. Navigate to SureMDM Settings > Account Settings > Apple Platform Management > ADE > ADE Profiles > Add.
2. 2. Click Add. The ADE Profile creation popup screen appears.
Profile creation is categorized into three steps
- Profile Details
- Setup Assistant Configurations
- Other Configurations
2.1 Profile Details
In the Profile Details section, configure the below options and click Next
| Settings | Description |
|---|---|
| Profile Name | Enter the name of the ADE profile |
| Platform | Select the platform as iOS/iPadOS |
| Supervision | Enable this option to enforce supervision during ADE enrollment. For iOS 13.0 and later, devices are supervised by default, so disabling this option will have no effect. |
| MDM Profile Removable | Disable to ensure that end users cannot remove the MDM profile installed on the device. Users can always remove the MDM profile for up to 30 days on devices enrolled in ABM, via Apple Configurator setting, regardless of this setting. |
| MDM Profile Mandatory | Enable this option to enforce user to apply MDM profile. On iOS 13.0 and above, devices enforce enrollment by default, so disabling this option will have no effect. |
| Wait for Configuration to Complete | If enabled, keeps the device in Setup Assistant mode until all resources are deployed from the SureMDM server. |
| Enable Shared iPad | If enabled, shared iPad configurations are available to manage. |
| Shared iPad Property | Select the required Shared iPad Property to configure. - Number of Users: Enter the maximum number of users’ data that can be stored in a Shared iPad. - Storage (in Megabytes): Enter the storage space, in megabytes, to be allocated for each user in a Shared iPad. |
| Minimum OS version | Configure the minimum OS version which should be enforced during the ADE Enrollment. - Not Configured: No Enforcement will be made during enrollment. - Latest Major Version: Devices will be updated to the latest available major OS version. If the latest major OS version is not compatible with the device, enforcement will be skipped. - Latest Minimum Version: Devices will be updated to the latest available minimum OS version. If the latest minimum OS version is not compatible with the device, enforcement will be skipped. - Latest Version based on device eligibility: Device will be updated to the latest OS version released for the desired devices. |
2.2 Setup Assistant Configurations
In the Setup Assistant Configurations section, select the necessary setup assistant keys and click Next
| Setup Assistant Keys | Description |
|---|---|
| Skip Passcode Setup | If disabled, iOS Setup Assistant prompts user to set a passcode during enrollment. Available in iOS 7 and later. |
| Skip Location Services Setup | If disabled, iOS Setup Assistant prompts the user to enable or disable Location Services during enrollment. Available in iOS 7 and later. |
| Skip Restoring From Backup Pane | If disabled, iOS Setup Assistant prompts user to restore from backup during enrollment. Available in iOS 7 and later. |
| Skip Login with Apple ID & iCloud | If disabled, iOS Setup Assistant prompt user to sign in with an Apple ID and iCloud account during enrollment. |
| Skip Terms & Conditions Pane | If disabled, iOS Setup Assistant prompts user to read and accept the Terms of Use and Conditions during enrollment. Available in iOS 7 and later. |
| Skip TouchID Setup | If disabled, iOS Setup Assistant prompts user to set up an TouchID/FaceID during enrollment. Available for Touch ID on iOS 8.1 and later, and for Face ID on iOS 11.0/iPadOS 12.0 and later. |
| Skip Apple Pay Setup | If disabled, iOS Setup Assistant prompts user to set up an Apple Pay account during enrollment. Available in iOS 8.1 and later. |
| Skip Diagnostics Setup | If disabled, iOS Setup Assistant prompts user to enable or disable sending diagnostic data to Apple during enrollment. available in iOS 7 and later. |
| Skip Siri Setup | If disabled, iOS Setup Assistant prompts the user to configure Siri during enrollment. Available in iOS 7 and later. |
| Skip Screen Time Setup | If disabled, iOS Setup Assistant prompts user to configure screen time. Available in iOS 12 and later. |
| Skip Data and Privacy Pane | If disabled, iOS Setup Assistant displays the Data & Privacy page to the user. |
| Skip Android Migration Setup | If disabled, "Move from Android" option will not be available in the Restore pane on iOS. Available in iOS 9 and later. |
| Skip Appearance Setup | If disabled, iOS Setup Assistant prompts the user to setup "Choose your Lock Screen" configuration. Available in iOS 13 and later. |
| Skip Welcome Screen | If disabled, iOS Setup Assistant prompts the user to configure "Get Started Pane". Available in iOS 13 and later. |
| Skip iMessage and FaceTime Setup | If disabled, iOS Setup Assistant prompts the user to configure iMessage and FaceTime. Available in iOS 12 and later. |
| Skip Messaging Activation Using PhoneNumber | If disabled, iOS setup assistant prompts for configuring message activation using Phone Number. Available in iOS 10.0 and above. |
| Skip AppStore Setup | If disabled, iOS Setup Assistant prompts the user to configure AppStore settings. Available in iOS 14.3 and later. |
| Skip Action Button Configuration Pane | If disabled, iOS setup assistant prompts for configuring Action Button settings. Available in iOS 17.0 and above. |
| Skip Device to Device Migration Setup | If disabled, iOS setup assistant prompts for Device migration options. Available in iOS 13.0 and above. |
| Skip Restore Completed screen | If disabled, iOS setup assistant prompts for Restore Completed pane. Available in iOS 14.0 and later. |
| Skip Safety Pane | If disabled, iOS setup assistant prompts for Restore Safety pane. Available in iOS 16.0 and above. |
| Skip Accessibility Setup | If disabled, iOS Setup Assistant displays the Accessibility pane. |
| Skip Intelligence | If disabled, iOS setup assistant prompts for configuring Intelligence Pane. Available in iOS/iPadOS 18.0 and above. |
2.3 Other Configurations
In the Other Configurations section, there will be two accordions available:
- Application Management
- Miscellaneous
Configure the required items and click Save.
2.3.1 Accordion 1 - Application Management
In the Application Management section, choose the desired applications which should be installed post ADE enrollment process.
| Settings | Description |
|---|---|
| App Installation | If checked, configurations with respect to app installation can be managed. |
| App Category | Select the App Type. - All - VPP - ipa |
| Select App | Select the app from the listing. Apps will be dynamically populated based on the chosen App Type. |
The added applications will reflect in the table section.
Note: During app installation, users will be allowed to access the device while the apps deployed during enrollment are being installed, ensuring an unrestricted setup experience.
2.3.2 Accordion 2 - Miscellaneous
In the Miscellaneous section, configure the below details.
| Settings | Description |
|---|---|
| Support Phone Number | Support Contact Phone Number will appear in the device's About Configuration panel upon setup and enrollment. |
| Support Email Address | Support Email Address will appear in the device's About Configuration panel upon setup and enrollment. |
After completing the configurations, click Save to create the ADE Profile.
3. Once the ADE Profile is created, then it would get reflected in the ADE Profiles listing page.
4. Navigate to ADE Servers Tab and click Add
5. Once the Add is clicked, the below popup screen will appear, in which the following information should be provided and click Add:
- Name - Provide the name of the ADE Server
- Description - Specify the description for the server that is about to be created
- iOS/iPasOS: If enabled, allows you to select ADE profile for iOS/iPadOS devices
- macOS: If enabled, allows you to select ADE profile for macOS devices.
- tvOS: If enabled, allows you to select ADE profile for tvOS devices.
6. Then the added ADE Server would get reflected in the listing page
7. Select the created ADE Server and then click Upload Token button
8. Upon clicking on Upload Token, the following popup screen will appear in which PEM Certificate should be downloaded. Click Download
PEM Certificate should be downloaded and uploaded in Apple Business Manager application during the process of MDM Server creation.