Link ABM with SureMDM
In order to perform MDM functions on enrolled iPads, iPhones macOS and tvOS, the ABM account has to be linked with SureMDM. For linking, a certificate is required which ensures a secure and trusted relationship between ABM and SureMDM. The following are the steps to get successful ABM linking:
ADE Profile and Server Creation
1. Navigate to SureMDM Settings > Account Settings > Apple Platform Management > ADE > ADE Profiles > Add.
- Click Add. The ADE Profile creation popup screen appears.
Profile creation is categorized into three steps:
- Profile Details
- Setup Assistant Configurations
- Other Configurations
2.1 Profile Details
In the Profile Details section, configure the below options and click Next
| Settings | Description |
|---|---|
| Profile Name | Enter the name of the ADE profile |
| Platform | Select the platform as tvOS |
| Supervision | Enable this option to enforce supervision during ADE enrollment. |
| MDM Profile Removable | Disable to ensure that end users cannot remove the MDM profile installed on the device. Users can always remove the MDM profile for up to 30 days on devices enrolled in ABM, via Apple Configurator setting, regardless of this setting. |
| MDM Profile Mandatory | Enable this option to enforce user to apply MDM profile. |
2.2 Setup Assistant Configurations
In the Setup Assistant Configurations section, select the necessary setup assistant keys and click Next
| Setup Assistant Keys | Description |
|---|---|
| Skip Login with Apple ID & iCloud | If disabled, tvOS Setup Assistant prompt user to sign in with an Apple ID and iCloud account during enrollment. |
| Skip Terms & Conditions Pane | If disabled, tvOS Setup Assistant prompts user to read and accept the Terms of Use and Conditions during enrollment. Available in tvOS 10.2 and later. |
| Skip Diagnostics Setup | If disabled, tvOS Setup Assistant prompts user to enable or disable sending diagnostic data to Apple during enrollment. Available in tvOS 10.2 and later. |
| Skip Siri Setup | If disabled, tvOS Setup Assistant prompts user to configure Siri during enrollment. Available in tvOS 10.2 and later. |
| Skip Data and Privacy Pane | If disabled, tvOS Setup Assistant displays the Data & Privacy page to user. |
| Skip Screensaver Pane | If disabled, tvOS Setup Assistant tvOS screen about using aerial screensavers in ATV. Available in tvOS 10.2 and later. |
| Skip Tap To Setup | If disabled, AppleTV Setup Assistant prompt user to tap the remote to start setup. Available in tvOS 10.2 and later. |
| Skip TV Room Selection Pane | If disabled, AppleTV Setup Assistant prompt user to select TV Room. Available in tvOS 11.4 and later. |
| Skip TV Provider Selection Pane | If disabled, AppleTV Setup Assistant prompt user to select TV Provider. Available in tvOS 11 and later. |
| Skip HomeScreen Setup | If disabled, AppleTV Setup Assistant prompt user to select HomeScreen. Available in tvOS 11 and later. |
2.3 Other Configurations
In the Other Configurations section, there will be one accordion available:
- Miscellaneous
Configure the required items and click Save.
2.3.1 Accordion 1 - Miscellaneous
In the Miscellaneous section, configure the below.
| Settings | Description |
|---|---|
| Support Phone Number | Support Contact Phone Number will appear in the device's About Configuration panel upon setup and enrollment. |
After completing the configurations, click Save to create the ADE Profile.
3. Once the ADE Profile is created, then it would get reflected in the ADE Profiles listing page.
4. Navigate to ADE Servers Tab and click Add
5. Once the Add is clicked, the below popup screen will appear, in which the following information should be provided and click Add.
6. In the Server Details popup, configure the below information and click Next.
| Setting | Description |
|---|---|
| Name | Provide the name of the ADE Server. |
| Description | Specify the description for the server that is about to be created. |
| Platform Selection | Select the platform. iOS/iPadOS: If enabled, allows you to select ADE profile for iOS/iPadOS devices. macOS: If enabled, allows you to select ADE profile for macOS devices. tvOS: If enabled, allows you to select ADE profile for tvOS devices. |
| Use as Alternate Service Discovery Server | If enabled, this ADE server will be used as a fallback for service discovery during account-driven enrollments. |
| Enrollment Type | Select Enrollment Type. Note: Ensure this ADE server is set as the default MDM server for the appropriate device type in ABM or ASM portal. If not configured, alternate service discovery will not work as expected. Service discovery will first attempt to use the well-known resource for the organization’s domain. If this fails, the device will fall back to ABM or ASM for an alternative location of the well-known resource file. |
| Notify Administrators via Email When New Devices Are Added | If enabled, the system will send email to Administrators with a list of new devices added on every manual sync as well as auto sync. |
| Apple ID | Provide the Apple ID associated with the ABM account used for this integration. |
7. In the Upload Token step, download the PEM Certificate by clicking on the Download button.
PEM Certificate should be downloaded and uploaded in Apple Business Manager application during the process of MDM Server creation.
