ITarian Help

Find the desired product help

IT Endpoint Manager

IT Endpoint Manager

Endpoint Manager Administrator Guide 6.43

English

Print Help Download Help
Configure Endpoint Manager > Integrate Apple DEP With Endpoint Manager > Link Endpoint Manager With Apple DEP
  • Introduction To Endpoint Manager
    • Key Concepts
    • Best Practices
    • Quick Start
    • Sign Up For An ITarian Account
    • Login Into The Admin Console
  • The Admin Console
  • The Dashboard
  • Devices And Device Groups
    • Manage Device Groups
      • Create Device Groups
      • Edit A Device Group
      • Assign Configuration Profiles To A Device Group
      • Remove A Device Group
      • Run Procedures On Customer Groups
    • Manage Devices
      • Add New Devices
      • Manage Windows Devices
        • View And Edit Device Name
        • View Summary Information
        • View Hardware Information
        • View Network Information
        • View Maintenance Windows Associated With Device
        • View And Manage Profiles Associated With A Device
        • View And Manage Applications Installed On A Device
        • View The Files On A Device
        • View Exported Configurations And Import Profiles
        • View MSI Files Installed On A Device Through Endpoint Manager
        • View And Manage Patches For Windows And 3rd Party Applications
        • View Antivirus Scan History
        • View And Manage Device Group Memberships
        • View Device Logs
      • Manage Mac OS Devices
        • View And Edit Mac OS Device Name
        • Summary Information Of Mac Device
        • View Installed Applications
        • View Quarantined Files
        • View And Manage Profiles Associated With A Device
        • View Mac OS Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
        • View Mac Device Logs
      • Manage Linux Devices
        • View And Edit Linux Device Name
        • Summary Information Of Linux Device
        • View Network Information Of A Linux Device
        • View And Manage Profiles Associated With A Linux Device
        • View Linux Packages Installed On A Device Through Endpoint Manager
        • View And Manage Device Group Memberships
      • Manage Android Devices
        • View And Edit Device Name
        • View Summary Information
        • Manage Installed Applications
        • View And Manage Profiles Associated With A Device
        • View Sneak Peek Pictures To Locate Lost Devices
        • View The Location Of The Device
        • View And Manage Device Group Memberships
      • Manage IOS Devices
        • View Summary Information Of An IOS Device
        • View And Edit Device Name Of An IOS Device
        • View Applications Installed On An IOS Device
        • View And Manage Profiles Associated With An IOS Device
        • View The Location Of An IOS Device
        • View And Manage Group Memberships Of An IOS Device
      • View User Information
      • Remove A Device
      • Remote Management Of Windows And Mac OS Devices
        • Transfer Items To / From The Remote Computer
      • Remotely Manage Folders And Files On Windows Devices
      • Manage Processes On Remote Windows Devices
      • Manage Services On Remote Windows Devices
      • Use The Command Prompt On Remote Windows Devices
      • Apply Procedures To Windows And Mac Devices
      • Remotely Install And Manage Packages On Windows Devices
      • Remotely Install Packages On Mac OS Devices
      • Remotely Install Packages On Linux Devices
      • Send Enrollment Link To IOS Devices
      • Install Apps On Android/iOS Devices
      • Generate An Alarm On Android Devices
      • Remotely Lock Mobile And Mac OS Devices
      • Wipe Selected Mobile And Mac Devices
      • Assign Configuration Profiles To Selected Devices
      • Set / Reset Screen Lock Password For Mobile Devices
      • Update Device Information
      • Send Text Messages To Mobile Devices
      • Restart Selected Windows Devices
      • Shutdown Windows Devices
      • Wake Offline Device
      • Change A Devices Owner
      • Change The Ownership Status Of A Device
      • Add Custom Notes And Tags On Devices
      • Generate Device List Report
    • Bulk Enrollment Of Devices
      • Enroll Windows, Mac OS And Linux Devices By Installing The Communication Client
        • Enroll Windows Devices Via AD Group Policy
        • Enroll Windows, Mac OS And Linux Devices By Offline Installation Of Agent
        • Enroll Windows Devices Using Auto Discovery And Deployment Tool
      • Enroll The Android And IOS Devices Of AD Users
    • Download And Install The Remote Control Tool
  • Users And User Groups
    • Manage Users
      • Create New User Accounts
        • Manually Add Users
        • Import Users From A CSV File
      • Enroll User Devices For Management
        • Enroll Android Devices
        • Enroll IOS Devices
        • Enroll Windows Endpoints
        • Enroll Mac OS Endpoints
        • Enroll Linux OS Endpoints
      • View User Details
        • Update The Details Of A User
      • Assign Configuration Profiles To User Devices
      • Remove A User
      • Generate New Password For A User
      • Reset Two Factor Authentication Token For A User
      • Run Procedures On User Devices
    • Manage User Groups
      • Create A New User Group
      • Edit A User Group
      • Assign Configuration Profiles To A User Group
      • Remove A User Group
      • Run Procedures On Group Devices
    • Configure Role Based Access Control For Users
      • Create A New Role
      • Manage Permissions And Users Assigned To A Role
      • Remove A Role
      • Manage Roles Assigned To A User
  • Configuration Templates
    • Create Configuration Profiles
      • Profiles For Android Devices
      • Profiles For IOS Devices
      • Profiles For Windows Devices
        • Create Windows Profiles
          • Associated Devices Settings
          • Remote Control Settings
          • Client Access Control
          • Client Proxy Settings
          • Communication Client Update Settings
          • Client UI Settings
          • Remote Tools Settings
          • Monitors
          • Procedure Settings
          • Patch Management Settings
          • Maintenance Window Settings
          • Global Proxy Settings
          • Communication Client Rebranding
          • Client Logging Settings
          • Antivirus Settings
          • Firewall Settings
          • HIPS Settings
          • File Rating Settings
          • Containment Settings
          • VirusScope Settings
          • Xcitium Verdict Cloud
          • Agent Discovery Settings
          • External Devices Control Settings
          • Miscellaneous Settings
          • Script Analysis Settings
          • Data Loss Prevention Settings
          • Xcitium Client Security Access Control
          • XCS Updates
          • Xcitium Client Security UI Settings
          • XCS Logging Settings
          • Thumbnails Settings
          • Performance Settings
          • Chat Settings
        • Import Windows Profiles
      • Profiles For Mac OS Devices
        • Create A Mac OS Profile
          • Antivirus Settings For Mac OS Profile
          • Certificate Settings For Mac OS Profile
          • Restrictions Settings For Mac OS Profile
          • VPN Settings For Mac OS Profile
          • Wi-Fi Settings For Mac OS Profile
          • Remote Control Settings For Mac OS Profile
          • External Device Control Settings For Mac OS Profile
          • Valkyrie Settings For MacOS Profile
          • Procedure Settings For Mac Profiles
          • Monitor Settings For Mac OS Profile
      • Profiles For Linux Devices
        • Create A Linux Profile
          • Antivirus Settings For Linux Profile
          • Communication Client And Comodo Client - Security Application Update Settings For Linux Profile
          • User Interface Settings For Linux Profile
          • Logging Settings For Linux Profile
          • Clients Access Control Settings For Linux Profile
          • Valkyrie Settings For Linux Profile
    • View And Manage Profiles
      • Export And Import Configuration Profiles
      • Clone A Profile
    • Edit Configuration Profiles
    • Manage Default Profiles
    • Manage Alerts
      • Create A New Alert
      • Edit / Delete An Alert
    • Manage Procedures
      • View And Manage Procedures
      • Create A Custom Procedure
      • Combine Procedures To Build Broader Procedures
      • Review / Approve / Decline New Procedures
      • Add A Procedure To A Profile / Procedure Schedules
      • Import / Export / Clone Procedures
      • Change Alert Settings
      • Apply Procedures To Devices
      • Edit / Delete Procedures
      • View Procedure Results
    • Manage Monitors
      • Create Monitors And Add Them To Profiles
        • Monitors For Windows Devices
        • Monitors For Mac OS Devices
      • View And Edit Monitors
    • Data Loss Prevention Rules
      • Create DLP Discovery Rules And Add Them To Profiles
      • View And Edit DLP Discovery Rules
      • Create DLP Monitoring Rules And Add Them To Profiles
      • View And Edit DLP Monitoring Rules
  • Security Systems
    • Security Dashboards
      • View Security Events By Time
      • View Security Events By Files
      • View Security Events By Device
    • View Contained Applications
    • Manage File Trust Ratings On Windows Devices
      • File Ratings Explained
    • View List Of Valkyrie Analyzed Files
    • Antivirus And File Rating Scans
      • Run Antivirus And/or File Rating Scans On Devices
      • Handle Malware On Scanned Devices
      • Update Virus Signature Database On Windows, Mac OS And Linux Devices
    • View And Manage Identified Malware
    • View And Manage Quarantined Items
    • View Android Threat History
    • View And Manage Autorun Items
    • View History Of External Device Connection Attempts
    • Data Loss Prevention Scans
      • DLP Logs
      • DLP Quarantined Files
  • Network Management
    • Create And Run Network Discovery Tasks
    • Manage Profiles For Network SNMP Devices
    • Manage Network Devices
      • Manage SNMP Devices
        • SNMP Device Details Interface
      • Discovered Devices
    • Manage Network Monitors
  • Application Store
    • IOS Apps
      • Add IOS Apps And Install Them On Devices
      • Manage IOS Apps
    • Android Apps
      • Add Android Apps And Install Them On Devices
      • Manage Android Apps
    • Windows Apps
      • Install Windows Apps On Devices
  • Applications
    • View Applications Installed On Android And IOS Devices
      • Blacklist And Whitelist Applications
    • Patch Management
      • Manage OS Patches On Windows Endpoints
      • Install 3rd Party Application Patches On Windows Endpoints
        • EM Supported 3rd Party Applications
    • View And Manage Applications Installed On Windows Devices
      • Uninstall A Windows Application From Selected Devices
      • Uninstall A Windows Application From All Devices
    • Vulnerability Management
  • License Management
    • Manage Your Licenses
    • Manage License Allocation
    • Bill Forecast
  • Configure Endpoint Manager
    • Email Notifications, Templates And Custom Variables
      • Configure Email Templates
      • Configure Email Notifications
      • Create And Manage Custom Variables
      • Create And Manage Registry Groups
      • Create And Manage COM Groups
      • Create And Manage File Groups
      • View And Manage Pattern Variables
      • View And Manage Keyword Groups
    • Endpoint Manager Portal Configuration
      • Import User Groups From LDAP
      • Configure Communication And Security Client Settings
        • Configure The EM Android Client
          • Configure Android Client General Settings
          • Configure Android Client Antivirus Settings
          • Add Google Cloud Messaging (GCM) Token
        • Add Apple Push Notification Certificate
        • Configure Windows Clients
          • Configure Communication Client Settings
          • Configure Client Security Settings
      • Manage Endpoint Manager Extensions
      • Configure Endpoint Manager Reports
      • Device Removal Settings
      • Account Security Settings
      • Set-up Administrators Time Zone And Language
      • Configure Audit Log Settings
    • Integrate Apple DEP With Endpoint Manager
      • Link Endpoint Manager With Apple DEP
      • Manage Apple DEP Devices
      • Manage Apple DEP Profiles
      • Configure Apple DEP Notifications
    • View Version And Support Information
  • Appendix 1a - Endpoint Manager Services - IP Nos, Host Names And Port Details - EU Customers
  • Appendix 1b - Endpoint Manager Services - IP Nos, Host Names And Port Details - US Customers
  • Appendix 2 – Endpoint Manager License Types
  • Appendix 3 - Pre-configured Profiles
  • About ITarian

Link Endpoint Manager with Apple DEP


  • You first need to complete the following steps with Apple:
  • Enroll in the Apple Device Enrollment Program (DEP) program if you haven’t done so already.
  • Link Endpoint Manager (EM) to your DEP account. EM is the ‘MDM solution’ referred to in Apple’s docs (see link below).
  • Assign devices to your DEP account.
  • Please follow the steps in Apple’s help documentation to complete the processes above.
  • Completing these steps will establish a virtual Endpoint Manager server in DEP. The virtual server is synchronized with your physical EM account.
  • Next, you need configure settings in Endpoint Manager to complete the link to DEP.
  • Click 'Settings' > 'Apple DEP'
  • Click the ‘Certificate’ tab:


 

  • First, you need to install an Apple Push Notification (APN) certificate on your EM portal. This certificate allows Endpoint Manager to communicate with iOS and Mac devices.
  • You may already have done this if you are currently using EM to manage iOS devices. If not, then:
  • Click ‘Settings’ > ‘Portal Set-up’ > ‘Client Settings’ > ‘mac OS/iOS’ > ‘Create APN certificate’
  • Complete the certificate application form then click ‘Create’.
  •  See 'Add Apple Push Notification Certificate' if you need help with this.
  • After installing the APN cert, you need to install a DEP certificate. This certificate allows Endpoint Manager to communicate with Apple's DEP servers.
  • Click 'Settings' > 'Portal Set-up' > 'Apple DEP'
    • Click the 'Start' button



    • Complete all fields on the certificate request form. Enter your Apple ID and your company details.
    • Click 'Create' to submit the form, then 'Download Public Key’:



    • Save the key in a safe place as you will need to upload it to the DEP server later.
    • Click 'Next' after you have saved the key.



    Next, you need to create a virtual EM server on Apple’s DEP server:

    • Click 'Go to DEP Portal' and login to your DEP account
    • Open the ‘Device Management Settings' page then click 'Add MDM Server'
    • Create a name for your virtual server in the ‘MDM Server Info’ field. This can be anything you choose.
    • Make sure ‘Allow this MDM server to release devices’ is enabled
    • Click ‘Choose File...’ to upload the public key you saved.
    • Click 'Save':


    • After authenticating your request, DEP will generate a token which you need to upload to Endpoint Manager:



    • Click 'Download Token'



    • Click 'Download Server Token' and save it
    • Go back to EM portal and upload the token
    • Click ‘Settings’ > ‘Apple DEP’ > ‘Certificate’
    • Click 'Browse', locate your token then click 'Open':



    • Click 'Complete'

    The ‘Certificates’ tab will now show your DEP certificate details:



    • Your Endpoint Manager and Apple DEP accounts are now synced. You can now add devices and configure your DEP profile.
    Comodo Help
    • IT Platform:
    • Help
    • Scripts
    • Wiki
    • Forum
    • Developer
    • RMM
    • Patch Management
    • Service Desk
    • ITSM
    • Managed Service Provider
    • Managed Detection and Response
    • Ticketing System
    • Helpdesk
    • ITIL

    Copyright 2024 Itarian