To start setting up your new MDM solution, you need to create an Apple Push Notifications Certificate. This is what helps the MDM server communicate with your devices, and is necessary for those devices to receive custom commands.
Important note: You should create a new Apple Push certificate when migrating devices to a new MDM server. You can create the certificate using the same Apple ID that was previously used. This will not cause an interference with previously created and/or valid Push Certificates.
Once you’re done creating the Apple Push Certificate, you’re ready to integrate your MDM solution and can start setting up your organizational hierarchy. This is done by importing user data.
If you’re using Mosyle Business, make sure to integrate Apple Business Manager, Active Directory, Apple Configurator 2.5 or import your users using spreadsheets.
Below are the steps to complete your Apple Business Manager integration in Mosyle Business:
We recommend integrating Apple Business Manager with Mosyle Business, so you can take advantage of zero-touch deployment with Device Enrollment, supervised modes, and the ability to prevent students from removing the devices from MDM.
You’ll also be able to import locations, employees, and other users to your new MDM solution once the integrations are complete.
Don’t forget to add the users for your technology teams and give them the appropriate permissions to access and manage parts of your new MDM solution.
Another important part of setting up your new MDM solution is setting up user authentication for your end-users, so your employees’ and corporate information can be kept secure. If your new MDM solution has identity management capabilities, follow the steps provided by the MDM solution for setting up user authentication.
With Mosyle Business, you have the option of using Single Sign-On and Mosyle Auth, which gives users the ease of having a single unified login. By linking user accounts to modern authentication using cloud identity providers such as G-Suite and Microsoft Azure AD, an enhanced Mac Login Screen Window means that your users can simply turn on their Mac computer and all the company settings and policies will be there.
In the following chapter we’ll guide you through re-enrolling and assigning your devices.