Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
Many thanks for this great community.
I am new to Sophos MDM and hoping to roll it out to all ios devices in my school.
We have 60 iPads that need to be enrolled. Currently they are setup with Apple configurator, new apps are pushed through profile manager and vpp. New iPads are enrolled by connecting to the mac server mini and profiles installed with apple configurator. The problem with that is it's not always reliable, an app is pushed but takes very long to install. If there isn't enough space, it just goes into a state of pending and requires re-install of profiles.. I can go on for a long time describing issues.
Now we've decided to use Something different, as we have sophos central, we though to try MDM and see how we get on. I have completed initial setup, certs, vpp etc.. we do not have DEP or school manager (trying to get enrolled).. However, what is the best way to enroll all these devices? Bearing in mind the devices are shared, used by all students in the library.
I have spent a very long time trying to set it up, but when it comes to enrolling devices I struggle. I am trying to auo-enroll devices, even if it means plugging them all using an active sync trolley but the problem is I can't find the setting that this article describes:
I need to enable auto-enrollment so I can add the server link to apple config as shown in the screenshot below,
however when I go to our sophos central (below), I can not see the option to enable auto-enrollment under Device groups,
Has anyone seen this before or know how I can work around/ or find this option?
Please refer to the article and let me know if this helps resolve your query.
We got stuck here too, because the way auto-enrollment is supported has changed with Sophos Central and their techies and documentation don't really seem to be aware of this which is understandably very frustrating.
You can now only auto-enrol using DEP, which means you need to get your organisation setup with a DEP ID. To do this you need to go to https://deploy.apple.com and go through their process. It takes a week or so if you have all the information.
Then you can go to Setup > System setup > Apple DEP and follow the instructions to setup the security relationship between your Sophos Central Mobile instance and Apple's DEP servers.
Once you've done this, you'll need your Apple device reseller to release all the Apple device serial numbers to your new DEP organisation ID.
Lots of hoops I know, which SUCKS. Not sure why Mobile removed the auto-enrollment feature but it's definitely gone.
Hope this helps.
In reply to Jake Fraser:
This may help: I was told that the checkbox for auto-enrollment is only available for the on-premise version of Mobile. Central doesn't have that option. I know we went through that as well, but we got everything all setup in DEP and that took care of it.
In reply to Haridoss Sreenivasan:
Many Thanks for the response Haridos,
I found out that Autoenrollment doesn't work with Sophos Central and that I will have to enrol in DEP first before I can automate device Enrollment.
Life saver! Many thanks James.
I have no idea why they make what seems to be a very simple task, so complicated. I was familiar with each step you mentioned however the way you structured the process makes complete sense.
Already started the enrolment in DEP so I can hopefully get all devices enrolled.
In reply to Andrew Kapsch:
I have started the DEP setup process as it seems to be the only viable option available for Sophos Central Users.