Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 8 subscribers
  • Views 1316 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

userless enrollment - iOS devices (Apple DEP) stay unmanaged after profile is assigend

Sophos User2478

Hello!

I have imported several iPhones via Apple Configurator 2 into Apple Business Manager and then further assigned them to Sophos Mobile MDM in ABM.


Those devices show up in the Sophos Mobile Webconsole and I can assign/reassign Apple DEP profiles to them successfully, but they stay "unmanaged". That is why further policies or tasks could not be applied to them. 

Users should not be assigned to this devices in this step (logistical reasons), so individual enrollment via SSP is out of the equation.

What am I missing about the enrollment process? Any advice is appreciated!

Regards Thomas



This thread was automatically locked due to age.
Parents
  • +1

    Thanks for reaching out to us. 

    If DEP/ABM is not used to perform the initial setup of the device and you are instead supervising the device using Apple Configurator, you will need to use the following steps to enroll the device for your use-case. 

    - From Sophos Mobile, select +Add > Add device wizard
    - Select Skip user assignment, Next
    - Specify a name for the device, and add an e-mail address for the enrollment steps to be sent to, Next
    - Select Enroll device, Next
    - Select Enrollment without Apple ID

    The steps shown on the screen will need to be followed using the normal Camera app on the mobile device to finish enrollment.

    Let me know if this helps.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • 0 in reply to Qoosh

    THX for your answer.

    It is possible set to those devices (added from Apple Configurator 2) to "managed state" by your suggested procedure; I used the "Add device wizard" and provided an email address.

    But without an regular AppleID SMC refuses to install apps from the app store - allthough we use VPP.

    I tried using managed AppleIDs from our ABM, but those are not permitted to use the app store. So far I just want to deploy apps that are free.

    A credit card as payment option in ABM has already been provided.

    So, how to I get SMC to install apps from VPP on managed devices without using AppleIDs? Is this even supported?

    Over the last few days Sophos Mobile was not generating enrollment tasks with QR-Codes. Now it works again. Must have been a temporar error.

Reply
  • 0 in reply to Qoosh

    THX for your answer.

    It is possible set to those devices (added from Apple Configurator 2) to "managed state" by your suggested procedure; I used the "Add device wizard" and provided an email address.

    But without an regular AppleID SMC refuses to install apps from the app store - allthough we use VPP.

    I tried using managed AppleIDs from our ABM, but those are not permitted to use the app store. So far I just want to deploy apps that are free.

    A credit card as payment option in ABM has already been provided.

    So, how to I get SMC to install apps from VPP on managed devices without using AppleIDs? Is this even supported?

    Over the last few days Sophos Mobile was not generating enrollment tasks with QR-Codes. Now it works again. Must have been a temporar error.

Children
Unfiltered HTML