Part 2 of Series for managing iOS devices 

Prerequisites for enrolling iOS/iPadOS

Before enrolling iOS/iPadOS devices, you must ensure that the below prerequisites are fulfilled:

  1. Ensure your devices are on supported OS ( iOS 13.0/iPadOS 13.0 and later).
  2. Your Intune tenant is Up & running without any issues.
  3. You have the required access to create & download Apple MDM Push Notification certificates.

Supervised iOS/iPadOS devices

Supervised devices were introduced in iOS 5 and are a special mode that gives organizations more control over the iOS devices they own and manage. It is intended for institutionally-owned devices. iOS supervised mode now extends to iPadOS, macOS, and tvOS.

With device supervision, you can apply almost all sorts of restrictions to manage your iOS devices. 

Please visit the below link for more details on restrictions that are available for supervised Apple devices:

https://support.apple.com/guide/mdm/welcome/web

iOS/iPadOS device settings in Microsoft Intune | Microsoft Docs 

Intune supports the following iOS/iPadOS company-owned device enrollment methods:

  1. Apple’s Automated Device Enrollment (ADE)
  2. Apple School Manager
  3. Apple Configurator Setup Assistant enrollment
  4. Apple Configurator direct enrollment
  5. Enrolling company-owned iOS/iPad OS devices with a device enrollment manager account 

Automated Device Enrollment

Automated Device Enrollment (ADE) lets organizations automate their device enrollment procedure and simplify initial device setup. You can supervise devices during activation without touching them and lock MDM enrollment for the complete device lifecycle.

ABM and ASM are available to organizations in supported countries or regions that purchase devices from any of the following channels:

  • Directly from Apple
  • Apple Authorized Resellers
  • Cellular carriers

Enroll your organization in Apple Business Manager or Apple School Manager

Apple Business Manager (ABM) is a web-based portal for IT administrators to deploy iPhone, iPad, iPod touch, Apple TV, and Mac. It integrates seamlessly with your mobile device management (MDM) solution. Using ABM, you can easily automate device deployment, purchase apps & books for your end-users and create Managed Apple IDs for employees. 

Enrollment in ABM is simple and takes only a few minutes. Any business can sign-up for ABM subject to the service terms and conditions. The first thing to get started is registering in D-U-N-S (which we have already discussed earlier – Register for DUNS).

The enrollment process is as below:

  1.  Sign in to Apple Business Manager or Apple School Manager.
  2. Click “Enroll Now.”
  3. Enter the information for your organization, like Organization Name, D-U-N-S number, Phone Number, etc.

The user signing up for the ABM for the first time by default becomes the first administrator on ABM as he/she enrolls in ABM on behalf of the organization. This administrator should agree to the program and software license agreements of ABM. The initial account administrator can create/give four other users as “administrators” in the ABM. Also, these accounts can’t be associated with any existing Apple ID or other Apple services.

Apple will review all the information provided and will contact this representative, and he/she may be asked for additional information by phone or email before the enrollment is approved.