ABM setup

The Apple Business Manager (ABM) is Apple's new method for enrolling corporate iOS devices. With ABM you can enroll the iOS devices without any direct contact with the device and also with minimal interaction from the user. The Apple ABM enrollment provides administrators the option to customize the complete device setup process. It also provides the option to prevent users from removing the MDM profile from the device. You can enroll your existing iOS devices (if they meet the iOS devices ABM requirements) and all iOS devices that you will buy in the future. For further information about Apple ABM see the Apple ABM Guide and Apple ABM Documentation.

Synchronize your ESET PROTECT Cloud MDM with Apple ABM server:

1.Verify that all Apple ABM Requirements are met for both account requirements and device requirements.

ABM Account:

oThe program is only available in certain countries. Visit the Apple ABM webpage to see if ABM is available in your country.

oApple ABM Account requirements can be found on these websites: Apple deployment program requirements and Apple Device Enrollment Program requirements.

oSee the detailed ABM device requirements.

2.Log in to your Apple ABM Account (If you do not have an Apple ABM account you can create it).

3.From the Device Management Settings section select Add MDM Server.

MDM_DEP_add

4.In the Untitled MDM Server screen enter your MDM Server Name, for example: "MDM_Server,".

MDM_DEP_add02

5.Upload your public key into the ABM portal. Click Choose File and select the public key file (this is the public key file you download from the ABM settings screen in ESET PROTECT Cloud) and click Save.

MDM_DEP_addPK

6.Now click on Download Token to download your Apple ABM Token. This file will be uploaded into the ESET PROTECT Cloud CMDM settings under ABM Server token -> Upload.

MDM_DEP_tokenD

Add iOS Device into Apple ABM:

The next step is to assign iOS devices to your virtual MDM Server inside Apple ABM portal. You can assign your iOS devices by serial number, order number or by uploading a list of Serial numbers for target devices in CSV format. Either way, you must Assign the iOS device to the virtual MDM Server (you created in the previous steps).

1.Navigate to the Devices section of the ABM portal and select the device you want to assign and click on Edit Device Management.

MDM_DEP_CSV

2.After selecting your MDM server form the list, conform your selection and the mobile device will be assigned to your MDM server.


warning

Once a device is removed from the ABM portal, it is removed permanently, you cannot add it back.

After that you can leave the Apple ABM portal and continue in ESET PROTECT Cloud Web Console.


warning

If you are enrolling iOS devices that are currently in use (and that meet the device requirements) new policy settings will be applied to them after a factory reset of target device.

The Cloud MDM synchronization interval is set to 30 minutes, so you will need to wait for this time period for the Apple device to appear in ESET PROTECT Cloud.