ESET Online Help

Search English
Select the topic

Apple Business Manager (ABM) synchronization (iOS)

The Apple Business Manager (ABM) is Apple's new method for enrolling corporate iOS devices. With ABM you can enroll the iOS devices without any direct contact with the device and also with minimal interaction from the user. The Apple ABM enrollment provides administrators the option to customize the complete device setup process. It also provides the option to prevent users from removing the MDM profile from the device. You can enroll your existing iOS devices (if they meet the iOS devices ABM requirements) and all iOS devices that you will buy in the future. For further information about Apple ABM see the Apple ABM Guide and Apple ABM Documentation.


important

Before performing the iOS ABM enrollment, you must enable ABM synchronization in your ESET PROTECT Web Console. To do so, navigate to More > Settings > Apple Business Managed (ABM) synchronization.

 

Synchronize your ESET PROTECT MDM with Apple ABM server

1.Verify that all Apple ABM Requirements are met for both account requirements and device requirements.

ABM Account:

oThe program is only available in certain countries. Visit the Apple ABM webpage to see if ABM is available in your country.

oApple ABM Account requirements can be found on these websites: Apple deployment program requirements and Apple Device Enrollment Program requirements.

oSee the detailed ABM device requirements.

2.Log in to your Apple ABM Account (If you do not have an Apple ABM account you can create it).

3.From the Device Management Settings section select Add MDM Server.

MDM_DEP_add

4.In the Untitled MDM Server screen type your MDM Server Name, for example: "MDM_Server,".

MDM_DEP_add02

5.Upload your public key into the ABM portal. Click Choose File and select the public key file (this is the public key file you download from the ABM settings screen in ESET PROTECT) and click Save.

MDM_DEP_addPK

6.Now click Download Token to download your Apple ABM Token. This file will be uploaded into the ESET PROTECT Settings under ABM Server token > Upload.

MDM_DEP_tokenD

Add iOS Device into Apple ABM

The next step is to assign iOS devices to your virtual MDM Server inside Apple ABM portal. You can assign your iOS devices by serial number, order number or by uploading a list of Serial numbers for target devices in CSV format. Either way, you must Assign the iOS device to the virtual MDM Server (you created in the previous steps).

1.Navigate to the Devices section of the ABM portal and select the device you want to assign and click Edit Device Management.

MDM_DEP_CSV

2.After selecting your MDM server from the list, conform your selection and the mobile device will be assigned to your MDM server.


warning

After a device is removed from the ABM portal, it is removed permanently, you cannot add it back.

After that you can leave the Apple ABM portal and continue in ESET PROTECT Web Console.


warning

If you are enrolling iOS devices that are currently in use (and that meet the device requirements) new policy settings will be applied to them after a factory reset of target device.

The Cloud MDM synchronization interval is set to 30 minutes, so you will need to wait for this time period for the Apple device to appear in ESET PROTECT.

Troubleshooting—Re-add a removed ABM device

If you have removed an ABM device from the list of devices in ESET PROTECT Web Console, follow the steps below to re-add the device to ESET PROTECT Web Console:

1.Unassign the device from the MDM Server in ABM. Do not release the device in the ABM portal.

2.Wait for 30 minutes.

3.Re-assign the device to the MDM Server.