How to enroll in an MDM with Apple Configurator

Just like with Apple's line of sleek products, Apple is also focusing on making its management tools just as sleek and powerful.

Upgrades to Apple Configurator, Apple Business Manager (ABM), and Apple School Manager (ASM) have brought significant quality of life changes to the management side of Apple. However, as these systems are updated, workflows, like enrolling devices into a mobile device management (MDM) server, often change. So let’s go over the process of enrolling devices into an MDM server with Apple Configurator.

What is Apple Configurator?

Apple Configurator is an application available for both macOS and iOS. However, while they share the same name, the macOS and iOS versions of Apple Configurator function very differently.

Apple Configurator for macOS was initially released in 2012 and provides device management functionality, such as managing and distributing configurations, VPN settings, device certificates, passcode requirements, and more. Additionally, Apple Configurator can help enroll iPhone, iPod, iPad, and Apple TV devices into ABM/ASM, or directly into an MDM service.

Apple Configurator for iOS, released in 2021, is primarily used to enroll Mac devices running the T2 Security Chip or Apple silicon into ABM/ ASM accounts. It does not provide management functionality. However, Apple announced that Apple Configurator for iOS would also be capable of onboarding devices running iOS 16 and iPadOS 16 into ABM/ASM.

How to enroll devices into an MDM server using Apple Configurator

There are two primary methods of enrolling devices into an MDM using Apple Configurator for macOS:

• Enrolling devices directly into an MDM server, bypassing ABM/ASM

• Using Apple Configurator to enroll devices into ABM/ASM and utilizing Automated Device Enrollment (ADE)

Let’s review these two methods and when you want to use each.

If you’re trying to enroll a macOS device using Apple Configurator for iOS devices, we’ve got you covered. Check out our detailed video guide, which shows you how to enroll in SimpleMDM with ADE and Apple Configurator for iOS.

Enroll devices directly into your MDM server using Apple Configurator.

If you are not utilizing ABM/ASM, you can enroll devices directly into your MDM server using Apple Configurator for macOS. As mentioned earlier, this method works with iPhones, iPods, iPads, and Apple TV devices. Here’s how it works:

1. Connect the iOS device to the Mac running Apple Configurator

2. Launch Apple Configurator. You should see the connected iOS device.

   

3. Select the device.

4. Click Prepare.

   

5. Using the drop-down menu, make sure Manual Configuration is selected.

6. Select Supervise devices and Allow devices to pair with other computers.

   

7. Click Next.

8. Using the drop-down menu, select New Server…

   

9. Click Next.

10. Enter the name and link for your MDM server. In SimpleMDM, you can retrieve your Group Enrollment link by clicking on Enrollments and then clicking on the enrollment group you want the device to join.

    

11. Use the default trust anchor certificates, and click Next.

    

12. Click Skip at the Apple School Manager and Apple Business Manager sign-in screen since our objective is to enroll directly into MDM without using ABM/ASM.

    

13. Enter your organization’s information, then click Next.

    

14. Select Choose an existing supervision identity if you already have one. If you don’t have one, select Generate a new supervision identity and click Next.

    

15. Select which setup steps will be shown to the user in Setup Assistant, then click Prepare.

    

16. If asked to authenticate to update the certificate trust settings, enter your credentials and click Update Settings.

    

17. If the device has already been prepared, you will be prompted to erase the device to continue the process. Click Erase.

    

18. Once the device has been wiped, you will be back at the main Configurator screen. Repeat steps 3 through 7.

19. It should default to the MDM server information you previously entered. Click Next.

20. It should default to the organization information you previously entered. Click Next.

21. Review the Setup Assistant steps, and click Prepare.

    

The device will go through its final configuration. Once it has finished and you’ve connected it to Wi-Fi, the device will be enrolled in your MDM server.

This method works if you’re unable to utilize ABM/ASM. However, ABM/ASM is free to use and provides many features that can enhance your Apple device management experience. ADE alone can significantly improve the onboarding experience for you and your users.

Add devices to ABM/ASM and utilize ADE to enroll devices into your MDM with Apple Configurator

If your organization utilizes ABM/ASM, you can use Apple Configurator to add devices to your ABM/ASM account. Once the device is in your ABM/ASM account, you can utilize ADE to enroll the device in your MDM. This option is suitable for already-owned devices and devices acquired outside of authorized Apple channels that you want to import into your ABM or ASM account. Here’s how it works:

1. Connect your iOS device to your Mac.

2. Launch Apple Configurator.

3. Select the device, and click Prepare.

   

4. At the Prepare Devices window, select Manual Configuration. Ensure Add to Apple School Manager or Apple Business Manager, Supervise devices, and Allow devices to pair with other computers are selected, and unselect Activate and complete enrollment.

   

5. Click Next.

6. If you haven’t already configured a server, follow steps 8 through 10 of the previous example. Since I already have a server configured, I’ll ensure it’s selected and click Next.

   

7. If you have an existing organization profile, select it, and click Next; otherwise, create a new organization profile.

   

8. Enter the credentials for your Apple School Manager or Apple Business Manager account, and click Next.

   

9. Configure your Setup Assistant steps, and click Next.

   

10. Select a network profile or create a new one by clicking File > New Profile.

    

11. Click Prepare.

12. If the device has already been set up, you will be prompted to erase the device to continue the process. Click Erase.

Once the setup completes, the device enrolls into your Apple School Manager or Apple Business Manager account.

With the device in ABM, we can assign it to our MDM server and get it enrolled via Automated Enrollment.

Assigning the device in ABM to an MDM server

1. Locate and select the device in your ABM or ASM account. Searching for the device serial number is a quick way to narrow down the results.

2. Click Edit MDM Server.

   

3. Select Assign to the following MDM:, then select your MDM server from the drop-down list.

   

4. Click Continue.

5. When asked if you want to confirm the changes, click Confirm.

6. To complete the automated enrollment, you need to wipe the device. In Apple Configurator, select the device, click Actions > Advanced > Erase All Content and Settings.

7. When prompted to confirm you want to erase the device, click Erase.

   

Once the device has been restored and connected to Wi-Fi, the device will finish the automated enrollment into your MDM server.

Do I need an MDM solution if I’m using Apple Configurator?

If you’re wondering if you still need an MDM solution if you already use Apple Configurator, the answer is: probably.

With a small enough fleet of local Apple devices, you may be able to utilize just Apple Configurator. However, you’ll quickly find Apple Configurator lacking remote management functionality and inefficient when managing large numbers of devices.

Additionally, many MDM functions aren’t available with Apple Configurator, such as app-specific configurations, remote app deployments, device tracking, remote locking, remote wiping, bring your own device (BYOD) management, Munki integration, link enrollment, and more.

Simplifying Apple device management

Apple continues to improve its device and OS management tools. Apple Business Manager and Apple School Manager, combined with Apple Configurator and SimpleMDM, let you take control of your entire Apple ecosystem from the moment you purchase a device.

If you’re not already using SimpleMDM, what are you waiting for? Start your 30-day free trial now to discover how easy managing a fleet of Apple devices can be.