Apple Automated Device Enrollment (ADE) allows organizations to automate the setup and configuration of Apple devices by automatically enrolling them into their MDM environments upon activation through Apple Business Manager (ABM) and Apple School Manager (ASM).
Previously known as the Apple Device Enrollment Program (Apple DEP), Automated Device Enrollment streamlines deployment and enables preconfiguration of device settings. It places devices in supervised mode, skips initial computer setup steps (such as Apple ID setup), and allows IT departments to manage devices received directly from Apple or approved Apple Authorized Resellers without physical intervention.
All this equals one thing: ready-to-use devices right out of the box!
"Automated Device Enrollment lets organizations configure and manage devices from the moment the devices are removed from the box." — Apple
With ADE, you can seamlessly integrate your new Apple devices, fully configured, into your existing device lifecycle — just like magic.
How does Automated Device Enrollment work?
Automated Device Enrollment utilizes Apple Business Manager (ABM) or Apple School Manager and your MDM server to apply enrollment profiles to automate the device enrollment.
Once devices are associated with your ABM or ASM account and MDM server, devices purchased directly from Apple, Inc. or an Apple Authorized Reseller will be automatically enrolled.
Sounds cool, huh? 😎
When an enrolled device is turned on and connects to Wi-Fi for the first time during Setup Assistant, the device will contact Apple activation servers to determine if the device is assigned to an ABM account. The ABM account then instructs the device to retrieve and install the Automated Enrollment Profile from the associated MDM server.
What are the benefits of Automated Device Enrollment?
Here are some benefits of using Automated Device Enrollment:
Automatically link purchased devices to your Apple Business Manager account.
Force MDM enrollment for organization-owned devices.
Customize the setup user experience and prefill it with your organization's details.
Skip panes to shorten the setup process.
Deploy custom configuration settings as soon as devices are activated.
Simplify and speed up the onboarding process for IT and end users.
Install assigned apps automatically during setup.
Enable mandatory supervision for enhanced device security and control.
Apple Automated Device Enrollment paired with a feature-rich MDM platform (like SimpleMDM) drastically simplifies Apple device management.
What are the requirements for Automated Device Enrollment?
These are the requirements to use Automated Device Enrollment for your organization successfully:
Have a free Apple Business Manager account.
Have an MDM solution, such as SimpleMDM. Try it free for 30 days.
Be in a supported country or region.
Support these minimum technical requirements:
iOS devices running iOS 7 or later
iPadOS devices
macOS devices running OS X Mavericks 10.9 or later
Apple TV (4th generation or later)
tvOS device running 10.2 or later
Devices must be organizationally owned.
Can pre-existing devices be added to ABM and ADE?
Yes, Apple devices that your orginization already owns and uses can be added to ADE. Most organizations already have a fleet of Apple devices that could greatly benefit from creating an Apple Business Manager account utilizing Automated Device Enrollment. Luckily for these newbie organizations that are a little late to the game, Apple makes adding your already-owned Apple devices to your ABM account possible using Apple Configurator version 2.5 and newer.
iPhone, iPad, iPod touch, and Apple TV devices (iOS) can all be added to ABM using Apple Configurator for Mac. Mac computers with Apple silicon or the Apple T2 security chip (macOS) can be added using Apple Configurator for iPhone.
Easy tip when it comes to using Configurator: If you want to add a Mac to ABM, use the mobile Configurator app on an iPhone. If you want to add an iPhone to ABM, you can use the Configurator app on a Mac. |
Once a device has been added, users have a 30-day provisional period where the device can be released from ABM, supervision, and mobile device management.
If you want to learn more, we've created a video about enrolling in SimpleMDM with Apple Automated Enrollment. 🤓
How does BYOD work with ADE?
Bring your own device (BYOD) allows users to use their personally owned equipment to conduct work activities. A BYOD policy can be excellent for organizations and users. It reduces equipment costs for organizations and enables users to continue using the devices they know and love. However, managing BYOD devices can be complicated because organizations need more control over user-owned devices.
While many MDM solutions support BYOD environments, Apple recommends using Apple Business Manager and Automated Device Enrollment for organizationally owned devices rather than BYOD devices. BYOD environments can leverage User Enrollment, which gives organizations control over their owned data and apps while offering users privacy over their content.
How to connect Apple Business Manager and configure ADE to SimpleMDM
Connect
SimpleMDM must link to your Apple Business Manager account to configure devices automatically.
You can accomplish this in a few simple steps:
Sign in to SimpleMDM and click the Devices link on the left-hand side of the screen.
Click the blue Enroll Devices button on the top right side of the screen.
On the Enrollments page, click the Enrollments tab. Then click the Add Enrollment button at the top right of the screen.
On the drop-down menu, click Automated Enrollment (DEP).
Follow the on-screen steps to guide you through the certificate exchange process.
Once you have uploaded your Apple server token, SimpleMDM will link to your Apple Business Manager account.
Once this certificate is uploaded, your Apple Business Manager account is successfully linked.
Configure
Linking Apple Business Manager to SimpleMDM establishes a communication channel between the two services.
Next, make SimpleMDM aware of the devices in your Apple Business Manager account.
Assign your devices to the SimpleMDM server within the Apple Business Manager portal. This action grants SimpleMDM the ability to see these devices.
Within SimpleMDM, return to the ADE interface by clicking Devices and then the Enrollments submenu option. Select the Apple ADE tab. Click the Sync with Apple button.
This will cause SimpleMDM to communicate with your Apple Business Manager account and become aware of any new devices you have added
Loading...
FAQs about Apple's Automated Device Enrollment
Can Apple Watch be enrolled in ADE?
The Apple Watch cannot be enrolled directly in Apple's Automated Device Enrollment. Instead, it relies on being paired with an iPhone enrolled through Automated Device Enrollment. The Apple Watch indirectly gets its management profiles and policies from the paired iPhone.
Is the Apple Device Enrollment program free?
Yes, the Apple Device Enrollment program is entirely free. All you need is a D-U-N-S Number to create your ABM account.
Is Apple's Automated Device Enrollment the same as DEP?
Yes, Apple ADE is the same as Apple DEP; it was just rebranded. DEP was the initial term for the Apple Deployment Program. However, Apple renamed it Automated Device Enrollment to move towards a unified platform in Apple Business Manager/Apple School Manager.
What if I already have devices in use that I want to enroll in ADE?
You can enroll your existing decives in ADE, but you must fully erase the device to achieve successful enrollment. All devices must be entirely erased at the initial Setup Assistant screen to go through ADE.
You can manually enroll devices already in use in MDM. However, the level of management capabilities and the "unremovable" MDM profile are only available for devices enrolled in Automated Device Enrollment.
Do I need to pay for Apple Business Essentials to use Apple Business Manager?
No, ABM is a separate service from ABE. You do not need to pay for ABE to utilize ADE.
Make life easier for your IT team and end users with Automated Device Enrollment.
With Apple's Automated Device Enrollment and SimpleMDM, managing both on-prem and remote devices is easy peasy. Directly shipping managed devices from distributors and out-of-the-box enrollment eliminates all your onboarding woes.
So what are you waiting for? Give ADE a spin with a free 30-day trial of SimpleMDM today, and you can use the extra time you save setting up computers to sip whisky by the fire. 🥃🔥
