Apple Business Manager, sometimes referred to as ABM, is a program that integrates with SimpleMDM to provide additional control over the enrollment of devices, the distribution of app and media licenses, and account management. Apple Business Manager became publicly available in 2018 as a natural consolidation of the Apple Volume Purchase Program (VPP) and Apple Automated Enrollment Program (ADE, formerly DEP) portals. Learn more about Apple Business Manager and how it simplifies information technology administration.
App and book licensing
Apple Business Manager allows companies to purchase app licenses directly from Apple. A company then assigns licenses to employees by associating the license with their Apple ID or with a device via the serial number. This allows an employee to install an app without first purchasing it through the Apple App Store. It also permits a business to recover a license from an employee or device in the future and use it elsewhere.
The program has also grown to include books. Companies purchase licenses for digital books and push them to employee devices for distribution.
Locations
Apple Business Manager includes a feature that allows businesses with multiple locations or units to create designated Locations and divide their app and book licenses across them. By partitioning licenses into logical groups, an organization can ensure that a specified number of licenses are available to a particular business unit or location.
Each location has its own VPP token, which SimpleMDM uses to access the associated licenses. Depending on their needs, organizations may link just one location or any number of locations with a SimpleMDM account.
Store credit
A business may have a specific internal procurement process requiring a quote, purchase order, and invoice. This process quickly becomes cumbersome when you need to buy even a relatively small number of app or book licenses. Apple’s Volume Credit feature provides an alternative by allowing a business to buy credits in advance and later redeem them for app and book licenses. Volume Credit is purchased using a standard purchase order (PO) process and then applied to an account.
Device enrollment
Apple Business Manager allows simple device setup through several convenient methods.
Configured before unboxing
Automated Device Enrollment allows a business to configure the initial startup behavior of newly purchased devices and those that have been wiped. In conjunction with SimpleMDM, a device can be configured to skip setup screens during Setup Assistant, automatically install software, and meet company security guidelines. Automated Device Enrollment enables a true zero-touch device setup workflow, allowing an organization to drop-ship new hardware to employees or repurpose existing hardware without IT needing to set it up first.
Register your own orders
In the days of yore (in other words, the Apple DEP portal), administrators used to need to rely on Apple or the Apple authorized reseller to register new device purchases and make the new device serial numbers available for assignment to an MDM.
With Apple Business Manager, administrators can now add orders directly through the interface themselves using either an Apple customer number or an Apple reseller number associated with an ABM account.
Assignment by device type
Previously, administrators chose a default MDM server to assign all newly added devices. Now, administrators assign a default MDM server for each device type, currently distinguishing between Apple TV, iPad, iPhone, iPod, and Mac devices using Apple Configurator 2. This can simplify server management.
Managed Apple IDs
A Managed Apple ID (MAID) is an Apple ID owned by an organization instead of an individual. Managed Apple IDs are currently used in two ways:
Administrators: Assigned Managed Apple IDs to sign in to Apple Business Manager and manage accounts.
Employees: Use Managed Apple IDs when enrolling their device to an MDM via User Enrollment. The Managed Apple ID is used to authenticate the user, control access, and provide app and book licenses.
Within Apple Business Manager, administrators register domain names (yourbusiness.com, for example). Apple IDs with these domains are then generated within the interface.
For companies using Microsoft Azure Active Directory (Azure AD) or Google Workspace, Apple Business Manager supports federated authentication. By linking Azure AD or Google Workspace to Apple Business Manager, employees can use their existing credentials as Managed Apple IDs.
Roles
Apple Business Manager permits granting access to multiple administrators for an organization. Predefined roles with varying levels of permissions allow for more efficient operations. Depending on the role, a manager could deploy devices, push out content, set restrictions, and more. User classes include Staff, Device Manager, Content Manager, and People Manager.
Apple Business Essentials
Apple Business Essentials is a subscription service that combines the functionality of Apple Business Manager with additional support and iCloud storage for convenient device management. However, this tool is designed for small businesses, and many companies prefer a more powerful MDM solution.
Apple Business Manager vs. Apple School Manager
Apple School Manager is very similar to Apple Business Manager in that it enables administrators to configure devices and distribute content. However, it also has additional features designed for an educational setting, such as assignable roles for students and instructors, the potential for integration with a Student Information System (SIS), remote app locking during class, and a Classroom App that enables iPad-based instruction.
Apple Business Manager: Costs
Apple Business Manager is free, so there’s no good excuse not to use it. However, it’s best used in conjunction with a high-quality MDM solution, so you may have some associated expenses.
Verify Apple ID domains with Apple Business Manager
As of December 2021, administrators must now verify the domains associated with any Apple Business Manager account by proving the company owns the domain. You can do this by providing a TXT record to the DNS zone file. The verification process consists of the following steps:
Sign in to Apple Business Manager from an account with an Administrator or People Manager role.
Click the user’s name at the bottom of the sidebar, then click Preferences, then Accounts.
In the Domains section, click Add Domain. Add your desired domain, then click Continue.
Click Verify. A TXT record appears. Click Copy.
Paste the TXT record into your DNS zone file.
Finalize the verification by confirming that TXT record was added. Remove the TXT record from the DNS zone file after verification is complete.
Release devices from Apple Business Manager
You can release devices through your MDM solution or via Apple Business Manager. This may be critical if a device is lost or stolen. The Apple Business Manager device release process includes these steps:
Sign in to Apple Business Manager from an account with an Administrator or Device Enrollment Manager role.
In the sidebar, click Devices. Search the target device based on the serial number, order number, or CSV file.
Select the device or devices you want to release. Read the dialogue.
Select Release Devices.
Read the additional dialogue. Tick the box next to I understand that this cannot be undone.
Click Release.
Interested in taking Apple Business Manager for a spin? Start a trial with SimpleMDM and receive a fully functional account within minutes.
Part writer, part sysadmin fangirl, Meredith gets her kicks diving into the depths of IT lore. When she's not spending quality time behind a computer screen, she's probably curled up under a blanket, silently contemplating the efficacy of napping.
Related articles
