My Apple push notification cert is expiring in 7 days so I went to renew it. I have the Apple ID and password used to create the cert but when I try to login to the APNS portal, it requires two factor authorization. I do not have access to the trusted device for that Apple ID nor do we have a recovery key. I realize this is probably an Apple issue but looking for help if someone has been down this path before. Thank you!
@SteveGB Yes this is an Apple issue sorry.
One thing you could do is sim swap the number used to a different device and get in that way but if someone is using that device it might annoy them.
Once you get access I would recommend setting up more that one number for use with 2FA, in my org we have a minimum of 3 numbers for Apple accounts.
Thanks @BlakeRichardson I believe the cell number is tied to a personal phone of a former employee. We have tried reaching out to him to get the PIN but no luck.
We are going to reach out to Apple but I am not very optimistic that they will help us.
Assuming neither of those pan out, we have 80 iPads out in the field that will need to be re-registered. These are all DEP devices so am I correct that these will need to be wiped and reloaded from scratch? There is no way to manually re-register a DEP device, correct?
@SteveGB Yes if the push certificate lapses then you will need to wipe every device before you can manage them again using the new push certificate.
Maybe a monetary incentive to the former employee might help. I realise thats really grapsing at straws but if 80 iPads need reconfiguring that is a good amount of someones time to do that.
Hello All! Try reaching out to your local Apple store. They have been a great point of contact and very helpful for me.
Ex employee came through and we successfully renewed the cert. Thank you for all your help!
Glad to hear. The certificates can be a real pain.
@SteveGB did you update the 2FA number for the account at the same time?
@BlakeRichardson Yes, sure did. He created an Apple ID just for the push certificate and we did not have the Apple ID in our records anywhere. There is a field on the Meraki Organization/MDM page for the AppleID used to create the certificate. However, this field is simply notational and there is no validation behind it - it is just a reminder. Furthermore, if you click update in this section, Chrome Autofill will try to write your user id into this field. Thankfully this field is tracked in the Change Log and I was able to go back into the log and find the original AppleID that he had entered.