Device deployment app credential issue

SOLVED
cm380151
Here to help

Device deployment app credential issue

I am looking to deploy some iPhones on a Meraki Management System we are using but am having problems. We have two Meraki accounts, so two networks. When I use one network, let’s call it A, I can deploy devices fine through Apple Configurator 2 or with the web browser and code methods alright, but I am having trouble with our less configured network, network B.

 

Network B did not have a DEP server attached, nor did it have a VPP account. I created a DEP server for it with the ASM account that is attached to A, which is also the same Apple login used for the VPP account for A. I attached the VPP account that is attached to A to B as well, as I needed licenses.

 

When I enroll the device via web browser and code, the profile installs fine and it prompts an install of the Meraki iOS management app, to which I am not required to use a password for, which is what I want. Using network B I have to put in a password to deploy any apps. The profile installs fine, but it prompts for passwords to install apps, so I know that it is trying to install them, but I am not sure how to assign credentials so that I don’t need to provide that device with an Apple ID.

 

When I install with Network A (the well-established network) via the web browser, the profile first says:

 

mobile device management

device identity certificate

 

and after install it says:

 

mdm

1 managed app

device identity cert

unknown payload

 

At no point did I have to input credentials for an account to install the app, which is the Meraki mobile app.

 

 

From Network B (the less established network), the profile first says:

 

device enrollment challenge

 

and post install it says:

 

mdm

device identity certificate

 

 

Can anyone please provide me with some guidance? This issue is quite an annoying one and I’m not sure what else to do to try and solve it.

 

 

Another question, why am I able to remove the profiles that I load via the browser so easily? It doesn’t force me to factory reset the device or anything, it just lets me remove it.

 

Thanks in advance!

 

 

1 ACCEPTED SOLUTION
BlakeRichardson
Kind of a big deal
Kind of a big deal

@cm380151  The problem is you are trying to use the same VPP account with multiple MDM's. This will not work, you need a seperate VPP account for each MDM you use. 

 

Even though A and B are both using Meraki they are still classed as two MDM instances. 

View solution in original post

4 REPLIES 4
BlakeRichardson
Kind of a big deal
Kind of a big deal

@cm380151  The problem is you are trying to use the same VPP account with multiple MDM's. This will not work, you need a seperate VPP account for each MDM you use. 

 

Even though A and B are both using Meraki they are still classed as two MDM instances. 

Hey @BlakeRichardson, thanks for that one. I was wondering if that could have been the case. How can I create a new VPP for network B via ASM? I have looked in there, and tried to google it to see if I can find how to create a second VPP account for my needs but am coming up short.

@cm380151  I am not sure how you do this anymore given Apple have fully rolled out ASM and ABM now. Apple does have a contact centre for VPP users so it might pay to call Apple support and asked to be transferred to that team. 

@BlakeRichardson  Awesome, thanks for the guidance on this!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels