Apple MDM and DEP

MoralesAFD
Comes here often

Apple MDM and DEP

Does anyone know if it is possible to have both the Apple MDM and the Apple DEP Servers setup simultaneously?

We currently have our ipads using the Apple MDM feature. We recently enrolled in the Apple Device Enrollment Program (DEP) and want to start using that feature. When I go to the business.apple.com website and try to set up my new MDM server I get a message saying that "Downloading a new server token will reset your existing one". Does anyone have both the MDM and the DEP setup? 

7 REPLIES 7
msosa
Getting noticed

Hello, the IOS devices only supports one MDM server, so it is not possible to have both at the same time 😞

MoralesAFD
Comes here often

@msosa thank you for your response. I do not one to set up an ios device to use both. I simply want to have both options available in Meraki. So that new devices I add to the network can be added to the Apple DEP and not the MDM. My concern is that if I enable Apple DEP my current MDM devices will need to be re-enrolled. 

Oh ok!, At the business apple portal you can set different MDM servers linked to your DEP devices. I have a customer who has their DEP account with another MDM provider (airwach), and now is testing Meraki SM, so he add it as another MDM service and select only a couple devices  that will be managed by SM on this trial.

 

   The definition about which MDM service will manage a device is done at the business apple portal, and those devices declared there, will be enrolled to te Meraki SM automatically. I don´t know if there is an option to set a default MDM server for each new device added to your DEP account, but it is probably.  I hope this information helps.

@MoralesAFD  you can manually assign device to which ever MDM you use or you can automatically assign them based on device type.

 

We use Meraki SM for iOS devices and Jamf for our MacOS devices. 

@MoralesAFD you have now devices enrolled to MDM (is this Meraki?) and you want to enroll them to the DEP but don't want anything to happen to the devices?

 

Device ALPHA is in MDM but not in DEP?

You want to add device ALPHA in DEP but don't want to re-enroll it?

 

If my assumption is correct, then yes this is possible;

 

1. You can leave this device in DEP and not assigned to any MDM. Nothing will happen to the device

2. You can assign this device to a MDM but without pushing any DEP setting to this device. Nothing will happen to the device

3. You can assign this device to a MDM and assign DEP settings to it. At first nothing will happen to the device. This will only be applied to the device on factory reset, resulting in device enrolling in MDM through DEP.

@beks88 

 

Thanks for the replies. Let me clarify. We currently use Meraki MDM for our iOS devices. We recently enrolled in the Apple DEP program since we want to take advantage of the ability to prevent a device's management profile to be removed in case the ipad gets lost or stolen. If I am understanding correctly, currently, if one of our iPads gets stolen anyone can reset the ipad to factory defaults and get rid of the Meraki MDM profile. Hence why we want to use DEP. 

 

Device A is enrolled in MDM and has the profile installed.

We purchase Device B and want to enroll it in DEP, not MDM. 

Will Device A be affected at all? Will it be removed from the MDM?

 

My worry is that when I download the token from Apple, the MDM in the same Meraki network will no longer work causing issues with the device currently enrolled.

 

 

No it won't cause issues. The token is just a handshake between DEP and MDM. The devices get through push notification an info which MDM they belong, that's it. All other things happen on the MDM side. This doesn't effect any enrolled devices

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels