Enrolling DEP iOS devices

AnitaF
Here to help

Enrolling DEP iOS devices

Hi, All...I just spoke with support and was told we can no longer assign a user to a DEP device until the device is fully enrolled in SM.  You can't click on the device in the "DEP" view to modify its name or owner any longer.  Am I the only one who finds this a full step backward?

6 REPLIES 6
beks88
A model citizen

Why not using MDM authentication and let SM assign the user automatically?

The whole point of DEP is to avoid the need for additional credentials for the user.  I'm trying to get away from this model....

beks88
A model citizen

Letting users enter an MDM without authentication is considered as a security vulnerability.

If for example an employee looses his phone, everyone could enter the MDM by just wiping and activating the phone again.

And in your case, there would be already a user flagged and depending on your settings the finder could gain access to company data which is provided by user tags etc.

 

If you bind your Active Directory to SM, your users can use their known credentials. Maybe this could help you rethink your approach

https://documentation.meraki.com/SM/Other_Topics/Systems_Manager_Glossary_of_Terms/Single_Sign_On_Ex...

 

BlakeRichardson
Kind of a big deal
Kind of a big deal

Hmmm I've just checked and yes that appears to be the way it is now, I use to be able to click on the name and edit the devices information but it appears to no longer be clickable text now. 

 

 

I get this error if I try and search for the serial number of a device thats not fully enrolled in SM

 

Screen Shot 2020-07-17 at 8.58.39 AM.png

@BlakeRichardson 

 

One of the biggest problems with these devices no longer "existing" is that if there is an activation lock you cannot clear it from the device through Meraki.

Found this helpful? Give me some Kudos! (click on the little up-arrow below)
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels