Remote Management Username & Password

Refyne
Comes here often

Remote Management Username & Password

I have 4 devices enrolled in Apple Business Manager and Meraki DEP. I setup all 4 devices and profiles were pushed. The profiles installed however the managed Apple ID's I created could not install the free apps I had selected.

 

While trying to figure this issue out, I changed some settings. Now when factory reset or push a profile down to an IPad, I get asked by Remote Management for a Username and Password. I've determined this was in SM-Configuration- General-End User Authorization Settings and Owners. I've created usernames and passwords for the 3 staff which now pushes me through this stage. However, now the devices show up and unsupervised and I get told the Apple ID's can not download apps.

 

Basically at a complete loss on how to reset the general configurations to factory defaults. I can not select Disabled: deprecated, configure in SM Enrolment Settings.

 

I want to send IPads to staff, the IPad's turn on and pull down the profile and free apps I have identified. Nothing fancy 🙂

 

Any help would be greatly appreciated!!

17 REPLIES 17
BlakeRichardson
Kind of a big deal

@Refyne  if you are using DEP you shouldn't be asked to enter a users credentials for setup a device..... If the device was erased without clearing the activation lock you will need to enter in the Apple ID of the DEP account used with SM to proceed past the activation lock.

 

In regard to the app's not installing have you set the apps to use user licensing and not device licensing? Have you also scoped the apps to the users?

 

Scoped apps usually auto install and don't require interaction from the end user. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI

@BlakeRichardson 

I also experienced this problem.
This problem is because Meraki has deprecated the function to enroll without authentication at the time of enrollment after erase/reset of the mobile device.

Notification_Center.jpg


As above, the existing 'disable' setting has been deprecated.
Due to this problem, login became necessary after erase/reset the device,
I think this cannot be a true ZTP and security is an important issue.
However, it must provide users with options to choose from.
 
Currently, I have opened the case for this problem.

Thanks for the information! We are experiencing this problem too, but we can't find any credentials that work so we are getting stuck at that prompt. Also opened a case, 06717625. We have skids of new devices waiting to get setup by volunteers without any credentials.  Did Meraki forget about DEP?

 

Update: We have a tech calling into Meraki Support (at their request) with a macbook in hand to walk through the issue.

Brian_M
Conversationalist

Thanks @Shany for the information.  I've also opened a ticket.  Was there any warning that this change was about to happen?  It is causing some major issues for us.

SSDD
Comes here often

HI, 

 

I have a similar issue, I have enrolled 8 devices out of the box with no issues, and when I enrol my next one I was prompted with a username and password. I am have checked all my settings and we don't use AD for user Authentication. Can any please help?

 

Thanks

BrianBuchanan
Here to help

Our workaround is

1. System Manager, Owners

2. Add Owner

3. Full Name: a

4. E-mail: a@a.com

5. Username: a

6. Password: a

 

Entering a@a.com with the password a at the Remote Management screen gets past that.

 

Tech support wasn't able to help immediately.  They might escalate the issue if enough feedback is generated.

Just submitted a ticket for this exact issue over an hour ago.  

 

Setting up new owners is simply NOT an option we should have to do.

 

They need to resolve this ASAP! 

BrianNelson
Conversationalist

I'm having this issue also, and submitted a ticker prior to finding this thread.

 

I tried this workaround early this afternoon (using a different username and password), and it still isn't recognizing that user. Admittedly, I created the user after I had initiated the erase/reenroll, but I would still think that should work.

R2B2
Conversationalist

BrianNelson, if you have a MacBook and haven't already tried it, I'd imagine if you forced a wipe from the Macbook and re-did the activation reach out it would hopefully notice that new account you created.  But I don't think once you get to this Auth screen just going back to the Region settings will cause it to reach back out again. 

 

But again,  this is clearly a bug related to them deprecating the previous setting for being able to DISABLE auth entirely and it's not recognizing or caring if we have Authentication disabled or not. 

Duke_Nukem
Here to help

Having the same issue here (using the Legacy/free version).  Creating a managed Meraki owner account was able to get us past it.  For now...

FYI,

 

I got this response on my support ticket this evening:

 

"Thank you for that information Brian and we apologize for this inconvenience, this is part of a recent issue found and our development team is working on a fix for this, I have attached this to the parent case and will reach out to you with updates concerning this."

 
Refyne
Comes here often

So, i've been away from this post for a few days doing trail and error and have learned a few things. From comments in this thread I see this is not an issue I created but a Meraki create error (now i don't feel as dumb...just dumb that i wasted 3-4 days of vacation trying to find what I done that created the issue).

 

So, I suspect this issue was created to solve another problem. Ensuring a user has company credentials, ensures that if a porch pirate robs a new iPad from a staff members porch, the pirate can not enter the device.....or thats what I think anyway.

 

As @BrianBuchanan and others have stated, the work around is to go to system manager (i done so on a Macbook), owners and create an ID.

 

BrianBuchanan's basically did the same as I determined solved this issue (for us)

Our workaround is

1. System Manager, Owners

2. Add Owner

3. Full Name: a

4. E-mail: a@a.com

5. Username: a

6. Password: a

 

Entering a@a.com with the password a at the Remote Management screen gets past that.

SSDD
Comes here often

Hello All, 

 

Just an update. I came to the office this morning, tried two new iPhone11s, All worked with no issues. I guess Meraki might have fixed the issue.

 

Can others please update if it was working for you?

 

Thanks.

Shany
Getting noticed

@SSDD 

 

I just reset the device and tried enroll again and didn't need login.
The dashboard still cannot select the 'deprecated' option and has 'Managed:Use Meraki hosted accounts' enabled, but does not require login.
Although the setting and behavior are not being the same, I think the code might have been changed at a level behind the Dashboard.
I'll keep an eye on the results of the opened case.

SSDD
Comes here often

@Shany 

 

Thanks,

 

Yes, Still I cannot choose the "deprecated" option...  Please update when you get an update from the open case.

 

Thanks,

Shany
Getting noticed

I can't tell everything about the case results, but I think this problem is completely solved.
We can understand that setting up enroll without logging in works when the Authenticatication (What is this typo? 😉 ) checkbox is empty as shown below.

General_-_Meraki_Dashboard.jpg

Please correct this typo!

 

R2B2
Conversationalist

I can also confirm this appears to be resolved. I did have to steer the Support Rep in the right direction however. I don't think they actively check these forums unfortunately. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels