It's not as much confusing as you think :). We have for different device use cases different SM networks/instances (name it how you like). The only thing you have to do is to assign the devices manually to the desired MDM (in this case network/instance). ... View more

So my initial solution doesn't work for another device.   Freshly installed Mac, VPP is device assigned and getting same error again. Some apps worked after multiple reinstall commands, some still answer with same error. ... View more

OK, but what is meant with this point   Use the certificates in the AnchorCerts property of the Profile to pin the host to the certificates.   I apologize if I shall go to Apple with my questions, just trying to understand this. ... View more

Yes, I noticed that it's not possible in SM, just wanted to know if I missed a setting in SM, if already someone tried the same and if it's on the roadmap of the developing team. ... View more

I'm not talking about devices, I'm talking about accounts, which can be created in Apple School Manager and synced to Systems Manager or another MDM. Systems Manager f.e. syncs all available accounts from Apple School Manager. In jamfSCHOOL you can choose from which location to sync accounts. Expecting you have a school in location A and a school in location B. Both use the same School Manager but have two IT departments. Department A manages location A in Systems Manager and department B manages location B in jamfSCHOOL. As of current state, Systems Manager will have teacher and student accounts synced from location A and B. ... View more

@Noah_Salzman Your understanding may be right, but I‘m still missing how to combine/fetch the DEP token and certificate since these are coming from Meraki, aren‘t they?   I‘ve added the Apple docs link to my OP for the sale of simplicity ... View more

Will wait a bit, maybe someone from Team Meraki replies on this 🙂 ... View more

I know it's an old thread, but I just experienced the same error on one machine and want to ad my solution to this thread for searching purposes.   Solved the problem by reinstalling the SM client on the machine manually. I'm not sure if the client got corrupted by the last macOS update (10.15.1) but it looks like so, because installations worked fine before. ... View more

@cmr I‘m talking about Systems Manager, can‘t reboot devices there. Had a case just a few days ago where it would been helpful. ... View more

Yes I had it already in the same profile, same issue. I also think it has something to do with the order of profile installation, but I didn‘t managed to narrow it down. Only thing that worked fine was waiting for all profiles to be installed and then activate/install single app mode.   I even don‘t think it has an alphabetical order, because I think I‘ve read somewhere In the Apple docs that the installations have to be asynchronous ... View more

using iPhone and haven't found any setting regarding TouchID/FaceID, but good to know it works on Android 🙂 ... View more

I was very happy when I saw the App has an update to install. Since the SM is my main job, would be great to be able to send a restart device command through the app. For now I still have to use the browser :). Still hoping on getting TouchID/FaceID support for log in Kudo for getting more focus on the mobile app again ... View more

@BlakeRichardson    Will give it a try, the problem we face in this case, we need to hide the URL from the searchbar. That's why we use webclip in full screen view ... View more

But according to this info, I would need to allow modification, set the name through dashboard and disallow modification again.     Or do you guys have a workflow to share? We would like to set device names to users username automatically 🙂 and they shouldn't be able to modify it. ... View more

Try to enroll a device with a default user who has all groups attached in AD, then click sync AD groups. ... View more

But is this still true? Haven't checked it   "iOS devices enrolling through DEP currently do not support enrolling with Azure AD, OpenID, and Google Oauth enrollment authentication. They will fall back to Meraki managed authentication and require Meraki owner accounts to authenticate if your Systems Manager network is configured with one of these methods. Note that these three methods will also not provide any group tag metadata like local Active Directory integration will."   Just in case his usecase involves DEP ... View more

Kudoed to signal the importance 🙂 ... View more

But how will users be able to change their password if they come over DEP enrollment and SSP is disabled, just as an example 🙂 ... View more

Never used Free Meraki, but is Free Meraki getting updated to support the Apple Business Manager migration?   Apple is discontinuing the old portals deploy.apple.com and vpp.itunes.apple.com. Could this affect Free Meraki because of the tokens? ... View more

Maybe try to contact support or check the APIs. This is a big number of users ... View more

Just recognized, the map is showing now a correct map and location and it does not zoom out to nirvana anymore.   OSX 10.14.6 Safari 12.1.2   Anyone can confirm? ... View more