To my knowledge, there is no "silent" way to do this.   Maybe one of these two tries can help you out, test it on two different devices   First try: If the devices are in DEP, link them to Meraki In Meraki dashboard, download the SM agent In Jamf push the agent to the devices In Jamf push a script, which opens the Meraki enrollment link in the default browser -> User interaction needed. After device finishes syncing in Meraki, unenroll it from Jamf   Second try: If the devices are in DEP, link them to Meraki. In Jamf prepare a script, which calls the following command   10.13.4 or lower sudo /usr/libexec/mdmclient dep nag     macOS 10.14 or higher sudo profiles renew -type enrollment     This should trigger a DEP notification and users will be able to enroll in Meraki -> User interaction needed After device finishes syncing in Meraki, unenroll it from Jamf   I'm not sure if it's possible to have MDM profiles from different providers. I think they'll access the same API on the devices, could cause more troubles than you would like. ... View more

I've opened a case about this bug, maybe do it as well and let them link your case to mine 🙂 04684676   I'll try also to contact our Meraki representative, since this was a killer feature in the last two competitions when trying to sell Meraki vs other MDM solutions.   One thing is the bug detected and discussed here, the other thing, it seems not to be a high prio on the development road. No one made a response to my first thread and the feature firstly had been announced on the WWDC18. A native support by Meraki would be nice, but in first we need a solution for the bug here. ... View more

case opened,  04684676   @MeredithW or @Noah_Salzman can you link this thread with the one from my last post? ... View more

No success on getting it run. Always the same issue as detailed above.   Just wondering, why my old profile got installed a few months ago. Now I even can't install the old profile too. ... View more

Linking to another thread   https://community.meraki.com/t5/Endpoint-Management-Systems/Exchange-online-Microsoft-Office-365-not-working-when-pushed/m-p/54529#M5112 ... View more

Hi,   hanging in here in addition to my original thread https://community.meraki.com/t5/Endpoint-Management-Systems/Feature-Request-macOS-EWS-support/m-p/39496   I'm also trying to get this run. Had the same issue as you on Mojave. But now I even can't get the profile installed. Meraki answers with Error:71 "Payload needs to be in a user profile".   According to Apple docs https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf <PayloadScope> is optional and per default User scoped.   Have you figured out how to get this run?   This is my .mobilconfig, as you can see very simple. (feel free to use it, just add your own identifiers)     <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>EmailAddress</key> <string>$OWNERMAIL</string> <key>PayloadDisplayName</key> <string>Exchange</string> <key>PayloadIdentifier</key> <string>com.company.macos.exchange.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX.com.apple.ews.account.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string> <key>PayloadOrganization</key> <string></string> <key>PayloadType</key> <string>com.apple.ews.account</string> <key>PayloadUUID</key> <string>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string> <key>PayloadVersion</key> <integer>1</integer> <key>UserName</key> <string>$OWNERUSERNAME</string> </dict> </array> <key>PayloadDisplayName</key> <string>EWS_macOS</string> <key>PayloadIdentifier</key> <string>com.company.macos.exchange.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string> <key>PayloadOrganization</key> <string>Organization Name</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string> <key>PayloadVersion</key> <integer>1</integer> </dict> </plist>     ... View more

Just to clarify, are you using one Meraki user for all these phones or every phone has it's own Meraki user?   Have you enrolled to Android Enterprise in Meraki? ... View more

Do you use one user account for all devices or a bigger number of devices for one user account? ... View more

Thanks @Yuya already took a look on this and will give it a try with a smaller customer. But that's not the point I'm asking for. Even though in this case I would miss Merakis statement if we'll be able to import users from Business Manager, so they can authenticate against SM and will show up in owners so I'm able to use the owners mail to set up his account on his device. ... View more

Since you have to click renew on both sides, Apple and Meraki, I would say yes it will break things. But I can't confirm it. Since you always have to tell which Apple ID had been used for creation the cert is bind to the AppleID aswell. Is the mail used for this Apple ID a private one or company/school wide? Maybe give it a try on a different MDM (with some free testing period)?   Check out this KB from G-Suite ^^ https://support.google.com/a/answer/7628860?hl=en   ... View more

It's not as much confusing as you think :). We have for different device use cases different SM networks/instances (name it how you like). The only thing you have to do is to assign the devices manually to the desired MDM (in this case network/instance). ... View more

So my initial solution doesn't work for another device.   Freshly installed Mac, VPP is device assigned and getting same error again. Some apps worked after multiple reinstall commands, some still answer with same error. ... View more

OK, but what is meant with this point   Use the certificates in the AnchorCerts property of the Profile to pin the host to the certificates.   I apologize if I shall go to Apple with my questions, just trying to understand this. ... View more

Yes, I noticed that it's not possible in SM, just wanted to know if I missed a setting in SM, if already someone tried the same and if it's on the roadmap of the developing team. ... View more

I'm not talking about devices, I'm talking about accounts, which can be created in Apple School Manager and synced to Systems Manager or another MDM. Systems Manager f.e. syncs all available accounts from Apple School Manager. In jamfSCHOOL you can choose from which location to sync accounts. Expecting you have a school in location A and a school in location B. Both use the same School Manager but have two IT departments. Department A manages location A in Systems Manager and department B manages location B in jamfSCHOOL. As of current state, Systems Manager will have teacher and student accounts synced from location A and B. ... View more

@Noah_Salzman Your understanding may be right, but I‘m still missing how to combine/fetch the DEP token and certificate since these are coming from Meraki, aren‘t they?   I‘ve added the Apple docs link to my OP for the sale of simplicity ... View more

@Kevin_C Today I just noticed, that now I can connect my Apple Business Manager with my Organizations Azure AD. Before starting with it I would like to know if there is any progress at Meraki, how this will affect enrollment authentication and enrollment at all. Is it independent from the enrollment? Currently I know, that the new feature "User Enrollment" will only be possible with a managed Apple ID. ... View more

Will wait a bit, maybe someone from Team Meraki replies on this 🙂 ... View more

I know it's an old thread, but I just experienced the same error on one machine and want to ad my solution to this thread for searching purposes.   Solved the problem by reinstalling the SM client on the machine manually. I'm not sure if the client got corrupted by the last macOS update (10.15.1) but it looks like so, because installations worked fine before. ... View more

@cmr I‘m talking about Systems Manager, can‘t reboot devices there. Had a case just a few days ago where it would been helpful. ... View more