Do you plan on using this iPhone in production in the future and would want it to be in DEP? To make your life easier, I would just remove the device from the DEP profile in Meraki. You need to do this prior to doing a factory reset -- the DEP configuration comes down once the device is activated (once you start setup).   Another option is to remove it from the DEP scope and then remove it from Apple Business/School Manager by either (a) removing it from scope of the Meraki server or (b) fully removing it from DEP.     ... View more

@Paul_CELP How is your DEP enrollment setup in Systems Manager? Are the devices added to that enrollment. I haven't done a direct phone transfer, but if your DEP enrollment is properly setup and allocated to the correct devices it should force them at the end of the transfer to enroll. You need to make sure that you are making enrollment mandatory and the MDM profile non-removable.   While I have never directly done so... I have worked with iCloud backups... My recommendation to you is to get your folks in the habit of using iCloud backup and having it configured. Are phones are heavily restricted so they use little data and only the apps I push out so the 5gb isn't and issue for us. I know when I take a backup of phone "A" and restore it on phone "B" during setup phone "B" goes through DEP after that backup is restored. ... View more

I agree with all of the above. The big thing for us is infrastructure. We ditched our last server in 2007 and all of our services are hosted. Meraki was one of the first to offer a hosted MDM suite and is one of few currently offering a camera suite w/o the need for an NVR. The cost is a little more, but for a smaller team makes more sense in my eyes. ... View more

The Meraki agent is generally broken. I would say that is the culprit of this specific problem. ... View more

@licenseNOW   When a license is assigned to a device, it is revocable. Navigate to Systems Manager > VPP (under "Manage" Heading) and check the app you are having problems with then click "Edit Auto Management" and check the following options. Finally, click Apply changes and your license count should update. I prefer to apply these options to all app I place in Self Service for users. ... View more

I haven't come across that specific error, but the things that usually pop out to me are APN certificates or a network problem (something is blocking Meraki/Apple from syncing down the profile). Seeing that anything prior to 10.13.4 is enrolling, I am pretty sure you can rule those out. The only other option I could think of is to manually retrieve the profile from dashboard instead of running manual enrollment from m.meraki.com. Another option would to be a force install of the profile via the command line. ... View more

I would look into USB tethering. I believe it was released in iOS 11 last year. ... View more

Block Apple update servers on your network if you don’t want people updating. Then setup a policy to alert you if anybody circumvents and updates. ... View more

I know the bluetooth restriction locks the toggle off if it is set to off when the configuration profile is pushed. But it doesn't allow other devices to be paired? Very stupid on Apple's part. Would it be possible to use the Meraki API to send the bluetooth on command to all devices every "x" minutes? I would set it to two minutes and eventually people would just get tired of turning it off.  ... View more

I am curious to also know what Valicert is. A quick Google search shows it has something to do with GoDaddy as @MRCUR stated. According to some post, it was something in the 1990s that is now being phased out do to encryption standards.  ... View more

Happy Birthday, Meraki Community! ... View more

@Josh3 DEP and VPP are all now under "Apple Business". No Apple IDs are required for each device. You can use device based app installation and either make the apps available in the Meraki MDM app for the user to install or install them on demand. ... View more

We don't have a large amount of Macs. But this is our procedure. The device is assigned to the user with there AD credentials (during DEP) and the appropriate profiles and apps come down. During setup, the local account is an admin account (we call it "techlocal") is created. After verifying that the AD bind was successful (configuration profile) and the login page profile came down, we hand it over to the user - they login with there AD credentials and a mobile account is created. Anytime they are on the corporate network, we rsync via a script at login all there local data (Files on the Desktop, Documents, Photos, Videos) onto there network home (stored in an SMB share). The network home acts as a backup for there data. We played with the idea of ditching AD and using something like NoMAD to "lose the bind", but keep the benefits of AD (kerebos), but decided against it as we have no problem with AD. ... View more

You could use create user PKG, but I would be very careful and make sure SM recognizes it as installed! ... View more

I am 95% sure that G Suite authentication cannot be used with Meraki. While it might be a pain, I would move all your Apple devices into a separate network and disable authentication.  ... View more

It is DEP, they don't exactly "auto configure", the device is setup in Meraki to receive certain apps or profiles.   ... View more

Looping in @Melissa to see if engineering is aware. ... View more

I am seeing this. I did an app inventory on a device and suddenly, all catalogued apps came down. I am nervous that as soon as devices begin inventorying that apps are going to start coming down. ... View more

Triggering the activation in Apple Configurator 2 before handing the user the iPad has helped. I have noticed this delay also. ... View more