Apple Manual Enrollment
Not able to use DEP?
Apple's Device Enrollment Program is great but you may find that all or some of your devices aren't showing in Apple School Manager or Apple Business Manager. Devices are usually excluded because they were not purchased directly from Apple or an Authorized Reseller. iOS device capable of running iOS 11+ can be manually added to your ASM/ABM account but unfortunately this not yet an option for macOS. This section covers several manual enrollment methods and why you might need to leverage them.
Add iOS devices to ASM/ABM using Apple Configurator 2
If you have an iOS 11+ or tvOS 11+ device that was not originally purchased from Apple or an Apple Authorized Reseller, you can manually add the device to ASM/ABM using Apple Configurator 2. Please first review Apple's documentation here followed by FileWave Knowledge Base article here for more FileWave-specific processes. Once the device has been added to ASM/ABM you can take advantage of DEP for any future enrollments of this device.
MDM enroll iOS or macOS using URL Enrollment
If you are unable to enroll devices using DEP, you can still MDM enroll an iOS or macOS device using FileWave's URL Enrollment method. This method is commonly used to allow an end-user to MDM enroll a previously configured device without the need for a Factory Reset. The one downside to this enrollment method is that the end-user will have the ability to remove the MDM Profile and unenroll their device from the FileWave MDM. This process also requires the macOS users to have Administrator privileges in order to install the MDM Profile.
If getting authentication required during enrollment, please review this section to learn how to disable URL enrollment authentication.
macOS URL Enrollment
iOS URL Enrollment
iOS User Enrollment (BYOD)
Starting with iOS 13, FileWave allows your end-users to enroll using User Enrollment. This is a new form of BYOD enrollment that allows your organization to deploy VPP applications to the devices while keeping other end-user data private from the MDM. This method also required the use of Managed Apple IDs configured in either Apple School Manager or Apple Business Manager.
For more in-depth information and setup of iOS User Enrollment, please consult the following FileWave Knowledge Base article iOS BYOD User Enrollment. This article contains a video walk though of the enrollment process along with the limitations of iOS User Enrollment.
Enroll non-MDM macOS Client
Enrolling a macOS device outside of the MDM is possible although it is unrecommended. To enroll a non-MDM macOS device into FileWave, you will need to simply install the FileWave Client PKG using a macOS Administrator account.
Features unavailable with non-MDM macOS enrollment
|
Features available with non-MDM macOS enrollment
|
Generate a custom FileWave Client PKG
- Open the FileWave Customer Installer Builder for macOS.
- Fill out the settings accordingly.
- Click the "Build" button and wait for the automatic download.
- Extract ZIP and install the customized FileWave Client PKG.
Mandatory Settings |
Product Version = Your FileWave Server Version |
Sync Computer Name = macOS Hostname will be FileWave Client Name (recommended) |
Server Name = Fully Qualified Domain Name of your FileWave Server |
Server Port = 20015 (do not modify) |
Client Password = Password used to change individual Client Preferences |
Optional Settings |
Is Tracking = Is Location Tracking Enabled for macOS Clients |
Monitor Port = Port used for FileWave Client Monitor (do not modify) |
Overwrite Configuration = Overwrite any existing FileWave Client configuration with settings entered here (recommended) |
Remotecontrol Enabled = Screen-sharing enabled for macOS Clients |
Remotecontrol Prompting = Whether or not to Prompt the end-user before starting screen-sharing session |
Server Certificate = Only upload certificate is using a Self-Signed Certificate; not required for CA-signed certificate |
Server Publish Port = 20005 (do not modify) |
Tickle Interval = Idle time for macOS Clients before checking for new Model Update (do not modify) |
Vnc Relay Port = 20030 (do not modify) |
Vnc Server Port = 20031 (do not modify) |
Booster Settings |
Initially you may want to make an installer that does not include Boosters. Read more about them here: Boosters |