Simplifying Device Enrollment and Content Distribution Using the Device Enrollment Program, the Volume Purchase Program, and the Casper Suite

Similar documents
Deploying ios Devices with the Casper Suite and Apple Configurator. Technical Paper June 2012

Administering Adobe Photoshop Touch with the Casper Suite. Technical Paper April 2012

Building a BYOD Program Using Jamf Pro. Technical Paper Jamf Pro or Later 2 February 2018

QuickStart Guide for Managing Mobile Devices. Version

Administering CrashPlan PROe with the Casper Suite. Technical Paper Casper Suite v9.0 or Later 19 August 2014

QuickStart Guide for Mobile Device Management. Version 8.7

Administering Adobe Creative Suite 5/5.5 with the Casper Suite. Technical Paper Casper Suite v9.0 or Later 8 January 2014

Administering FileVault 2 on OS X Mountain Lion with the Casper Suite. Technical Paper Casper Suite v9.0 or Later 7 January 2015

Deploying Code42 CrashPlan with Jamf Pro. Technical Paper Jamf Pro 9.0 or Later 21 January 2019

QuickStart Guide for Managing Computers. Version 9.73

QuickStart Guide for Managing Computers. Version 9.32

Casper Suite Release Notes. Version 8.7

QuickStart Guide for Managing Computers. Version

Administering FileVault 2 on OS X Mountain Lion with the Casper Suite. Technical Paper Casper Suite v August 2013

Casper Suite Release Notes. Version 8.7

QuickStart Guide for Managing Computers. Version

Installing and Configuring the Healthcare Listener. Technical Paper Casper Suite v9.98 or Later 9 March 2017

Administering Adobe Creative Suite 5/5.5 with the Casper Suite. Technical Paper Casper Suite v January 2014

Administering Adobe Creative Suite 6 with the Casper Suite. Technical Paper May 2012

Installing and Configuring the Healthcare Listener. Technical Paper Casper Suite v or Later 28 August 2017

ios Supervised Devices

Integrating with Microsoft Intune to Enforce Compliance on Macs Managed by Jamf Pro. Technical Paper Jamf Pro or Later 14 December 2017

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.9

Casper Suite Release Notes. Version 9.6

Dell Management Portal. Apple Device Enrollment Program

Apple OS Deployment Guide for the Enterprise

Casper Focus User Guide. Version 9.0

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.72

Casper Suite Release Notes. Version 8.5

Casper Suite Release Notes. Version 9.0

Integrating with Microsoft Intune to Enforce Compliance on Mac Computers Managed by Jamf Pro

Managing Devices and Corporate Data on ios

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.31

Integrating with Microsoft Intune to Enforce Compliance on Macs Managed by Jamf Pro. Technical Paper Jamf Pro or Later 16 July 2018

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Integration with Apple Configurator 2. VMware Workspace ONE UEM 1902

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.97

Casper Suite Release Notes. Version

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Telenor MDM. Note Apple VPP ( )

SCCM Plug-in 2.0. User Guide

SCCM Plug-in User Guide. Version 3.0

JAMF Software Server Installation and Configuration Guide for Mac. Version 9.97

VMware Workspace ONE UEM Integration with Apple School Manager

Apple Deployment Programs Volume Purchase Program for Education Guide

Jamf Pro Installation and Configuration Guide for Linux. Version

Casper Suite Release Notes. Version

Jamf Pro Installation and Configuration Guide for Mac. Version

Altiris Plug-in User Guide. Version 3.11

Jamf Software Server Installation and Configuration Guide for Mac. Version

Jamf Pro Installation and Configuration Guide for Windows. Version

Imaging Suite Release Notes. Version 8.6

Jamf Pro Release Notes. Version

VMware AirWatch tvos Platform Guide Deploying and managing tvos devices

Casper Suite Release Notes. Version 8.6

VMware Workspace ONE UEM Apple tvos Device Management. VMware Workspace ONE UEM 1811 VMware AirWatch

Casper Suite Release Notes. Version 9.32

Apple Deployment Program Volume Purchase Program for Education Guide

Jamf Pro Installation and Configuration Guide for Mac. Version

SCCM Plug-in User Guide. Version 2.2

VMware AirWatch Books Deployment Guide Distribute and deploy books

REMOVE TSUWIRELESS WIRELESS NETWORK 2 CONNECTING TO TSU_SECURE WIRELESS NETWORK 7 CONNECT TO TNSTATE.EDU USING MOBILE DEVICE 11

TabPilot Documentation

SCCM Plug-in User Guide. Version 3.42

Register by completing the form, or connecting via your GitHub or Google account.

Jamf Pro Release Notes. Version

VMware AirWatch Integration with Apple Configurator 2 Guide Using Apple Configurator 2 and AirWatch to simplify mass deployments

jamf Nation - London Roadshow

Apple Business Manager Beta Help v1.0

Jamf Pro Release Notes. Version

Go Ahead Bring Your Own Device to Work... 1 Requirements... 1

SCCM Plug-in (for the Jamf Software Server) User Guide. Version 3.51

Composer User Guide. Version

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Vodafone Secure Device Manager Administration User Guide

MANAGING ANDROID DEVICES: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

IPAD INITIAL SETUP WITH MOBILE IRON DEP GUIDE

School District of Milton of Milton

Verizon MDM UEM Unified Endpoint Management

Nextiva Drive The Setup Process Mobility & Storage Option

Apple Volume Purchasing Program. Administrator guide to purchasing Apps using the Apple Volume Purchasing Program

Use Jamf Self Service to upgrade to macos Mojave

TIS/App Delivery Mobility Job Aid: Install and Configure Microsoft Outlook on Your iphone. Overview. Job Aid: Outlook for Mobile - iphone

IPHONE DEP REGISTRATION... 4 IPHONE DEP REGISTRATION... 3

Remote Access with Imprivata Two-factor Authentication

1. Select the App Store icon on your Home screen.

NotifyMDM Device Application User Guide Installation and Configuration for ios with TouchDown

West LegalEdcenter CLE Mobile Access to CLE courses wherever, whenever!

VMware AirWatch Tizen Guide

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

1 of 12 7/11/2013 1:26 PM

ZuluDesk Management System is a powerful Mobile Device Management (MDM) solution designed for schools to manage their Apple devices over WiFi.

Copyright Samsung Electronics Co., Ltd. All rights reserved.

MSP Solutions Guide. Version 1.0

Getting Started with Outlook Web App (OWA)

Dell OpenManage Mobile Version 1.0 User s Guide

FreeConference Desktop Sharing with IBM Sametime User Guide

Parallels Mac Management for Microsoft SCCM. Deployment Guide and Pre-Install Checklist. v6.1

Copyright Samsung Electronics Co., Ltd. All rights reserved.

TIS/App Delivery Mobility Job Aid: Install and Configure Microsoft Outlook on Your Android Phone. Overview. Job Aid: Outlook for Mobile - Android

Transcription:

Simplifying Device Enrollment and Content Distribution Using the Device Enrollment Program, the Volume Purchase Program, and the Casper Suite Technical Paper Casper Suite v9.6 or Later 27 April 2016

JAMF Software, LLC 2016 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide is accurate. JAMF Software 100 Washington Ave S Suite 1100 Minneapolis, MN 55401-2155 (612) 605-6625 Apple, the Apple logo, ibooks, ipod touch, Mac, and OS X are trademarks of Apple Inc., registered in the United States and other countries. App Store and ibooks Store are service marks of Apple Inc., registered in the United States and other countries. The CASPER SUITE, JAMF SOFTWARE, and the JAMF SOFTWARE Logo are registered or common law trademarks of JAMF SOFTWARE, LLC in the U.S. and other countries. All other product and service names mentioned are the trademarks of their respective companies.

Contents 4 Introduction 4 Target Audience 4 What's in This Guide 4 Important Concepts 4 Additional Resources 5 Overview 6 Requirements 7 Assigning Users to Devices 7 Assigning a User to a Computer or Mobile Device 8 Integrating with DEP 8 Configuring an Instance of DEP 9 Preparing for Device Enrollment and Customizing the User Setup Experience 9 Configuring a Mobile Device PreStage Enrollment 10 Configuring a Computer PreStage Enrollment 11 Integrating with VPP 11 Adding a VPP Account 12 Inviting Users to Register with VPP 12 Sending a VPP Invitation 13 Assigning Content to Users 13 Creating a VPP Assignment 14 Distributing Content 14 Distributing an App to a Mobile Device 14 Distributing a Mac App Store App to a Computer 15 Distributing an ebook 16 The User Experience 17 Revoking Apps 17 Revoking a Single App from Users 18 Revoking All Apps from Users 3

Introduction Target Audience This guide is designed for IT administrators who are using Apple s Device Enrollment Program (DEP) and Apple s Volume Purchase Program (VPP) in the United States. Note: Although IT administrators can use VPP outside of the United States, this guide is intended for use in the United States due to the limited availability of DEP. What's in This Guide This guide provides a step-by-step workflow for automating and customizing the enrollment of new, institutionally owned devices using Apple s DEP, and then assigning apps and ebooks to users and revoking and reassigning apps obtained through Apple s VPP. Important Concepts Before using the instructions in this guide, make sure you are familiar with the following Casper Suiterelated concepts: Scope Smart and static computer and mobile device groups Simple and advanced computer and mobile device searches Computer and mobile device enrollment Additional Resources For more information about the applications, concepts, and processes mentioned in this guide, see the following documentation: Casper Suite Administrator s Guide http://www.jamfsoftware.com/resources/product-documentation/ Volume Purchase Program for Business https://www.apple.com/business/vpp/ Apple Deployment Programs Help http://help.apple.com/deployment/business/ Apple School Manager Help https://help.apple.com/schoolmanager/ 4

Overview In the past, computer and mobile device enrollment was a tedious process, and it was a struggle to manage apps and ebooks in a cost effective way. Now, in conjunction with Apple s DEP and VPP, the Casper Suite allows you to preconfigure the device enrollment process, customize the user setup experience, and distribute content to devices without even taking the devices out of the box before you hand them to users. By preconfiguring the device enrollment process and customizing the user setup experience, you decide what steps users will take when they set up their devices. You can also assign content to users so that the content becomes available as soon as the users register with VPP. Additionally, when you assign apps to users, your organization retains ownership of the apps so that you can revoke and reassign them to new users at any time. There are a several steps involved in enrolling devices and distributing content with DEP, VPP, and the Casper Suite: 1. Assign users to devices. This allows you to track which user is assigned to each device so that you can prompt users to register with VPP and then assign the desired content to them. 2. Integrate with DEP. This allows the JAMF Software Server (JSS) to use DEP so that you can preconfigure the device enrollment process and customize the user setup experience. Prepare devices for enrollment and customize the user setup experience. This allows you to preconfigure device enrollment and customize the user setup experience by creating a PreStage enrollment. As a result, devices are silently enrolled with the JSS when the user turns on their device for the first time and completes the Setup Assistant. Integrate with VPP. This integrates the JSS with your VPP account so that you can invite users to register with VPP and assign content to them. 5. Invite users to register with VPP. This allows users to register with VPP so that the content that is assigned to users will become available on their devices when it is distributed to them. 6. Assign content to users. This allows you to specify the content that you want to assign to each user so that it can be distributed quickly. Content is assigned to users using a VPP Assignment in the JSS. 7. Distribute content. This makes the apps and ebooks assigned to each user available on their devices or available to install from Self Service. 8. Revoke apps. This allows you to revoke apps from users and reassign them to new users. 5

Requirements To enroll devices and distribute content to devices using the instructions in this guide, you need: The JSS v9.6 or later A service token (.vpptoken) from Apple s VPP store A server token file (.p7m) from Apple A push certificate in the JSS Mobile devices running ios 7.0.4 or later and/or computers running OS X v10.10 or later 6

Assigning Users to Devices To use DEP and VPP, you must first migrate your users so that you have full use of the Users tab, and then assign users to devices. This allows you to track the user assigned to each device. You can then prompt users to register with VPP and assign the desired content to them. (For more information about migration, see the Migrating Users Knowledge Base article.) Assigning a User to a Computer or Mobile Device 1. 2. 5. 6. Log in to the JSS with a web browser. Click Computers or Mobile Devices at the top of the page. Perform a simple or advanced search. Click the computer or mobile device you want to assign a user to. Select the User and Location category and click Edit. Do one of the following: To assign an existing user, enter the user s partial or full username in the Username field and click the Search icon. Click Choose across from the user you want to assign, and then click Save. The Full Name, Email Address, Phone Number, and Position fields are populated automatically. To assign and create a new user, enter information about the user and click Save. 7

Integrating with DEP Integrating with DEP allows the JSS to work together with Apple s DEP. This allows you to preconfigure the device enrollment process and customize the user setup experience without needing to remove the devices from their original wrapping. To integrate with DEP, you need to upload the server token file (.p7m) you received from Apple. (For information, see the Integrating with Apple s Device Enrollment Program (DEP) Knowledge Base article.) This process creates one instance of DEP in the JSS. To meet the needs of your organization, you can repeat the process to create multiple instances of DEP. Configuring an Instance of DEP 1. Log in to the JSS with a web browser. 2. In the top-right corner of the page, click Settings. Click Global Management. Click Device Enrollment Program. 5. 6. Enter a display name for the instance of DEP. 7. Click Upload Server Token File to upload the server token file you downloaded from Apple. This creates one instance of the DEP in the JSS. The information contained in the server token file is displayed. 8. Click New. Click Save. 9. To configure another instance of the DEP, repeat steps 5-8. 8

Preparing for Device Enrollment and Customizing the User Setup Experience A PreStage enrollment allows you to store device enrollment settings and customize the user setup experience. As a result, the amount of time and interaction it takes to prepare devices for use is reduced, and devices are silently enrolled with the JSS when users complete the Setup Assistant. Before you can use a PreStage enrollment, you need to create it in the JSS. Using a PreStage enrollment to add a mobile device to the JSS manages the device. Using a PreStage enrollment to add a computer with OS X v10.10 or later to the JSS manages the computer if userinitiated enrollment is enabled in the JSS (for information, see Computer PreStage Enrollments in the Casper Suite Administrator s Guide). Note: To enroll devices using a PreStage enrollment, the devices must be connected to the Internet during the Setup Assistant. 1. Log in to the JSS with a web browser. 2. Click Mobile Devices at the top of the page. 5. 6. Click the Scope tab and configure the scope of the PreStage enrollment by selecting the checkbox next to each mobile device you want to add to the scope. Note: The mobile devices listed on the Scope tab are the mobile devices that are associated with DEP via the server token file (.p7m) you downloaded from the Apple Deployment Programs website. 7. Configuring a Mobile Device PreStage Enrollment Click PreStage Enrollments. Click New. Use the General payload to configure basic settings for the PreStage enrollment and customize the user setup experience. To customize the user setup experience, select which steps you want to skip in the Setup Assistant. If you choose to skip steps, the user can enable these settings after the device is configured unless otherwise restricted. Click Save. 9

1. Log in to the JSS with a web browser. 2. Click Computers at the top of the page. 5. 6. Click the Scope tab and configure the scope of the PreStage enrollment by selecting the checkbox next to each computer you want to add to the scope. Note: The computers listed on the Scope tab are the computers that are associated with DEP via the server token file (.p7m) you downloaded from the Apple Deployment Programs website. 7. Configuring a Computer PreStage Enrollment Click PreStage Enrollments. Click New. Use the General payload to configure basic settings for the PreStage enrollment and customize the user setup experience. To customize the user setup experience, select which steps you want to skip in the Setup Assistant. If you choose to skip steps, the user can enable these settings after the computer is configured unless otherwise restricted. Click Save. 10

Integrating with VPP Integrating the JSS with Apple s VPP allows you to invite users to register with VPP, assign apps and ebooks, and revoke and reassign apps to users. Adding one or more VPP accounts to the JSS integrates the JSS with VPP. When you add a VPP account to the JSS, you upload the service token that you obtained from Apple, and specify the country associated with the VPP account. You can also specify other information about the account, such as the contact person and Apple ID. Adding a VPP Account 1. Log in to the JSS with a web browser. 2. In the top-right corner of the page, click Settings. Click Global Management. Click VPP Accounts. 5. 6. Enter a display name for the account. 7. Click Upload Service Token and upload the service token (.vpptoken) for the account. 8. Choose the country that is associated with the account. 9. 10. Click New. (Optional) Enter additional information about the account, including the contact person and Apple ID. Click Save. 11

Inviting Users to Register with VPP Before you can assign content purchased through VPP to users, the users must be registered with VPP. You can invite users to register by sending a VPP invitation that prompts them to access a registration page where they are guided through the steps for registering. Once users are registered with VPP, they can receive the content that is assigned to them. 1. Log in to the JSS with a web browser. 2. Click Users at the top of the page. 5. Enter a display name for the invitation. 6. Select the VPP account to register users with. 7. Choose Prompt users on their mobile devices from the Method pop-up menu. Note: The invitation is automatically added to the site that the VPP account belongs to. 8. Click the Scope tab and configure the scope of the invitation. 9. Sending a VPP Invitation Click VPP Invitations. Click New. Click Save. A VPP invitation is immediately sent to the users you specified. You can view the status of the invitation in the list of invitations. 12

Assigning Content to Users VPP assignments allow you to assign content purchased through VPP to users. This allows you to specify the content that you want to assign to each user so that it can be quickly distributed. When you create a VPP assignment in the JSS, you choose a VPP account, and all content purchased for VPP-managed distribution using the account is automatically available. Then you specify the content that you want to assign, and the users you want to assign it to (called scope ). 1. Log in to the JSS with a web browser. 2. Click Users at the top of the page. 5. Use the General payload to configure basic settings for the VPP assignment, including the VPP account. Note: The assignment is automatically added to the site that the VPP account belongs to. 6. Select the Apps payload and then select the checkbox for each app you want to assign. 7. Select the ebooks payload and then select the checkbox for each ebook you want to assign. 8. Click the Scope tab and configure the scope of the assignment. 9. Creating a VPP Assignment Click VPP Assignments. Click New. Click Save. 13

Distributing Content To make content available to users, you distribute it to devices. When content is distributed to users, it becomes available on their devices immediately after they register with VPP. 1. Log in to the JSS with a web browser. 2. Click Mobile Devices at the top of the page. Distributing an App to a Mobile Device Click Apps. 5. 6. 7. 8. 9. 10. Click New. Select App Store app and click Next. Browse the App Store, and do the following: a. Enter the name of the app. b. Choose an App Store country, and click Next. c. Click Add for the app you want to add. Use the General pane to configure basic settings for the app, including the display name. Choose Install Automatically/Prompt Users to Install from the Distribution Method pop-up menu. Click the Scope tab and configure the scope of the app. Click Save. The app is distributed the next time mobile devices in the scope contact the JSS. 1. Log in to the JSS with a web browser. 2. Click Computers at the top of the page. Distributing a Mac App Store App to a Computer Click Mac App Store Apps. 5. Click New. Do the following: a. Enter the name of the app. b. Choose an App Store country, and click Next. 14

c. Click Add for the app you want to add. 6. 7. 8. 9. Use the General pane to configure settings for the app. Choose Install Automatically/Prompt Users to Install from the Distribution Method pop-up menu. Click the Scope tab and configure the scope of the app. Click Save. The app is distributed the next time computers in the scope contact the JSS. 1. Log in to the JSS with a web browser. 2. Click Users at the top of the page. Note: If you have not migrated users yet, click Mobile Devices at the top of the page. Distributing an ebook Click ebooks. 5. 6. Click New. Select ebook available in the ibooks Store and click Next. Browse the ibooks Store, and do the following: a. Enter the name of the ebook. b. Choose an ibooks Store country, and click Next. c. Click Add for the ebook you want to add. Note: ibooks files (.ibooks) may need to be added manually. 7. Use the General pane to configure distribution settings for the ebook, including the display name. 8. Click the Scope tab and configure the scope of the ebook. If you have migrated users, you can add computers, users, and mobile devices as targets to the scope. If you have not migrated users yet, you can only add mobile devices as targets to the scope. 9. Click Save. The ebook is available in Self Service for users to install the next time the app is launched. 15

The User Experience When users turn on their devices for the first time, they are prompted to choose a language. Mobile device users are required to connect their devices to Wi-Fi. Computer users are prompted to connect their devices to Wi-Fi, but are not required to do so. Note: To enroll devices using a PreStage enrollment, the devices must be connected to the Internet during the Setup Assistant. Users then complete the Setup Assistant using the device enrollment and user setup experience settings that you preconfigured using a PreStage enrollment. After devices are enrolled with the JSS and setup is complete, the user is prompted to register with VPP, which causes the content that you assigned to them to become available on their devices. 16

Revoking Apps Revoking apps and reassigning them to other users saves your organization money by reducing the need to pay for new apps. To revoke one or more specific apps from users, you remove the app(s) from the VPP assignment. To revoke all the apps in a VPP assignment from one or more users, you remove the user(s) from the scope of the VPP assignment. Apps that have been revoked can be reassigned to other users when needed. Users are notified on their device when an app is no longer assigned to them. The app may or may not be removed from their device. If an app is not removed from the user s device, it can be removed by an administrator. 1. Log in to the JSS with a web browser. Note: All app data is deleted when an app is revoked and/or removed from a device. Before revoking an app, remind users to get any important data out of the app. 2. Click Users at the top of the page. Click the VPP assignment you want to revoke. 5. Select the Apps payload and remove apps from the assignment as needed. 6. Click the Scope tab and remove users from the scope as needed. 7. Revoking a Single App from Users Click VPP Assignments. Click. Save Users are notified that the apps are no longer assigned to them. 17

Revoking All Apps from Users For each VPP account, you can revoke all apps that have been assigned to users. 1. Log in to the JSS with a web browser. 2. In the top-right corner of the page, click Settings. Click Global Management. Click VPP Accounts. 5. Click the VPP account for which you want to revoke all apps. 6. Click Revoke All and then click OK to confirm. Users are notified that the apps are no longer assigned to them. 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback