SETTING UP MDM FOR IOS DEVICES IN MAC OSX (DEPRECATED - PLEASE SEE NEW INSTRUCTIONS)
Before you begin, make sure you have the following:
- An AppBlade account
- A valid Apple Development account with Enterprise
- A private key in your Apple keychain (you should have one by default)
- A iOS device that you would like to enroll in MDM
AppBlade Guide to Setting up MDM for iOS devices in OSX
- Open the Keychain application generally located under Applications > Utilities > Keychain Access.
While in Keychain, generate a Certificate Signing Request (CSR) to give to AppBlade. (Keychain Access > Certificate Assistant > Request a Certificate From a Certificate Authority.)
- Enter your e-mail address and a name for the certificate. No e-mail needs to be entered under “CA Email Address.” The request should be selected to be saved to disk.
The result should be a .certSigningRequest (CSR) file on your desktop.
- Now we're going to take that certificate and sign with it an AppBlade account. First, Log-in to your AppBlade account and go to your team settings page via the Teams section.
Once inside the team settings, Scroll down to the Mobile Device Management section and Upload the CSR file to AppBlade. Then click "Update".
- AppBlade should refresh the page and will create a push certificate with our private key. Click "AppBlade Signed Certificate Request" to download the signed certificate.
You will then have a signed certificate request file named "AppBlade Signed Certificate Request ([Your Team Name] MDM)"
- Next we'll upload our signed certificate to the Apple Push Certificate Portal. Go to https://identity.apple.com/pushcert/ (You may have to sign in with your Apple Developer account).
Uploading the AppBlade signed certificate notifies Apple that AppBlade would like to become one of your third party servers. After uploading, you'll be redirected to a success page where you can download the AppBlade push certificate (the download is also available in your push certificates portal).
- Download this new Certificate for a Third-Party Server and then open it with Keychain Access (just double-clicking it should open Keychain Access).
In Keychain Access, select the "Keys" category in the left column (labeled "Category"). Locate the private key you generated and added to your keychain. If you double-clicked in step 6 it should already be highlighted. An arrow should be displayed next to the file name (ours is called "AppBladeMDM" in our example). Right click the key and select “Export ...”.
Select the file to be saved as a .p12, a password prompt will also appear. Signing your p12 with a password is optional but suggested.
You should now have our final file; a p12, on your machine.
- Upload the generated .p12 to AppBlade under step three of Mobile Device Management. (You'll also need to type in your private key passcode if you signed your p12 with one in step 7. If you didn't sign your p12 just leave it blank.) Then click update.
- And that's it! You've set up MDM for your team on AppBlade! New devices enrolled under this team can be managed with Apple MDM push requests.
Please note that devices previously enrolled in AppBlade will need to be un-enrolled then re-enrolled after completing these steps. If devices are not un-enrolled then re-enrolled MDM then your devices will not respond to MDM commands properly.