What is Apple School Manager?
Apple School Manager (ASM) is a web-based platform that helps educational institutions manage Apple devices, apps, and accounts at scale. It streamlines the deployment of iPads, Macs, and Apple TVs, integrating with Mobile Device Management (MDM) systems for automated device setup. The platform supports creating Managed Apple IDs for students and staff, with controls to ensure security and appropriate access.
Through Automatic Device Enrollment (ADE), devices can be configured and managed without manual intervention. Schools can purchase and distribute apps, books, and other content in bulk, ensuring proper allocation via MDM. Integration with Student Information Systems (SIS) allows easy synchronization of student data, enabling automatic creation of classes and user accounts.
Apple School Manager also supports classroom management tools like Apple Classroom, allowing teachers to guide and monitor student devices during lessons. It simplifies IT management and enhances the learning experience by centralizing control over hardware and digital content in an educational setting.
Can I Use Apple School Manager With NinjaOne?
Yes, NinjaOne supports device enrollment via Apple School Manager (ASM) in the same way it supports Apple Business Manager (ABM). Enrolling devices through ASM provides enhanced control over managed devices, ensuring improved security. To enroll Apple devices through ASM, Automatic Device Enrollment (ADE) must be enabled in NinjaOne.
What is Automated Device Enrollment?
Automated Device Enrollment (ADE) is a feature that streamlines the setup and management of Apple devices, allowing organizations to automatically configure new devices as soon as they are powered on and connected to the internet. It is part of Apple’s Device Enrollment Program (DEP) and is available through platforms like Apple School Manager (ASM) and Apple Business Manager (ABM).
How to Enable Automated Device Enrollment (ADE) in NinjaOne?
This step should be performed by the owner or administrator of the NinjaOne instance, who should have an Apple School Manager account. The ASM accounts must be verified and functional. Check the prerequisites for https://support.apple.com/guide/apple-business-manager/sign-up-axm402206497/webASM. Follow these steps to enable ADE for use with ASM, in NinjaOne,
1. Go to Administration, then Apps, then Installed.
2. Click NinjaOne MDM.
3. Click Enroll, at the right of Automated Device Enrollment (ADE), the Automated Device Enrollment dialog box appears.
4. Download the public key (Step 1 in the dialog box), it´s a .PEM file.
5. Go to the Apple School Manager Site, (Step 2 in the dialog box) and log on with your ASM ID.
(See below screenshot for reference)
6. On the ASM site, select Settings at the bottom left of the page.
7. Select Device Management Settings.
8. Click Add MDM Server.
(See below screenshot for reference)
9. Give the MDM server a name.
10. Upload the public key file by clicking Choose File and selecting the .PEM file you downloaded on step 4.
11. Click Save.
12. Click Download Token.
13. A warning message appears saying that downloading a new server token will reset your existing one. Click Download Server Token.
14. After downloading the token file (.p7m file), go back to NinjaOne.
15. Once you´re back in NinjaOne, upload the token file to NinjaOne (Step 3 in the dialog box).
16. The Automated Device Enrollment service should now appear as Enrolled.
17. Follow the instructions in the next section to Configure the ADE profile.
How to Configure The ADE profile in NinjaOne?
The ADE profile defines the setup process for devices enrolled through the Automated Device Enrollment Service. When an Apple device is enrolled this way, it will be reset to factory defaults and restarted as if brand new. This ADE profile specifies how the initial setup process will proceed, allowing some or all setup steps to be skipped. It also determines whether the device will enroll in supervised mode. Follow the next instructions to configure the ADE profile.
1. Navigate to Administration > Apps > Installed > NinjaOne MDM.
2. Under Actions (In front of Automated Device Enrollment), select Edit profile & devices.
(See below screenshot for reference)
3. Fill out the fields required. One of them is Supervised mode, which is on by default.
(See below screenshot for reference)
4. Adjust the settings per your preferences.
5. Click Save at the bottom of the page.