Skip to main content
Apple Push Notification service must be configured in your Iru Endpoint tenant before Automated Device Enrollment can be configured.

About Automated Device Enrollment

Automated Device Enrollment (ADE) is an Apple feature that helps you automatically enroll devices into Iru Endpoint out of the box. This process simplifies the setup and configuration of corporate-owned Apple devices, such as iPhones, iPads, Macs, and Apple TVs, by managing and supervising them as soon as they’re activated. In addition to facilitating zero-touch deployment, Automated Device Enrollment helps ensure that organizations retain management of corporate-owned devices throughout their entire lifecycle—even if they are lost or stolen—by forcing them to enroll back into their assigned MDM server each time they’re erased or restored.

How It Works

Automated Device Enrollment operates through a secure connection between Apple Business Manager (ABM) or Apple School Manager (ASM) and Iru Endpoint. When devices are purchased from Apple or authorized resellers, they are automatically added to your organization’s ABM or ASM account. Once assigned to Iru Endpoint, devices check with Apple during activation to verify organizational ownership and retrieve configuration settings.

Prerequisites

  • Apple Push Notification Service: Apple Push Notification service must be configured in your Iru Endpoint tenant
  • Apple Business Manager Access: Ensure you have administrative access to your ABM or ASM account
  • Device Purchase: Devices must be purchased from Apple or authorized resellers to be automatically added to ABM/ASM
  • Network Connectivity: Ensure devices have internet connectivity during the enrollment process
Some Apple devices can be added to Apple Business Manager or Apple School Manager using Apple Configurator after purchase. Please see our Adding Devices to Apple Business Manager support article for more information.

Automated Device Enrollment Process

Once devices are available in ABM or ASM, you can assign them to an MDM server like Iru Endpoint. This assignment initiates a sync between Apple and Iru Endpoint (handled by the Automated Device Enrollment token), making device serial numbers available in an Awaiting Enrollment status where they can be assigned to an Assignment Map or Classic Blueprint in the Iru Endpoint Web App. When a device is powered on and connected to a network, it checks with Apple to verify organizational ownership, then retrieves and applies the configuration assigned by Iru Endpoint.

Configuring Automated Device Enrollment

1

Access Settings

In the left-hand navigation bar, click Settings.
2

Navigate to Apple Integrations

Select the Apple Integrations tab.
3

Set Up ADE

Under Automated Device Enrollment, click Set up Automated Device Enrollment.
4

Complete Setup

Follow the on-screen instructions to set up Automated Device Enrollment and click Done.

Considerations

  • APNs Configuration: Ensure Apple Push Notification service is properly configured before setting up ADE
  • Device Assignment: Plan your device assignment strategy for Assignment Maps or Classic Blueprints
  • Network Requirements: Verify network connectivity and firewall settings for Apple services
  • Security Policies: Configure appropriate security policies for corporate-owned devices
  • User Experience: Test the enrollment process to ensure smooth user experience
  • Device Lifecycle: Plan for device management throughout the entire lifecycle
  • Lost Device Protection: Understand how ADE helps protect against lost or stolen devices
  • Compliance Requirements: Ensure ADE configuration meets your organization’s compliance needs
  • Backup Strategy: Have a plan for managing devices if ADE becomes unavailable
  • Documentation: Keep records of ADE configuration and device assignments
  • Support: Contact Iru Endpoint Support for assistance with complex ADE scenarios
  • Testing: Test ADE configuration in a controlled environment before production deployment
  • Monitoring: Regularly monitor ADE status and device enrollment success rates
  • Updates: Stay informed about Apple’s ADE requirements and updates