- 03 Jan 2023
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Apple Business Manager
- Updated on 03 Jan 2023
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Apple Business Manager supports deployment and remote MDM enrollment of corporate-owned Apple devices.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
Parameters
-
Host Name or IP Address (required, default: https://mdmenrollment.apple.com/) - The hostname or IP address of the Apple Business Manager server.
-
Client Key and Client Secret (required) - The credentials for a user account that has permissions to fetch assets.
To obtain the Client Key and Client Secret, you must generate a client key and secret. -
Access Token and Access Secret (required) - An API Key associated with a user account that has permissions to fetch assets.
-
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
-
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
-
HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
-
HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
-
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
APIs
Axonius uses the Get Device Details API.
Generate Client Key and Secret
To obtain a client key and client secret
-
Generate the Key pair:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
-
Save the key.pem file, which is used to decrypt the token.
-
Upload the cert.pem file to the Virtual MDM on the DEP portal.
-
Download the Token file (.p7) and decrypt it with key.pem
openssl smime -decrypt -inform smime -in fileFromApple.p7 -inkey key.pem
-
Utilize the values from the decrypted token file for the corresponding fields in the adapter configuration: consumer key, consumer secret, access token, access secret
For more information, see Authenticating with a Device Enrollment Program (DEP) Server.
Supported From Version
Supported from Axonius version 4.6