Login
    Contents x
    Apple Business Manager
    • 05 Sep 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Apple Business Manager

    • Updated on 05 Sep 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Apple Business Manager supports deployment and remote MDM enrollment of corporate-owned Apple devices.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    Note:

    This adapter only fetches devices which are unassigned to an MDM (and does not fetch devices assigned to an MDM).

    Parameters

    1. Host Name or IP Address (required, default: https://mdmenrollment.apple.com/) - The hostname or IP address of the Apple Business Manager server.

    2. Client Key and Client Secret (required) - The credentials for a user account that has permissions to fetch assets.
      To obtain the Client Key and Client Secret, you must generate a client key and secret.

    3. Access Token and Access Secret (required) - An API Key associated with a user account that has permissions to fetch assets.

    4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    7. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    8. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    AppleBusinessManager


    Advanced Settings


    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.

    Fetch profiles - Select this option to fetch profiles.


    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


    APIs

    Axonius uses the Get Device Details API.

    Generate Client Key and Secret

    To obtain a client key and client secret

    1. Generate the Key pair:

      openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365

    2. Save the key.pem file, which is used to decrypt the token.

    3. Upload the cert.pem file to the Virtual MDM on the DEP portal.

    4. Download the Token file (.p7) and decrypt it with key.pem

      openssl smime -decrypt -inform smime -in fileFromApple.p7 -inkey key.pem

    5. Utilize the values from the decrypted token file for the corresponding fields in the adapter configuration: consumer key, consumer secret, access token, access secret
      For more information, see Authenticating with a Device Enrollment Program (DEP) Server.

    Supported From Version

    Supported from Axonius version 4.6


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout