Hi Adan, actually the configurator app runs well on the IPhone. I tried this out the other day to manually add an iPhone to ABM and it’ probably much easier and smoother. Think I’m going to do a video on this one.
hey, thanks for your video, helped a lot. quick question, can I manually add various iPads or MacBooks ? or I need always to have it connected. thanks. regards
Where is episode 4 on this series, please? I am completely stuck on this method as you say at the end of this you're going to continue with next steps?
@@theCMC I'm not sure that is my next step. At this point my device is in InTune and waiting for a deployment profile, however when I add it it can never be contacted.
Hi Andy - thanks for the video series it's really helpful. I've recently purchased a MAC and wanted to add it to apple BM manually. I didn't realise you needed an iPhone to do this so I've now acquired an Iphone.... So my question is what order do I need to get these devices enrolled? Ive got my apple business manager account setup and connected to Intune. But when I sign into the app store on my Mac to get the configurator app its greyed out. So I have to use another apple ID to get it. Now I've got it, do I first need to setup the configurator on my mac, enrol the iPhone & then use configurator on the iphone to enrol the mac? Thanks
At 4:54 you say that it's important to "Assign your device to an MDM server before enrolling the device" but I don't know how to add a device to the MDM server.
Hello, I have a question. I've been ejected from the enterprise program because we get to be at least 100 people in the company to develop with the enterprise certificate. Apple asked us to go to Apple Business Manager, but I don't understand how to compile my application under xcode and install it on our ipads. What is the process ? Best regards.
At 5:44 and the next few seconds you say. "Now you're being asked for the Trust Anchor certificates, once you've added that..." OK HOW do you find that? HOW do you add that? Kind of an important step?
Hello, thanks for this helpful guide. If i create a backup and do the enrollment on iphone, when i restore data from backup, it keeps the mdm configuration? or the wipe is mandatory and old data will be lost? Thanks
I've been looking high and low for a solid answer, I've been trying to figure out how to add mac computers to ABM, and something i've seen hinted at is that is only possible when using an iphone. you can use apple config ON a mac to add iphones, appletv, ipads, and ipads, but not computers..... can anyone shed some light on this?
I believe you also needed to check the device and then assign the profile in Intune. Then make sure device has a timestamp under "Last Contacted". Will not happen and configuration policies cant be assigned if profile is not assigned on that last page you had up.
Great video, thank you! I have a question concerning the supervision identity, and adding devices manually to ABM that already has devices added by an Apple rep/third party seller. If I create a new supervision identity in Configurator, does that affect any of the devices currently in ABM that were added by that 3rd party? Essentially, I am wondering if the supervision identity is limited to just the devices you add manually with that identity or if it affects current devices that were added with a different supervision identity. Thank you!
Jeff good question I can’t say I know too much about this tbh but it’s recommended to standardize on the use of that identity for all instances of a mobile device management (MDM) solution and Apple Configurator. Apple docs published show that If you change a supervision identity, you must start over-that is, you must erase, prepare, and supervise the devices again. It’s not clear if it affects existing devices added with other supervision identities. I’m thinking that these you would not be able to manage these with your own identity created.
@@theCMC hi, i was able to figure this out. now im thinking since I have intune. does it make sense to setup user accounts for users on abm or just focus on managing them on intune:?
"This profile can only be installed on a Supervised device" - how can it be a supervised device before even enrolling it and setting it up as supervised?
Jack thanks, if I said that your right it has to become supervised to take advantage of the extra controls. From Apple website: Supervision gives educational institutions and businesses greater control over the devices they own. With supervision, your administrator can apply extra restrictions, such as turning off AirDrop or preventing access to the App Store. It also provides additional device configurations and features, such as silently updating apps or filtering web usage. By default, your iPhone or iPad isn’t supervised. Supervision can only be turned on when setting up a new device. If your iPhone or iPad isn’t currently supervised, your administrator has to completely erase your device to set up supervision.
The error at 7:05 (0x80ef 33007) is caused by the device's Internet connection. The device must be connected to the Internet during configuration with Configurator. Don't forget to enter the SSID, security type and password in the WiFi profile.
It looks like the wifi profile won't add because the iPad is not being activated based on unchecking that option during the configurator preparation. The wifi profile works fine if you instead check/enable the activation/enroll check box, so what is the solution here?
You can also enable Internet Sharing on the Mac to share its internet connection to the connected iOS device. This eliminates the error for me altogether and without this enabled, I was not able to get devices added to ABM. Only with the WiFi profile and Internet Sharing enabled was I able to get any to add successfully.
Hi there. Thanks for sharing this video. I have a comment regarding the error message that showed during enrollment. First of all, I received the same error and my device did not apear in ABM just magically. The problem was happening due the wi-fi configuration failed to setup on the iPad. In order to fix the issue the user must access the iPad device and manually connect to the prefered wi-fi network. After that proceed with the enrollment. In this case there will be no error and the device will show up in ABM successfully. Thank you!
@@andym8148 hi there. You can skip the Wi-Fi profile as for some reason it doesn't work anyways. But at the step when the iPad resets to start the configuration you have to manually enter the Wi-Fi ssid credentials so the iPad connects to the Wi-Fi and proceed with the enrollment. I hope that helps.
@@alex_zava thanks I got this working in the end, the devices need a valid wifi connection to connect to so by adding a wifi profile that can connect to a valid wifi network it works, the devices are then prepared and they connect to the wifi network and then connect to ABM to add themselves to ABM
@AbdulManan-rc3rg I belive you can add Apple TV into ABM using the configurator app on a mac rather than using the iphone. You will need to connect the App-TV to the Mac
When I try login to apple business manager and press devices after following your steps. I get "Add you Apple Customer Numbers or Reseller Numbers now or later to manage your devices here." Is there a way around this or have I done something wrong?
Whats the process for moving an existing managed device from another mdm server eg Apple Profile Manager to Intune? Would it be, 1. Assign mdm server as intune in ABM. 2, assign the device an enrollment profile in intune. 3, reset the device
You can have multiple mdm servers in a single ABM registration and switch between them by reassigning the device. You will need to delete the device from mdm 1 service and wipe the device to enroll into mdm 2
Why some call it Apple Business Manager, others Apple Business Essentials… no one know how to explain it simple for people trying to understand the “Essential” part of it… Apple said that “AB Essential” is for people that are not IT but have few employees and that it should be easy… it is far from it…
Apple Business Manager is a free service for businesses to manage their Apple accounts and devices. Apple Business Essentials is a paid Mobile Device Management service (MDM). Similar to Jamf, Mosyle, Intune, etc. ABM is required for any MDM managing Apple devices. ABE is a paid MDM.
How ppl love apple is beyond me.. Look at all this shit you have to do to just configure a stupid phone. And God forbid you don't have a shitty MacBook laying around for this.
what is a trust anchor certificate and where do I find it?
He just skipped this part for some reason....
Press the blue next button as it’s not required
It's optional, not compulsory. You can click NEXT.
Good walkthrough but kind of blew through the adding trust anchor certificate steps about 5:45... what is that?
Roger, this is the cert used to trust the SSL connection to the MDM server. As I’m creating a new server this step is optional
You have no idea how much you have helped my dayjob, bravo to you all!
5:44 you jumped there an important step… novice people don’t know what this certificated is or where to find it…
I am currently reading the comments trying to figure this out!
If I correctly remember, you just click next on that step
Click the blue next button as it’s not required.
I'm setting this up for the first time. At 5:48 where do I find/get the Trust Anchor Certificate?
Jon, it’s not needed if you’ve specified the option for new server
Is a MAC notebook needed to do this, or can I download the apple configurator on an Iphone and enroll other phones from there?
You need macOS.
Hi Adan, actually the configurator app runs well on the IPhone. I tried this out the other day to manually add an iPhone to ABM and it’ probably much easier and smoother. Think I’m going to do a video on this one.
Hi Andy, are you able to use this same process to add a MacBook to a companies ABM in order to be able to manage it via Intune?
Hi Chris yes you can. Check out Episode 5. Think this answers your question
hey, thanks for your video, helped a lot. quick question, can I manually add various iPads or MacBooks ? or I need always to have it connected. thanks. regards
When using a mac with configurator the docs say you need to connect the device with USB
Does the device running the Configurator App need to be enrolled in ABM as well?
No
Where is episode 4 on this series, please? I am completely stuck on this method as you say at the end of this you're going to continue with next steps?
Ben you’ll find Episode 4 on my blog site
move2modern.uk/index.php/2023/03/01/episode-4-manually-add-a-macos-device-to-apple-business-manager-abm/
@@theCMC I'm not sure that is my next step. At this point my device is in InTune and waiting for a deployment profile, however when I add it it can never be contacted.
Hi Andy - thanks for the video series it's really helpful. I've recently purchased a MAC and wanted to add it to apple BM manually. I didn't realise you needed an iPhone to do this so I've now acquired an Iphone.... So my question is what order do I need to get these devices enrolled? Ive got my apple business manager account setup and connected to Intune. But when I sign into the app store on my Mac to get the configurator app its greyed out. So I have to use another apple ID to get it. Now I've got it, do I first need to setup the configurator on my mac, enrol the iPhone & then use configurator on the iphone to enrol the mac? Thanks
You don’t need to enroll the iPhone into Intune, just install the app independently, install the app and connect with tenant credentials
At 4:54 you say that it's important to "Assign your device to an MDM server before enrolling the device" but I don't know how to add a device to the MDM server.
Joe take a look at episode 5. You need to have access to ABM to do this
Hello, I have a question. I've been ejected from the enterprise program because we get to be at least 100 people in the company to develop with the enterprise certificate. Apple asked us to go to Apple Business Manager, but I don't understand how to compile my application under xcode and install it on our ipads. What is the process ? Best regards.
At 5:44 and the next few seconds you say. "Now you're being asked for the Trust Anchor certificates, once you've added that..." OK HOW do you find that? HOW do you add that? Kind of an important step?
Misterh1 in my experience it’s not needed here. Hit the blue button and next. Should work without specifying this
Could you please help me? If I don't have Business Essentials, where can I find and download this trust "Anchor Certificate"?
Hello, thanks for this helpful guide. If i create a backup and do the enrollment on iphone, when i restore data from backup, it keeps the mdm configuration? or the wipe is mandatory and old data will be lost? Thanks
I've been looking high and low for a solid answer, I've been trying to figure out how to add mac computers to ABM, and something i've seen hinted at is that is only possible when using an iphone. you can use apple config ON a mac to add iphones, appletv, ipads, and ipads, but not computers..... can anyone shed some light on this?
I came for the same answer, I guess we cannot add macbooks on ABM with configurator, or at least I was not able to
I believe you also needed to check the device and then assign the profile in Intune. Then make sure device has a timestamp under "Last Contacted". Will not happen and configuration policies cant be assigned if profile is not assigned on that last page you had up.
Top walk through, thanks Andy (the tips and steps help a great deal)
Thanks Andrew
Very, very helpfull video. Thank you so much!
Glad it was helpful!
Great video, thank you! I have a question concerning the supervision identity, and adding devices manually to ABM that already has devices added by an Apple rep/third party seller. If I create a new supervision identity in Configurator, does that affect any of the devices currently in ABM that were added by that 3rd party? Essentially, I am wondering if the supervision identity is limited to just the devices you add manually with that identity or if it affects current devices that were added with a different supervision identity.
Thank you!
Jeff good question I can’t say I know too much about this tbh but it’s recommended to standardize on the use of that identity for all instances of a mobile device management (MDM) solution and Apple Configurator. Apple docs published show that If you change a supervision identity, you must start over-that is, you must erase, prepare, and supervise the devices again. It’s not clear if it affects existing devices added with other supervision identities. I’m thinking that these you would not be able to manage these with your own identity created.
I want to add existing intune macos devices to Apple business manager. is that possible ?
Only by using Apple Config v2 on an iOS device. But you will need to wipe an re-enrol
@@theCMC hi, i was able to figure this out. now im thinking since I have intune. does it make sense to setup user accounts for users on abm or just focus on managing them on intune:?
"This profile can only be installed on a Supervised device" - how can it be a supervised device before even enrolling it and setting it up as supervised?
Jack thanks, if I said that your right it has to become supervised to take advantage of the extra controls. From Apple website:
Supervision gives educational institutions and businesses greater control over the devices they own. With supervision, your administrator can apply extra restrictions, such as turning off AirDrop or preventing access to the App Store. It also provides additional device configurations and features, such as silently updating apps or filtering web usage.
By default, your iPhone or iPad isn’t supervised. Supervision can only be turned on when setting up a new device. If your iPhone or iPad isn’t currently supervised, your administrator has to completely erase your device to set up supervision.
The error at 7:05 (0x80ef 33007) is caused by the device's Internet connection. The device must be connected to the Internet during configuration with Configurator. Don't forget to enter the SSID, security type and password in the WiFi profile.
Thanks @lumpyzelan
It looks like the wifi profile won't add because the iPad is not being activated based on unchecking that option during the configurator preparation. The wifi profile works fine if you instead check/enable the activation/enroll check box, so what is the solution here?
You can also enable Internet Sharing on the Mac to share its internet connection to the connected iOS device. This eliminates the error for me altogether and without this enabled, I was not able to get devices added to ABM. Only with the WiFi profile and Internet Sharing enabled was I able to get any to add successfully.
Hi there. Thanks for sharing this video. I have a comment regarding the error message that showed during enrollment. First of all, I received the same error and my device did not apear in ABM just magically. The problem was happening due the wi-fi configuration failed to setup on the iPad. In order to fix the issue the user must access the iPad device and manually connect to the prefered wi-fi network. After that proceed with the enrollment. In this case there will be no error and the device will show up in ABM successfully. Thank you!
Hi can you explain in more detail please? I also got the same error.
@@andym8148 hi there. You can skip the Wi-Fi profile as for some reason it doesn't work anyways. But at the step when the iPad resets to start the configuration you have to manually enter the Wi-Fi ssid credentials so the iPad connects to the Wi-Fi and proceed with the enrollment. I hope that helps.
@@alex_zava thanks I got this working in the end, the devices need a valid wifi connection to connect to so by adding a wifi profile that can connect to a valid wifi network it works, the devices are then prepared and they connect to the wifi network and then connect to ABM to add themselves to ABM
when enrolling an ipad, i got this error the first time, didnt show up in ABM, did it again, no errors, showed up... why? no clue.. but it worked lol
how I can add Apple TV in ABM by app configurator
@AbdulManan-rc3rg I belive you can add Apple TV into ABM using the configurator app on a mac rather than using the iphone. You will need to connect the App-TV to the Mac
screen is unreadable even in HD. I am on a iMac Pro.
Jose, I’m planning on updating this video which will improve the presentation of this.
When I try login to apple business manager and press devices after following your steps. I get "Add you Apple Customer Numbers or Reseller Numbers now or later to manage your devices here." Is there a way around this or have I done something wrong?
Chris it sounds like you don’t have the correct ABM management permissions
Whats the process for moving an existing managed device from another mdm server eg Apple Profile Manager to Intune? Would it be, 1. Assign mdm server as intune in ABM. 2, assign the device an enrollment profile in intune. 3, reset the device
You can have multiple mdm servers in a single ABM registration and switch between them by reassigning the device. You will need to delete the device from mdm 1 service and wipe the device to enroll into mdm 2
@@theCMC nice one thanks looking forward to the rest of your series
When I added with the Apple Configurator, it seems like it times out and doesn’t even configured correctly. I hate this.
Can be fiddly sometimes. That’s why I recommend using configurator on the iPhone
Too notch content ❤
Thanks Spitzer
Why some call it Apple Business Manager, others Apple Business Essentials… no one know how to explain it simple for people trying to understand the “Essential” part of it… Apple said that “AB Essential” is for people that are not IT but have few employees and that it should be easy… it is far from it…
Apple Business Manager is a free service for businesses to manage their Apple accounts and devices. Apple Business Essentials is a paid Mobile Device Management service (MDM). Similar to Jamf, Mosyle, Intune, etc. ABM is required for any MDM managing Apple devices. ABE is a paid MDM.
How ppl love apple is beyond me.. Look at all this shit you have to do to just configure a stupid phone. And God forbid you don't have a shitty MacBook laying around for this.
It’s not really the chosen option in a business or enterprise environment