We are getting some iOS devices and working with apple school manager for the first time. How are you setting up Automated Device Enrollment in your organization?
Are you making different Automated Device Enrollment instances for each department? or letting them come in to one instance an then manually assigning devices to different sites after?
Question
How are you setting up Automated Device Enrollment with different departments?
+11
+10We are treating Sites as Departments for our org. Each site has it's own MDM Server in Apple School Manager.
The downside to this is the lack of granularity within Jamf Pro to delegate permissions. Some things require Full Site access where Department Administrators get the "keys to the castle" per se to modify things we don't want them modifying.
I would advise not going this route having dug ourselves as deep as we have now. Utilize the Department field in Inventory > User and Location.
+11Got it, I'm using Department field in my test right now. I tried to add another New Automated Device Enrollment instance, but it would not take my apple MDM token again so it did not look like you could add a new instance using the same mdm I set up in apple school manager. but it sounds like this is not a good idea anyways.
+10I'm using one Automated Device Enrollment server (ASM) and multiple prestage enrollments that set the department of the device. I then scope policies to those departments. K-12 EDU Here.
+7We enroll all of our macs into a single DEP site and then use a script to change the site via API. We scope the script to smart groups based on information pulled from the users LDAP attributes.
+7So what is exactly the difference between Options (General) > Department (Department to associate with the PreStage enrollment) and Options (User and Locations) > Department in the Devices PreStage Enrollments?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.