Posted on 12-07-2017 02:41 AM
I have a query regarding DEP enrolment. A long story short, the company I'm doing some work for has only JUST setup their DEP account, so at the moment we have nothing configured yet.
However, a situation has occurred where a MacBook Air has gone missing, we believe we know who has it, but it's possible they've wiped the device. The question I have, is can I add this device to DEP and force a re-enrolment the next time it hits the internet? I've heard rumours that if you tick the "Make MDM Profile Mandatory" in the JSS prestage this will do the trick, however I'm not convinced and have struggled to find any concrete information around this.
Any help would be much appreciated.
Posted on 12-07-2017 05:53 AM
My organization only has iPads but I dont believe DEP works that way. You cant just add a device to your DEP instance. You can either do it through your vendor/apple during purchasing, or you can now use Apple Configurator 2 and add it manually. However, if you use Apple Configurator, there is a 30 day grace period in which the user can opt out. You cant retroactively add a device to DEP to enforce a re-enrollment.
Posted on 12-07-2017 07:21 AM
Unfortunately, with Mac, as of right now, there isn't a way to force DEP enrollment. The user could proceed through the setup assistant off network, and the machine will have no idea that there is a prestage available, and therefore won't enroll. Once connected to the network, the user will get nagged to enroll with a notification area message, but they could ignore that.