Trying to improve enrolling 3000+ iPads

New Contributor

Good afternoon, 

I am at a loss in an improvement that I am trying to make to speed up our student enrollment process.

Current Situation - We have 2500-3500 students that enroll in our Further Education establishment yearly and each one of these students receive an iPad. In our current setup, we have it that the iPad is freshly wiped and the students will have to go through the process of; Signing into Wi-Fi (This is a pain because the students password is set to change on first login, they cannot authenticate to our Wi-Fi before they change their password. So typically, they will have to use a secondary device to go to Office365 to update their password first.). Using their Active Directory account and credentials to enroll the iPad. Signing into their managed Apple ID. Agreeing to Terms and Conditions, etc. and turning on Location Services.

This is a time consuming and tedious process when you're running four enrolment sessions over four different zoning areas per day of 20-30 students per session.


I have tried to speed this process up by; Pre Enrolling the iPad without credentials. We would then hand the iPad to the student, pre-setup and just have them sign in to their managed Apple ID. In doing this though, the information field for User/Username is blank. There is a way around this by using Inventory Preload, but that poses two issues;

1. If we use Inventory Preload, the information is retained unless it is overwritten by a new CSV, we pull back the iPads yearly and re-use them for the following year. 

2. This would require the staff that are handing the iPads out to be 100% accurate in the information they are using to upload to the Inventory Preload. 


Am I overlooking anything that could pool the information for the User/Username field after the device has been pre-setup with this method?



We bulk enroll massive volumes each year in a staging area. In order to do this, each students credentials must be known. So we change all credentials temporarily to allow for easy enrollment on a specific enrollment network with an easy to remember password. Then, after enrollment, the passwords are all changed to random individual passwords. All the credential management is heavily automated. This is the only way we've managed to cope with our massive volumes. But better suggestions on how to do this efficiently is welcome!

New Contributor III

What about having a "guest" wifi setup so the basic config can be pulled down then when they sign into the device with the Managed Apple ID? 

We have devices that get wiped constantly due to HIPPA guidelines so the iOS devices are in a pre-stage and when they want to use the device they connect to the "guest" wif and then the profile is downloaded. I haven't tried it with shared/managed Apple ID. 

Unfortunately @burnhamt in our current Pre-Stage it goes, connect to Wi-Fi first and then Device Enrollment with their AD credentials (That is what fills the information for Username, email, etc. and assigns them the correct configuration profile). It will not ask them to update their password there. It will only ask them at the Apple ID stage because it will take them through Office365 to update it which will write back to our on-prem/hybrid AD.


@foobarfoo I have contemplated using PowerShell scripts to automate the credentials changes but another member of staff had concerns with this (For the life of me, I currently cannot remember what those concerns were).