VSA 10 MDM: Apple MDM profiles
NAVIGATION Administration > Configuration > Profiles > New Profile > Apple MDM Restrictions (Device Configuration) profile type
NAVIGATION Administration > Configuration > Profiles > New Profile > Apple MDM Networking (Device Configuration) profile type
NAVIGATION Administration > Configuration > Profiles > New Profile > Apple MDM Security (Device Configuration) profile type
NAVIGATION Administration > Configuration > Profiles > New Profile > Apple MDM System Configuration (Device Configuration) profile type
NAVIGATION Administration > Configuration > Policies
SECURITY Administrator
Using any of the Apple MDM types of Device Configuration profiles, you have the ability to automate the setup of mobile device user accounts, networking settings, security policies, and hardware, operating system, and application restrictions from the moment the device is enrolled. This powerful feature eliminates the need for administrators to manually onboard every MDM endpoint in your environment, saving you time and ensuring that all devices are configured consistently.
To learn how to enroll a device in MDM, refer to VSA 10 MDM: enrollment.
For a comprehensive overview of how profiles and policies work in VSA 10, refer to Policies overview.
Overview
With MDM profiles, you can create predefined setup templates for supported Apple devices and associate them with management policies. When VSA 10 detects a client that meets the criteria of one or more of the associated policy rules, it will automatically apply the corresponding profile to the device via the Apple Push Notification Service.
Supported hardware
The following devices support management via MDM profiles:
Notebooks | Desktops | Mobile | Other |
---|---|---|---|
MacBook Air, Macbook Pro | iMac, Mac mini, Mac Studio, Mac Pro | iPad, iPhone | Apple Watch, Apple TV |
Capabilities
MDM profiles support the following applications and system settings:
Category | Description | Applications and settings |
---|---|---|
Networking | Manage network configuration, including WiFi, Ethernet, and VPNs. |
WiFi, Ethernet, cellular, firewall, DNS, proxy, VPN, AirPlay, AirPrint |
Security | Control sensitive security-related device settings. |
Authentication, certificates, parental controls, encryption, passcodes |
Restrictions | Manage hardware, operating system, and application restrictions. |
Bluetooth, camera, Game Center App Store, lock screen, user creation, startup, authentication |
System Configuration | Enable or disable interface elements, manage login behavior, control system updates. |
Login behavior, user experience, preferences, software catalog |
Applications | Deploy apps to devices automatically, automate app updates, and track installation and update statuses for managed apps. | App deployment, updates, and update status |
How to...
To create an MDM profile, complete the following steps:
- In your VSA instance, navigate to Administration > Configuration > Profiles.
- The Profiles page will load. At the top of the Folders list, click All Profiles.
- In the Profiles pane, click New Profile.
- The Create New Profile page will load.
- In the Details section, enter a name and a brief description for the profile
- In the Policy Type section, make the following selections:
- Policy Type: Device Configuration
- Configuration Type: Any Apple MDM configuration type
- Click Next.
- Select a configuration section from the Not Configured Sections list. Then, click Add Configuration.
- You'll notice that the selected configuration moves into the Configured Sections list. Complete all applicable fields.
- To add additional configuration sections, click Add Configuration. To remove a section, click the Remove link next to its name.
- When you've finished customizing the profile, click Create.
Next, you'll need to create a policy that defines the devices to which you'd like to automatically apply your configuration. Complete the following steps:
- Navigate to Configuration > Policies. Create a new policy or edit an existing policy.
- Click Assign Profile.
- Locate the profile you'd like to use. Select it by clicking the radio button next to its name.
- Click Assign.
- VSA 10 will begin enforcing the selected profile immediately. You can view it in effect at Configuration > Policies.