Automated Device Enrollment in Jamf Now

Automated Device Enrollment using Apple Business Manager or Apple School Manager allows you to automatically download Jamf Now management settings to hardware immediately upon activation. This means you can deploy new hardware without any IT action needed. The first time these devices turn on, they will automatically enroll with Jamf Now.

Once a device has been added to your MDM Server with Apple and linked with Jamf Now, the device's serial numbers will appear in Jamf Now in the Auto-Enrollment tab, under View Devices.

With supervision, you can push operating system updates, leverage advanced security options, and restrict core functionality of the devices like iTunes and Safari.

Setting Up Automated Device Enrollment

Requirements

An Apple Business Manager or Apple School Manager account

Note:

Requesting access to one of these deployment programs is a short sign up process, but you should expect a waiting period after signing up. Apple reviews your credentials and application, which typically takes 5 to 10 days.

  1. Log in to Jamf Now.
  2. Click Auto-Enrollment.
  3. Select Apple Business Manager or Apple School Manager and click Next.
  4. Download your Token Public Key and click Next. You will use this to create your server token with Apple.
  5. Log in to your selected program and follow these steps:

    1. If prompted, follow the onscreen instructions to verify your identity.

    2. In the sidebar, select Settings, and then click Device Management Settings.

    3. Click Add MDM Server.

    4. Enter a name for your MDM server, and then click Next.

    5. Click Choose File, and then upload the public key you downloaded from Jamf Now.

    6. Click Next and download the server token file. After you create your new server token on the Apple portal, you can now upload it to Jamf Now.

  6. In Jamf Now, drag and drop or click browse to select the new token from your directory.
  7. Click Done.
  8. (Optional) Click Choose Setup Assistant Steps to choose the screens displayed when devices enroll.

Ensuring Jamf Now Can Access Devices

  1. Log in to Jamf Now.
  2. Click Auto-Enrollment.
  3. Click View Devices.
  4. Confirm device serial numbers are displaying on this page.

Reassigning Devices to Your Jamf Now MDM Server

If a device is not displaying its serial number in Jamf Now, edit the device's management in Apple Business Manager or Apple School Manager, and ensure it is assigned to your Jamf Now MDM server.

  1. Log in to Apple Business Manager or Apple School Manager.
    1. Click Devices.
    2. At the top of the pane, search for a device's serial number using the search field.
    3. Click on the device you want to edit, and then click Edit Device Management to reassign the device.
  2. Log in to Jamf Now.
    1. Click Auto-Enrollment.
    2. Click View Devices.
    3. Click Sync Devices.

Enrolling Devices using Automated Device Enrollment

To enroll a device, turn on the device and connect to Wi-Fi. The built-in Setup Assistant will detect that the device is associated with Jamf Now, and it will automatically enroll.

Screenshot of Setup Assistant and Remote Management by Jamf.