Hello
I'm currently migrating our mobile phones from Mobile Iron to Maas360. All our old iPhones and and new phones are enrolled in Apple DEP program and synced through Maas360. Up until Wednesday, we were required to do a device wipe in order to enroll the devices in Maas360 and during set up after choosing the language, location, connect to wifi and set up manually, the next screen was "Remote Management" that prompts for our company username and password. This automatically pushed the Maas360 profile to the phones but since yesterday, after wiping the devices, the "Remote Management" option does not show up hence the phone is setup manaually like any other phone. I can then manually configure the Maas360 profile by adding the device to the user and a text/email is sent to the phone with a link to configure Maas360. Did anything change overnight that anyone is aware of? Does this mean any device can be enrolled in Maas360 even if it is not in the Apple DEP program?

------------------------------
Emily Mogeni
------------------------------

Hello,

There is nothing changed from MaaS360 side. Can you please check your DEP profile that you have assigned to these devices? It looks like these devices which are not getting into MDM enrollment are assigned with a DEP profile which has “Require MDM Enrollment”flag as false. If this flag is true for the profile and problem persist, please reach out to our support and raise a ticket. 

Any iOS device can be enrolled into MaaS360 MDM. Devices that are flagged with DEP program has seamless MDM enrollment. Other devices can use an enrollment url and get enrolled. However, DEP has advanced management and restriction features compared to non-DEP devices. 

Also, you can enroll the device with url https://m.dm/<your corporate identifier> instead of creating a seperate enrollment request for each device.

------------------------------
Dhanasekar Varadarajan
IBM MaaS360 Offering Management
------------------------------

Original Message:
Sent: 07-13-2018 08:21
From: Emily Mogeni
Subject: Apple DEP and Maas360 device enrollment

Hello
I'm currently migrating our mobile phones from Mobile Iron to Maas360. All our old iPhones and and new phones are enrolled in Apple DEP program and synced through Maas360. Up until Wednesday, we were required to do a device wipe in order to enroll the devices in Maas360 and during set up after choosing the language, location, connect to wifi and set up manually, the next screen was "Remote Management" that prompts for our company username and password. This automatically pushed the Maas360 profile to the phones but since yesterday, after wiping the devices, the "Remote Management" option does not show up hence the phone is setup manaually like any other phone. I can then manually configure the Maas360 profile by adding the device to the user and a text/email is sent to the phone with a link to configure Maas360. Did anything change overnight that anyone is aware of? Does this mean any device can be enrolled in Maas360 even if it is not in the Apple DEP program?

------------------------------
Emily Mogeni
------------------------------

Yes, any device can be manually enrolled in Maas360 by text or manually going to your company specified URL, however you lose a lot of control that way. You want to have it enroll upon boot up via DEP enrollment to get "supervised" rights. This allows a lot more control of the device and also the enrollment can be locked down as to the manual way it cannot.

My suggestion is that, if the factory wipe and restore is not working, maybe hook up the devices having the issues to iTunes, reboot into DFU mode and do a restore "and update" if they need the latest iOS installed that way and enrollment should be promoted upon boot up.

As always, verify that the device is in your DEP server account with APPLE that way it will enforce policy.

------------------------------
Kevin Corr
IT Manager
Yellowhouse Machinery Co.
------------------------------

Original Message:
Sent: 07-13-2018 08:21
From: Emily Mogeni
Subject: Apple DEP and Maas360 device enrollment

Hello
I'm currently migrating our mobile phones from Mobile Iron to Maas360. All our old iPhones and and new phones are enrolled in Apple DEP program and synced through Maas360. Up until Wednesday, we were required to do a device wipe in order to enroll the devices in Maas360 and during set up after choosing the language, location, connect to wifi and set up manually, the next screen was "Remote Management" that prompts for our company username and password. This automatically pushed the Maas360 profile to the phones but since yesterday, after wiping the devices, the "Remote Management" option does not show up hence the phone is setup manaually like any other phone. I can then manually configure the Maas360 profile by adding the device to the user and a text/email is sent to the phone with a link to configure Maas360. Did anything change overnight that anyone is aware of? Does this mean any device can be enrolled in Maas360 even if it is not in the Apple DEP program?

------------------------------
Emily Mogeni
------------------------------

Hi Emily, unfortunately getting stuck in what I call "MDM limbo" happens sometimes even on brand new out of the box devices.  Here are the steps that work for us to get the phone out of limbo:

 

Open itunes

Connect phone to PC

Power on phone

While connected, press and hold POWER and HOME buttons until itunes logo appears (not apple)

Via itunes prompt, choose RESTORE

Via itunes prompt, choose RESTORE AND UPDATE (this puts phone in recovery mode)

Watch for prompts via itunes, and process can take up to 20 minutes but phone should be back to OEM settings
Disconnect from itunes, reboot and try MDM setup again

Julie

------------------------------
Julie Liddle
------------------------------

Original Message:
Sent: 07-13-2018 08:21
From: Emily Mogeni
Subject: Apple DEP and Maas360 device enrollment

Hello
I'm currently migrating our mobile phones from Mobile Iron to Maas360. All our old iPhones and and new phones are enrolled in Apple DEP program and synced through Maas360. Up until Wednesday, we were required to do a device wipe in order to enroll the devices in Maas360 and during set up after choosing the language, location, connect to wifi and set up manually, the next screen was "Remote Management" that prompts for our company username and password. This automatically pushed the Maas360 profile to the phones but since yesterday, after wiping the devices, the "Remote Management" option does not show up hence the phone is setup manaually like any other phone. I can then manually configure the Maas360 profile by adding the device to the user and a text/email is sent to the phone with a link to configure Maas360. Did anything change overnight that anyone is aware of? Does this mean any device can be enrolled in Maas360 even if it is not in the Apple DEP program?

------------------------------
Emily Mogeni
------------------------------