diff --git a/docs/Using-Fleet/MDM-setup.md b/docs/Using-Fleet/MDM-setup.md index cbfb38e34c..ae6b527115 100644 --- a/docs/Using-Fleet/MDM-setup.md +++ b/docs/Using-Fleet/MDM-setup.md @@ -5,13 +5,13 @@ MDM features are not ready for production and are currently in development. Thes In Fleet, MDM features are supported for Macs running macOS 12 (Monterey) and higher. -Various MDM features may work for Macs running unsupported macOS versions, but Fleet has not tested functionality for unsupported versions. +# Overview -# Set up +MDM features require Apple's Push Notification service (APNs) to control and secure Apple devices. This guide will walk you through how to generate and upload a valid APNs certificate to Fleet in order to use Fleet's MDM features. -To use MDM features, like enforcing settings and operating system version, you have to connect Fleet to Apple using Apple Push Notification service (APNs). +[Automated Device Enrollment](https://support.apple.com/en-us/HT204142) allows Macs to automatically enroll to Fleet when they are first set up. This guide will walk you through how to connect Apple Business Manager (ABM) to Fleet. Note that this is only required if you are using Automated Device Enrollment AKA Device Enrollment Program (DEP) AKA "Zero-touch." -To use automatically enroll new Macs to Fleet, you have to connect Fleet to Apple Business Manager (ABM). +> Only users with the admin role in Fleet can complete these setups. ## Apple Push Notification service (APNs) @@ -33,7 +33,7 @@ Fleet UI: > Take note of the Apple ID you use to sign into Apple Push Certificates Portal. You'll need to use the same Apple ID when renewing your APNs certificate. Apple requires that APNs certificates are renewed once every year. To renew, see the [APNs Renewal section](#ap-ns-renewal) . -### APNs Renewal +## Renewing APNs Apple requires that APNs certificates are renewed once every year. You can see the certificate's renewal date and other important APNs information using the Fleet UI or the `fleetctl` command-line interface: @@ -111,7 +111,7 @@ Fleet UI: 3. Run the `fleetctl apply -f ` command. -### ABM Renewal +## Renewing ABM The Apple Business Manager server token expires after a year or whenever the account that downloaded the token has their password changed. To renew the token, follow the [instructions documented in this FAQ](https://fleetdm.com/docs/using-fleet/faq#how-can-i-renew-my-apple-business-manager-server-token).