Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 16:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 121
fleet/articles/macos-mdm-setup.md
Mike Thomas 2171544ad1
Docs quick reference optimization (#21331) 
This PR closes https://github.com/fleetdm/fleet/issues/21108

@noahtalerman, I double-checked all redirects, and they are working.
Clicking through the URLs in [this
spreadsheet](https://docs.google.com/spreadsheets/d/1djVynIMuJK4pT5ziJW12CluVqcaoxxnCLaBO3VXfAt4/edit?usp=sharing)
is a pretty quick way to go through them all. Note that "Audit logs" and
"Understanding host vitals" redirect to the contributor docs on GitHub,
so they will throw a 404 until this is merged.

Some new guides benefitted from a name change, so they make more sense
as stand-alone guides, and also so that we don't have to mess around
with more redirects later. Those name changes followed [this
convention](https://fleetdm.com/handbook/company/communications#headings-and-titles),
which was recently documented in the handbook.

Have fun!

---------

Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Noah Talerman <noahtal@umich.edu>
2024-08-16 15:30:31 -05:00

2.3 KiB
Raw Blame History

macOS MDM setup

To turn on macOS, iOS, and iPadOS MDM features, follow the instructions on this page to connect Fleet to Apple Push Notification service (APNs).

To use automatic enrollment (aka zero-touch) features on macOS, iOS, and iPadOS, follow instructions to connect Fleet with Apple Business Manager (ABM).

To turn on Windows MDM features, head to this Windows MDM setup article.

Apple Push Notification service (APNs)

Apple uses APNs to authenticate and manage interactions between Fleet and hosts.

To connect Fleet to APNs or renew APNs, head to the Settings > Integrations > Mobile device management (MDM) page.

Apple requires that APNs certificates are renewed annually.

  • If your certificate expires, you will have to turn MDM off and back on for all macOS hosts.
  • Be sure to use the same Apple ID from year-to-year. If you don't, you will have to turn MDM off and back on for all macOS hosts.

Apple Business Manager (ABM)

Available in Fleet Premium

To connect Fleet to ABM or renew ABM, head to the Settings > Integrations > Automatic enrollment > Apple Business Manager page.

After connecting Fleet to ABM, set Fleet to be the MDM for all Macs:

  1. Log in to Apple Business Manager
  2. Click your profile icon in the bottom left
  3. Click Preferences
  4. Click MDM Server Assignment and click Edit next to Default Server Assignment.
  5. Switch Mac, iPhone, and iPad to Fleet.

macOS, iOS, and iPadOS hosts listed in ABM and associated to a Fleet instance with MDM enabled will sync to Fleet and appear in the Hosts view with the MDM status label set to "Pending".

macOS hosts that automatically enroll will be assigned to a default team. If no default team is set, then the host will be placed in "No team".

A host can be transferred to a new (not default) team before it enrolls. In the Fleet UI, you can do this under Settings > Teams.