Allen HVAC* is currently running on-premises AD environment with user identities synchronized to Azure Active Directory using Azure AD Connect (DirSync). They engaged Infrassist Technologies Pvt Ltd. to provide professional services in implementing Apple Business Manager Intune Integration. Also, with key device management & configurations targeting to an organization-wide group of iOS / iPad OS devices only.
Technical Challenges
Apple iPhone OS/iPad OS devices were neither being procured directly from apple nor from an authorized reseller supporting Apple Automated Device Enrollment (ADE) program leading to no devices were onboarded under Apple Business Manager which is a must pre-requisite for zero touch deployment using ABM & Intune MDM Integration. An alternative workaround solution was provided to customer for manually onboarding Apple Devices (iOS/iPad OS) under Apple Business Manager using Apple Configurator 2 app on Mac OS.
Solution
All organization owned Apple Devices (iPhone/iPad OS) enrolled under Apple Business Manager were provisioned to business ready state by Intune MDM Integration as shown in below diagram.
- Ideally Apple device serial IDs are uploaded by Apple or an authorized reseller to an organization’s Apple Business Manager account as shown below, particularly for this customer since devices aren’t purchased directly from vendor or an authorized reseller supporting Apple Busines Manager program, they were enrolled under Apple Business Manager manually using Apple configurator 2 app on macOS.The existing tenant configurations of users was also not obstructed.
- There’s an integration setup between Apple Business Manager (ABM) & Microsoft Intune MDM for synchronization of devices from ABM to Intune portal & enrollment profiles sync using established trust relationship.
- All required device management & App Policies are configured under Microsoft Intune MDM.
- Devices are directly shipped to users & upon first boot it receives enrollment & management profiles created under Intune using complete Out of Box (OOBE) experience.
Technologies Used
Accomplishment
All corporate owned apple devices are provisioned, re-purposed & fully managed with zero touch out of box experience using Apple Business Manager & Intune MDM Integration.
