You are previewing Managing Apple Devices: Deploying and Maintaining iOS and OS X Devices, Second Edition.
O'Reilly logo
Managing Apple Devices: Deploying and Maintaining iOS and OS X Devices, Second Edition

Book Description

Managing Apple Devices, Second Edition will enable you to create an effective plan for deploying and maintaining groups of Apple devices using iOS 8 and OS X Yosemite in your organization. This all-in-one resource teaches a wide variety of Apple management technologies; explains the theory behind the tools; and provides practical, hand-on exercises to get you up and running with the tools. You will be introduced to Apple management technologies including Mobile Device Management, the Volume Purchase Program, and the Device Enrollment Program. For example, not only will you learn how to use Profile Manager–A pple’s implementation of Mobile Device Management–but you will also learn about the ideas behind profile management and how to make configuration easier for both administrators and users while maintaining a highly secure environment.

The exercises contained within this guide are designed to let you explore and learn the tools provided by Apple for deploying and managing iOS 8 and OS X Yosemite systems. They start with verification of access to necessary services, move on to the configuration of those services, and finally test the results of those services on client devices.

Each lesson builds on previous topics and is designed to give technical coordinators and system administrators the skills, tools, and knowledge to deploy and maintain Apple devices by:

• Providing knowledge of how Apple deployment technologies work
• Showing how to use specific deployment tools
• Explaining deployment procedures and best practices
• Offering practical exercises step-by-step solutions available

Table of Contents

  1. Title Page
  2. Copyright Page
  3. Dedication Page
  4. Acknowledgments
  5. Contents
  6. Lesson 1. About This Guide
    1. Prerequisites
      1. Using Apple Deployment Programs
    2. Learning Methodology
    3. Lesson Structure
    4. Exercise Setup
      1. Mandatory Requirements
      2. Network Infrastructure
      3. Exercise Order
  7. Lesson 2. Apple Management Concepts
    1. Reference 2.1 Understanding Apple’s Goals
      1. Apple’s Customer
      2. How Apple Sees IT
      3. This Guide’s Goal
    2. Reference 2.2 Device Management and Supervision
      1. Management via Profiles
      2. Mobile Device Management
      3. Device Supervision
    3. Reference 2.3 Apple ID Considerations
      1. Creating Apple IDs
      2. Managing Apple IDs
      3. Apple ID Two-Step Verification
      4. Shared Apple IDs
      5. Institutional Apple IDs
    4. Reference 2.4 iCloud in Managed Environments
      1. iCloud Setup
      2. iCloud Content and Backup
      3. iCloud Security
      4. Find My Device and Activation Lock
      5. iCloud Family Sharing
    5. Reference 2.5 Apple Deployment Programs
      1. Device Enrollment Program
      2. Volume Purchase Program
      3. Apple ID for Students
    6. Reference 2.6 Deployment Scenarios
      1. Individual Personal Device
      2. Institutional Personal Device
      3. Institutional Shared Device
    7. Exercise 2.1 Configure Your Client Mac
      1. Challenge
      2. Considerations
      3. Solution
    8. Exercise 2.2 Create Apple IDs
      1. Challenge
      2. Considerations
      3. Solution
    9. Exercise 2.3 Verify Administrator Apple ID Access
      1. Challenge
      2. Solution
    10. Exercise 2.4 Configure Your iOS Device
      1. Challenge
      2. Considerations
      3. Solution
  8. Lesson 3. Infrastructure Considerations
    1. Reference 3.1 Network Considerations
      1. Network Infrastructure
      2. Network Service Integration
      3. Network Service Availability
    2. Reference 3.2 Security Considerations
      1. Physical Security
      2. Securing Data at Rest
      3. Securing Data in Transit
      4. Recovery Solutions
    3. Reference 3.3 Physical Logistics
      1. Power Infrastructure
      2. Estimating Power Needs
      3. Cooling Infrastructure
      4. Handling Logistics
      5. Disposal and Recycling
    4. Reference 3.4 Support Options
      1. AppleCare
      2. Self-Service
    5. Exercise 3.1 Verify Network Service Availability
      1. Challenge
      2. Considerations
      3. Solution
  9. Lesson 4. OS X Server for Yosemite
    1. Reference 4.1 OS X Server Benefits
      1. Services Covered in This Guide
    2. Reference 4.2 OS X Server Setup
      1. Verifying Server Hardware Requirements
      2. Server Hardware Considerations
      3. Server Network Considerations
      4. External Access and Reachability Testing
    3. Reference 4.3 TLS/SSL Certificates
      1. Understanding Certificates
      2. Certificate Signed by an Open Directory CA
      3. Issues with an Untrusted Certificate
      4. Certificate Signed by a Widely Trusted CA
    4. Exercise 4.1 Prepare Your Mac for OS X Server for Yosemite
      1. Challenge
      2. Considerations
      3. Solution
    5. Exercise 4.2 Install OS X Server for Yosemite
      1. Challenge
      2. Considerations
      3. Solution
    6. Exercise 4.3 Configure OS X Server for Yosemite
      1. Challenge
      2. Considerations
      3. Solution
    7. Exercise 4.4 Configure Server on Your Client Computer (Optional)
      1. Challenge
      2. Considerations
      3. Solution
  10. Lesson 5. Caching Service
    1. Reference 5.1 Caching Service Architecture
      1. Caching Service Requirements
      2. Caching Service Automatic Discovery
      3. Caching Service on a Private Network
      4. Caching Service on a Network with Public Addresses
    2. Reference 5.2 Caching Service Setup
      1. Additional Caching Service Configuration
      2. Monitoring the Caching Service
    3. Reference 5.3 Caching Service Troubleshooting
      1. Test the Caching Service
      2. Confirm Caching Service Basics
      3. Examine Caching Service via Activity Monitor
      4. Examine Caching Service Logs
    4. Exercise 5.1 Turn On and Verify the Caching Service
      1. Challenge
      2. Considerations
      3. Solution
  11. Lesson 6. Configuration and Profiles
    1. Reference 6.1 Understanding Profiles
      1. Profile Types
      2. Profile Document Inspection
      3. Profile Code Signing
    2. Reference 6.2 Profile Manager Setup
      1. Profile Manager Components
      2. Profile Manager Service Configuration
      3. Default Configuration Profile
      4. Turn On Profile Code Signing
    3. Reference 6.3 Creating Profiles via Profile Manager
      1. Manual Profile Installation Workflows
      2. User and User Group Profiles
      3. General Profile Settings
      4. Profile Payloads
    4. Reference 6.4 Manually Installing Profiles
      1. Download Profiles via Administrator
      2. Download Profiles via User Portal
      3. Manual Profile Installation
    5. Exercise 6.1 Turn On Profile Manager
      1. Challenge
      2. Considerations
      3. Solution
    6. Exercise 6.2 Create, Download, and Install Profiles for Users and Groups
      1. Challenge
      2. Considerations
      3. Solution
    7. Exercise 6.3 Inspect the Effects of Signing
      1. Challenge
      2. Considerations
      3. Solution
    8. Exercise 6.4 Clean Up Profiles
      1. Challenge
      2. Considerations
      3. Solution
  12. Lesson 7. Mobile Device Management
    1. Reference 7.1 Mobile Device Management Architecture
      1. MDM Features
      2. MDM Push
      3. MDM Enrollment
    2. Reference 7.2 Profile Manager Device Management
      1. Device Management Requirements
      2. Enable Device Management for Profile Manager
    3. Reference 7.3 User-Initiated Enrollment
      1. Encouraging User Enrollment
      2. Enrolling via the My Devices Portal
      3. User-Initiated Unenrollment
    4. Reference 7.4 Profile Manager Inventory and Organization
      1. Inspect Devices
      2. Associating Devices with Users
      3. Device Groups
      4. Device Placeholders
    5. Reference 7.5 Profile Manager Administrative Tasks
      1. Profile Manager Tasks
      2. My Devices Portal Tasks
    6. Reference 7.6 Automatically Pushing Profiles
      1. Management Organization
      2. Automatic Profile Push
      3. Inspecting Automatically Pushed Profiles
    7. Exercise 7.1 Enable Device Management
      1. Challenge
      2. Solution
    8. Exercise 7.2 Enroll Over the Air
      1. Challenge
      2. Considerations
      3. Solution
    9. Exercise 7.3 Deploy Management Settings
      1. Challenge
      2. Considerations
      3. Solution
    10. Exercise 7.4 Unenroll Over the Air
      1. Challenge
      2. Solution
  13. Lesson 8. Apple Configurator: Planning and Setup
    1. Reference 8.1 Apple Configurator Planning
      1. Apple Configurator Prepare and Supervise
      2. Apple Configurator Logistical Considerations
      3. Apple Configurator Backup
      4. Prepare Devices Limitations
    2. Reference 8.2 Apple Configurator Installation and Setup
      1. Apple Configurator Installation
      2. Apple Configurator Views
      3. Apple Configurator Preferences
    3. Exercise 8.1 Get Apple Configurator
      1. Challenge
      2. Considerations
      3. Solution
  14. Lesson 9. Apple Configurator: Unsupervised iOS Devices
    1. Reference 9.1 Prepare iOS Devices
      1. Prepare Settings: Name
      2. Prepare Settings: Update iOS
      3. Prepare Mode
    2. Reference 9.2 Install and Edit Profiles
      1. Install Profiles on Unsupervised Devices
      2. Edit Profiles in Apple Configurator
    3. Reference 9.3 Customize Setup Assistant
      1. Skip Setup Assistant Screens
      2. Configure Device Enrollment via Setup Assistant
      3. Verify Setup Assistant Customizations
    4. Exercise 9.1 Apple Configurator: Prepare an Unsupervised iOS Device
      1. Challenge
      2. Considerations
      3. Solution
  15. Lesson 10. Apple Configurator: Supervised iOS Devices
    1. Reference 10.1 Prepare Supervised iOS Devices
      1. Prepare Settings: Device Supervision
      2. Apple Configurator: Differences Between Supervised and Unsupervised
    2. Reference 10.2 Automatically Install Profiles and Enroll Devices
      1. Profiles Needed for MDM Enrollment
      2. Profile Installation Order
      3. Install Profiles on Supervised Devices
    3. Reference 10.3 Back Up and Restore iOS Content
      1. Backup and Restore Limitations
      2. Backup and Restore Examples
      3. Creating iOS Backups for Restore
    4. Reference 10.4 Manage Supervised iOS Devices
      1. Supervised Devices List
      2. Refresh or Modify Supervised Devices
      3. Unsupervise Devices
    5. Exercise 10.1 Apple Configurator: Prepare a Supervised iOS Device
      1. Challenge
      2. Considerations
      3. Solution
    6. Exercise 10.2 Apple Configurator: Back Up and Restore a Supervised iOS Device
      1. Challenge
      2. Considerations
      3. Solution
  16. Lesson 11. Apple Configurator: App Management
    1. Reference 11.1 Install Apps via Apple Configurator
      1. Apple Configurator and Apple IDs
      2. Free Compared to Paid iOS App Store Items
      3. Download iOS App Store Items
      4. Install iOS App Store Items
    2. Reference 11.2 Update Apps Deployed via Apple Configurator
      1. Update Apps via Apple Configurator
      2. Update Apps via iOS Software Update
    3. Reference 11.3 Single App Mode
      1. Single App Mode via Apple Configurator
      2. Single App Mode via Profile Manager
    4. Exercise 11.1 Apple Configurator: Prepare to Distribute a Free App
      1. Challenge
      2. Considerations
      3. Solution
    5. Exercise 11.2 Deploy Apps to Supervised Devices with Configurator
      1. Challenge
      2. Considerations
      3. Solution
  17. Lesson 12. Out-of-the-Box Management via DEP
    1. Reference 12.1 Device Enrollment Program Introduction
      1. DEP Service Overview
      2. DEP Service Requirements
      3. DEP Service Enrollment
      4. Managing DEP Administrators
    2. Reference 12.2 Integrate DEP with Profile Manager
      1. Add Servers in DEP
      2. Manage Servers in DEP
      3. Assign Devices in DEP
      4. Manage Multiple DEP Devices
      5. Manage Individual DEP Devices
    3. Reference 12.3 Configure DEP Assignments in Profile Manager
      1. DEP Assignment Placeholders
      2. Create Device Groups from DEP Assignments
      3. Define Enrollment Settings for DEP Assignments
      4. Verify DEP Functionality
      5. DEP Enforcement Limitations
    4. Exercise 12.1 Enroll with Apple Deployment Programs
      1. Challenge
      2. Considerations
      3. Solution
    5. Exercise 12.2 Configure Profile Manager for DEP
      1. Challenge
      2. Solution
    6. Exercise 12.3 Assign Devices to an MDM Service
      1. Challenge
      2. Considerations
      3. Solution
    7. Exercise 12.4 Create and Manage Device Enrollments
      1. Challenge
      2. Considerations
      3. Solution
  18. Lesson 13. Activation Lock Management
    1. Reference 13.1 Activation Lock Introduction
      1. How Activation Lock Affects Administration
      2. Find My Device and Activation Lock
      3. Activation Lock Behavior
    2. Reference 13.2 Manage Activation Lock
      1. Allowing Activation Lock via Profile Manager
      2. Clearing Activation Lock via Profile Manager
    3. Exercise 13.1 Control Activation Lock on a Managed Device
      1. Challenge
      2. Considerations
      3. Solution
  19. Lesson 14. VPP-Managed Apps and Books
    1. Reference 14.1 Volume Purchase Program Essentials
      1. Apple Stores Overview and Licensing
      2. VPP Licensing Overview
      3. VPP Redemption Codes
      4. VPP Managed Distribution
    2. Reference 14.2 VPP Service Enrollment and Administration
      1. VPP Service Enrollment
      2. VPP Web Portal
      3. VPP Account Management
    3. Reference 14.3 Integrate VPP with Profile Manager
      1. MDM Service VPP Integration
      2. Profile Manager VPP Integration
    4. Reference 14.4 Purchasing VPP Apps and Books
      1. Direct VPP Payment
      2. VPP Credit
      3. VPP Purchases
      4. VPP Purchases in Profile Manager
    5. Reference 14.5 VPP Managed Distribution Assignments
      1. Assigning VPP Apps and Books
      2. Revoking VPP-Assigned Apps
    6. Reference 14.6 VPP Managed Distribution User Enrollment
      1. Sending VPP Invitations
      2. Accepting VPP Invitations
      3. Verifying VPP Enrollment
      4. Remove VPP Managed Distribution
    7. Reference 14.7 Installing VPP-Assigned Apps and Books
      1. Manually Install VPP Apps and Books
      2. Automatic Installation of New VPP Assignments
      3. Turn On Automatic Downloads and Updates
    8. Exercise 14.1 Configure Profile Manager for VPP
      1. Challenge
      2. Considerations
      3. Solution
    9. Exercise 14.2 Purchase and Assign Licensed Apps and Books
      1. Challenge
      2. Considerations
      3. Solution
    10. Exercise 14.3 Invite Participants for VPP Managed Distribution
      1. Challenge
      2. Considerations
      3. Solution
    11. Exercise 14.4 Install VPP Apps Manually
      1. Challenge
      2. Considerations
    12. Exercise 14.5 Remove VPP Managed Distribution Services and Unassign Apps
      1. Challenge
      2. Considerations
  20. Lesson 15. In-House Apps and Books
    1. Reference 15.1 Deploy In-House Apps and Books
      1. Acquire In-House iOS Apps
      2. Acquire In-House OS X Apps
      3. Acquire In-House Books
      4. Workflows for Deploying In-House Items to iOS Devices
      5. Workflows for Deploying In-House Items to OS X Computers
    2. Reference 15.2 Manage In-House Apps and Books via Profile Manager
      1. In-House Apps and Books in the Profile Manager Library
      2. Manage In-House Apps and Books for iOS Devices
      3. Push In-House Apps to OS X Computers
    3. Exercise 15.1 Deploy In-House Apps via Profile Manager (Optional)
      1. Challenge
      2. Considerations
      3. Solution
    4. Exercise 15.2 Deploy In-House Books via Profile Manager
      1. Challenge
      2. Considerations
      3. Solution
  21. Lesson 16. User Data and Services
    1. Reference 16.1 User Content Considerations
      1. Traditional Sharing and Storage Options
      2. Internet Sharing and Storage Options
      3. iCloud Drive
      4. iOS iTunes Syncing
      5. iOS Backup Solutions
      6. iOS Restoration Workflows
      7. OS X Backup Solutions
    2. Reference 16.2 OS X Server Wiki
      1. Turn On the OS X Server Wiki Service
      2. Storing Content in the Wiki Service
      3. Sharing Content via the Wiki Service
    3. Reference 16.3 OS X Server WebDAV
      1. Enabling OS X Server WebDAV Access
      2. Accessing WebDAV on iOS Devices
      3. Accessing WebDAV on OS X Computers
    4. Exercise 16.1 Use the OS X Server Wiki
      1. Challenge
      2. Considerations
      3. Solution
    5. Exercise 16.2 Use an OS X Server WebDAV Share
      1. Challenge
      2. Considerations
      3. Solution
  22. Lesson 17. Managing Access
    1. Reference 17.1 Managed Open In
      1. Understanding Managed Apps and Accounts
      2. Configuring Managed Open In
    2. Reference 17.2 Limit Access to Content and Services
      1. iOS Restrictions to Limit Content and Services
      2. OS X Restrictions to Limit Content and Services
    3. Exercise 17.1 Manage Open In
      1. Prerequisites
      2. Challenge
      3. Considerations
      4. Solution
    4. Exercise 17.2 Restrict Access to Services via Profile
      1. Prerequisite
      2. Challenge
      3. Considerations
      4. Solution
  23. Lesson 18. Develop a Management Plan
    1. Reference 18.1 Define Requirements
      1. Planning Methodology
      2. Logistics and Infrastructure
      3. Usage Management
      4. System Deployment
      5. Item Management
      6. Ongoing Maintenance
    2. Reference 18.2 Consider Third-Party Solutions
      1. Third-Party Management Features
    3. Exercise 18.1 Develop a Management Plan
      1. Challenge
      2. Considerations
      3. Solution
      4. Logistics and Infrastructure
      5. Usage Management
      6. System Deployment
      7. Item Management
      8. Ongoing Maintenance
  24. Index
  25. Code Snippets