You are previewing Managing Apple Devices: Deploying and Maintaining iOS 9 and OS X El Capitan Devices, Third Edition.
O'Reilly logo
Managing Apple Devices: Deploying and Maintaining iOS 9 and OS X El Capitan Devices, Third Edition

Book Description

Managing Apple Devices, Third Edition will enable you to create an effective plan for deploying and maintaining groups of Apple devices using iOS 9 and OS X El Capitan in your organization. This all-in-one resource teaches a wide variety of Apple management technologies; explains the theory behind the tools; and provides practical, hand-on exercises to get you up and running with the tools. You will be introduced to Apple management technologies including Mobile Device Management, the Volume Purchase Program, and the Device Enrollment Program. For example, not only will you learn how to use Profile Manager—Apple’s implementation of Mobile Device Management—but you will also learn about the ideas behind profile management and how to make configuration easier for both administrators and users while maintaining a highly secure environment.

The exercises contained within this guide are designed to let you explore and learn the tools provided by Apple for deploying and managing iOS 9 and OS X El Capitan systems. They start with verification of access to necessary services, move on to the configuration of those services, and finally test the results of those services on client devices.

Each lesson builds on previous topics and is designed to give technical coordinators and system administrators the skills, tools, and knowledge to deploy and maintain Apple devices by:

  • Providing knowledge of how Apple deployment technologies work

  • Showing how to use specific deployment tools

  • Explaining deployment procedures and best practices

  • Offering practical exercises step-by-step solutions available

  • Table of Contents

    1. Title Page
    2. Copyright Page
    3. Dedication Page
    4. Acknowledgments
    5. Table of Contents
    6. Lesson 1. About This Guide
      1. Prerequisites
        1. Using the Apple Deployment Programs and Apple School Manager
      2. Learning Methodology
      3. Lesson Structure
      4. Exercise Setup
        1. Mandatory Requirements
        2. Network Infrastructure
        3. Exercise Order
        4. Apple Online Documentation
    7. Lesson 2. Apple Management Concepts
      1. Reference 2.1 Understanding Apple’s Goals
        1. Apple’s Customer
        2. How Apple Sees IT
        3. Keeping Up with What’s New
        4. This Guide’s Goal
      2. Reference 2.2 Device Management and Supervision
        1. Management via Profiles
        2. Mobile Device Management
        3. Device Supervision
      3. Reference 2.3 Apple ID Considerations
        1. Creating Apple IDs
        2. Managing Apple IDs
        3. Apple ID Two-Step Verification
        4. Shared Apple IDs
        5. Institutional Apple IDs
      4. Reference 2.4 iCloud in Managed Environments
        1. iCloud Setup
        2. iCloud Content and Backup
        3. iCloud Security
        4. Find My Device and Activation Lock
        5. iCloud Family Sharing
      5. Reference 2.5 Apple Deployment Programs
        1. Device Enrollment Program
        2. Volume Purchase Program
        3. Apple School Manager
      6. Reference 2.6 Deployment Scenarios
        1. User-Owned Device
        2. Organization-Owned, Personally Enabled Device
        3. Organization-Owned, Nonpersonalized Device
      7. Exercise 2.1 Configure Your Client Mac
        1. Challenge
        2. Considerations
        3. Solution
      8. Exercise 2.2 Create Apple IDs
        1. Challenge
        2. Considerations
        3. Solution
      9. Exercise 2.3 Verify Administrator Apple ID Access
        1. Challenge
        2. Solution
      10. Exercise 2.4 Configure Your iOS Device
        1. Challenge
        2. Considerations
        3. Solution
    8. Lesson 3. Infrastructure Considerations
      1. Reference 3.1 Network Considerations
        1. Network Infrastructure
        2. Network Service Integration
        3. Network Service Availability
      2. Reference 3.2 Security Considerations
        1. Physical Security
        2. Securing Data at Rest
        3. Securing Data in Transit
        4. Recovery Solutions
      3. Reference 3.3 Physical Logistics
        1. Power Infrastructure
        2. Estimating Power Needs
        3. Cooling Infrastructure
        4. Handling Logistics
        5. Disposal and Recycling
      4. Reference 3.4 Support Options
        1. AppleCare
        2. Self-Service
      5. Exercise 3.1 Verify Network Service Availability
        1. Challenge
        2. Considerations
        3. Solution
    9. Lesson 4. OS X Server 5 on El Capitan
      1. Reference 4.1 OS X Server Benefits
        1. Services Covered in This Guide
      2. Reference 4.2 OS X Server Setup
        1. Verifying Server Hardware Requirements
        2. Server Hardware Considerations
        3. Server Network Considerations
        4. External Access and Reachability Testing
      3. Reference 4.3 TLS/SSL Certificates
        1. Understanding Certificates
        2. Certificate Signed by an Open Directory CA
        3. Issues with an Untrusted Certificate
        4. Certificate Signed by a Widely Trusted CA
      4. Exercise 4.1 Prepare Your Mac to Install OS X Server for El Capitan
        1. Challenge
        2. Considerations
        3. Solution
      5. Exercise 4.2 Install OS X Server for El Capitan
        1. Challenge
        2. Considerations
        3. Solution
      6. Exercise 4.3 Configure OS X Server for El Capitan
        1. Challenge
        2. Considerations
        3. Solution
      7. Exercise 4.4 Configure Server on Your Client Computer (Optional)
        1. Challenge
        2. Considerations
        3. Solution
    10. Lesson 5. Caching Service
      1. Reference 5.1 Caching Service Architecture
        1. Caching Service Requirements
        2. Caching Service Automatic Discovery
        3. Caching Service on a Private Network
        4. Caching Service with Complex Networks
      2. Reference 5.2 Caching Service Setup
        1. Editing Caching Service Permissions
        2. Additional Caching Service Configuration
        3. Monitoring the Caching Service
      3. Reference 5.3 Caching Service Troubleshooting
        1. Test the Caching Service
        2. Confirm Caching Service Basics
        3. Examine Caching Service via Activity Monitor
        4. Examine Caching Service Logs
      4. Exercise 5.1 Turn On and Verify the Caching Service
        1. Challenge
        2. Considerations
        3. Solution
    11. Lesson 6. Configuration and Profiles
      1. Reference 6.1 Understanding Profiles
        1. Profile Types
        2. Profile Document Inspection
        3. Profile Code Signing
      2. Reference 6.2 Setting Up Profile Manager
        1. Profile Manager Components
        2. Profile Manager Service Configuration
        3. Default Configuration Profile
        4. Turn On Profile Code Signing
      3. Reference 6.3 Creating Profiles via Profile Manager
        1. Manual Profile Installation Workflows
        2. User and User Group Profiles
        3. General Profile Settings
        4. Profile Payloads
      4. Reference 6.4 Manually Installing Profiles
        1. Download Profiles via Administrator
        2. Download Profiles via User Portal
        3. Manual Profile Installation
      5. Exercise 6.1 Turn On Profile Manager
        1. Challenge
        2. Considerations
        3. Solution
      6. Exercise 6.2 Create, Download, and Install Profiles for Users and Groups
        1. Challenge
        2. Considerations
        3. Solution
      7. Exercise 6.3 Inspect the Effects of Signing
        1. Challenge
        2. Considerations
        3. Solution
      8. Exercise 6.4 Clean Up Profiles
        1. Challenge
        2. Considerations
        3. Solution
    12. Lesson 7. Mobile Device Management
      1. Reference 7.1 Mobile Device Management Architecture
        1. MDM Features
        2. MDM Push
        3. MDM Enrollment
      2. Reference 7.2 Profile Manager Device Management
        1. Device Management Requirements
        2. Enable Device Management for Profile Manager
      3. Reference 7.3 User-Initiated Enrollment
        1. Encouraging User Enrollment
        2. Enrolling via the My Devices User Portal
        3. User-Initiated Unenrollment
      4. Reference 7.4 Profile Manager Inventory and Organization
        1. Inspect Devices
        2. Associating Devices with Users
        3. Device Groups
        4. Device Placeholders
      5. Reference 7.5 Profile Manager Administrative Tasks
        1. Profile Manager Tasks
        2. My Devices User Portal Tasks
      6. Reference 7.6 Automatically Pushing Profiles
        1. Management Organization
        2. Automatic Profile Push
        3. Inspecting Automatically Pushed Profiles
      7. Exercise 7.1 Enable Device Management
        1. Challenge
        2. Solution
      8. Exercise 7.2 Enroll Over the Air
        1. Challenge
        2. Considerations
        3. Solution
      9. Exercise 7.3 Deploy Management Settings
        1. Challenge
        2. Considerations
        3. Solution
      10. Exercise 7.4 Unenroll Over the Air
        1. Challenge
        2. Solution
    13. Lesson 8. Out-of-the-Box Management via Apple Programs for Device Enrollment
      1. Reference 8.1 Introduction to Apple Programs for Device Enrollment
        1. DEP Service and Apple School Manager Overview
        2. DEP Service Requirements
        3. DEP Service Enrollment
        4. Managing DEP Administrators
      2. Reference 8.2 Integrate the DEP with Profile Manager
        1. Add Servers in DEP
        2. Manage Servers in DEP
        3. Assign Devices in the DEP
        4. Manage Multiple DEP Devices
        5. Manage Individual DEP Devices
      3. Reference 8.3 Configure DEP and Apple School Manager Assignments in Profile Manager
        1. Assignment Placeholders
        2. Create Device Groups from Enrollment Program Assignments
        3. Define Enrollment Settings for Enrollment Program Assignments
        4. Verify DEP or Apple School Manager Functionality
        5. DEP and Apple School Manager Enforcement Limitations
      4. Reference 8.4 Troubleshooting the Enrollment Process
      5. Exercise 8.1 Enroll with the Apple Deployment Programs (Optional)
        1. Challenge
        2. Considerations
        3. Solution
      6. Exercise 8.2 Configure Profile Manager for the Device Enrollment Program
        1. Challenge
        2. Solution
      7. Exercise 8.3 Assign Devices to an MDM Service
        1. Challenge
        2. Considerations
        3. Solution
      8. Exercise 8.4 Create and Manage Device Enrollments
        1. Challenge
        2. Considerations
        3. Solution
    14. Lesson 9. Activation Lock Management
      1. Reference 9.1 Activation Lock Introduction
        1. How Activation Lock Affects Administration
        2. Find My Device and Activation Lock
        3. Activation Lock Behavior
      2. Reference 9.2 Manage Activation Lock
        1. Allowing Activation Lock via Profile Manager
        2. Clearing Activation Lock via Profile Manager
      3. Exercise 9.1 Observe Activation Lock on an Unsupervised Device
        1. Challenge
        2. Considerations
        3. Solution
      4. Exercise 9.2 Control Activation Lock on a Supervised Device
        1. Challenge
        2. Considerations
        3. Solution
    15. Lesson 10. VPP-Managed Apps and Books
      1. Reference 10.1 Volume Purchase Program Essentials
        1. What’s New
        2. Apple Stores Overview and Licensing
        3. VPP Licensing Overview
        4. Legacy VPP Redemption Codes
        5. VPP Managed Distribution
        6. Managed Apps and Books
      2. Reference 10.2 VPP Service Enrollment and Administration
        1. VPP Service Enrollment
        2. VPP Website
        3. VPP Account Management
      3. Reference 10.3 Integrate VPP with Profile Manager
        1. MDM Service VPP Integration
        2. Profile Manager VPP Integration
      4. Reference 10.4 Purchasing VPP Apps and Books
        1. Direct VPP Payment
        2. VPP Credit
        3. VPP Purchases
        4. VPP Purchases in Profile Manager
      5. Reference 10.5 VPP Managed Distribution Assignments
        1. Assigning VPP Apps and Books
        2. Revoking VPP-Assigned Apps
      6. Reference 10.6 VPP Managed Distribution User Enrollment
        1. Sending VPP Invitations
        2. Accepting VPP Invitations
        3. Verifying VPP Enrollment
        4. Remove VPP Managed Distribution Apps
        5. Remove VPP Managed Distribution
      7. Reference 10.7 Installing VPP Managed Distribution Apps and Books Assigned via Apple ID
        1. Manually Install VPP Apps and Books
      8. Exercise 10.1 Configure Profile Manager for the Volume Purchase Program
        1. Challenge
        2. Considerations
        3. Solution
      9. Exercise 10.2 Purchase and Assign Licensed Apps to Devices
        1. Challenge
        2. Considerations
        3. Solution
      10. Exercise 10.3 Deploy Licensed Apps to Devices
        1. Challenge
        2. Considerations
        3. Solution
      11. Exercise 10.4 Assign Apps and Books to Users and Invite Participants for VPP Managed Distribution
        1. Challenge
        2. Considerations
        3. Solution
      12. Exercise 10.5 Inspect the Effects of App Assignment and Remove VPP Managed Distribution Services
        1. Challenge
        2. Considerations
        3. Solution
    16. Lesson 11. In-House Apps and Books
      1. Reference 11.1 Deploy In-House Apps and Books
        1. Acquire In-House iOS Apps
        2. Acquire In-House OS X Apps
        3. Acquire In-House Books
        4. Workflows for Deploying In-House Apps and Books to iOS Devices
        5. Workflows for Deploying In-House Apps to OS X Computers
      2. Reference 11.2 Manage In-House Apps and Books via Profile Manager
        1. In-House Apps and Books in the Profile Manager Library
        2. Manage In-House Apps and Books for iOS Devices
        3. Push In-House Apps to OS X Computers
      3. Exercise 11.1 Deploy In-House Apps via Profile Manager (Optional)
        1. Challenge
        2. Considerations
        3. Solution
      4. Exercise 11.2 Deploy In-House Books via Profile Manager
        1. Challenge
        2. Considerations
        3. Solution
    17. Lesson 12. Apple Configurator 2: Planning and Setup
      1. Reference 12.1 About Apple Configurator 2
      2. Reference 12.2 Apple Configurator 2 Planning
        1. Apple Configurator 2 Prepare and Supervise
        2. Apple Configurator 2 Logistical Considerations
        3. Apple Configurator 2 Backup and Migration
        4. Prepare Devices Limitations
      3. Reference 12.3 Apple Configurator 2 Installation and Setup
        1. Apple Configurator 2 Installation
        2. Apple Configurator 2 Views
        3. Apple Configurator 2 Preferences
      4. Exercise 12.1 Get Apple Configurator 2
        1. Challenge
        2. Considerations
        3. Solution
    18. Lesson 13. Apple Configurator 2: Preparing, Configuring, and Managing iOS Devices
      1. Reference 13.1 Use Configuration Profiles
        1. Create and Edit Profiles
        2. Install Profiles
      2. Reference 13.2 Prepare iOS Devices
        1. Prepare Using Manual
        2. Prepare Using Automated Enrollment
        3. Verify Setup Assistant Customizations
        4. Prepare Apple TV Devices
      3. Reference 13.3 Create and Use Blueprints
      4. Reference 13.4 Organize Devices
        1. Apply and Create Tags
        2. Search for Devices
        3. View or Export Device Information
        4. Sort Devices
      5. Reference 13.5 Back Up and Restore iOS Devices
        1. Backup and Restore Introduction
        2. Backup and Restore Limitations
        3. Create iOS Backups for Restore
        4. Restore from an iOS Backup
      6. Reference 13.6 Automate Device Management
        1. Install Apple Configurator Automation Tools
        2. Use Apple Configurator 2 Automator Actions
        3. Export Apple Configurator 2 Automator Actions
        4. Use the Apple Configurator 2 Command-Line Tool
      7. Exercise 13.1 Create Configuration Profiles with Apple Configurator 2
        1. Challenge
        2. Considerations
        3. Solution
      8. Exercise 13.2 Prepare an iOS Device Using Automated Enrollment via the DEP
        1. Challenge
        2. Considerations
        3. Solution
      9. Exercise 13.3 Create and Apply Blueprints
        1. Challenge
        2. Considerations
        3. Solution
      10. Exercise 13.4 Back Up and Restore an iOS Device
        1. Challenge
        2. Considerations
        3. Solution
    19. Lesson 14. Apple Configurator 2: App and Document Management
      1. Reference 14.1 Considerations for Managing Apps with Apple Configurator 2
        1. Apple Configurator and Apple IDs
      2. Reference 14.2 Manage Apps and Documents via Apple Configurator 2
        1. Manage Apps with Personal Apple ID
        2. Manage Apps with VPP Apple ID
        3. Add In-House Enterprise Apps
        4. View Apps
        5. Remove Apps
        6. Add Documents
        7. Export Documents
      3. Reference 14.3 Update Apps Deployed via Apple Configurator 2
        1. Update Apps via Apple Configurator
        2. Update Apps via iOS Software Update
      4. Reference 14.4 Single App Mode
        1. Single App Mode via Apple Configurator 2
        2. Single App Mode via Profile Manager
      5. Exercise 14.1 Distribute Volume Purchase Program Apps via Apple Configurator 2
        1. Challenge
        2. Considerations
        3. Solution
      6. Exercise 14.2 Distribute In-House Apps via Apple Configurator 2 (Optional)
        1. Challenge
        2. Considerations
        3. Solution
    20. Lesson 15. User Data and Services
      1. Reference 15.1 User Content Considerations
        1. Traditional Sharing and Storage Options
        2. Internet Sharing and Storage Options
        3. iCloud Drive
        4. iOS iTunes Syncing
        5. iOS Backup Solutions
        6. iOS Restoration Workflows
        7. OS X Backup Solutions
        8. Managing Backups
    21. Lesson 16. Managing Access
      1. Reference 16.1 Managed Open In
        1. Configuring Managed Open In
      2. Reference 16.2 Limit Access to Content and Services
        1. iOS Restrictions to Limit Content and Services
        2. OS X Restrictions to Limit Content and Services
        3. iOS Restrictions for Apps
      3. Exercise 16.1 Manage Open In
        1. Challenge
        2. Considerations
        3. Solution
      4. Exercise 16.2 Restrict Access to Services via Profile
        1. Challenge
        2. Considerations
        3. Solution
    22. Lesson 17. Develop a Management Plan
      1. Reference 17.1 Define Requirements
        1. Planning Methodology
        2. Logistics and Infrastructure
        3. Usage Management
        4. System Deployment
        5. Item Management
        6. Ongoing Maintenance
      2. Reference 17.2 Consider Third-Party Solutions
        1. Third-Party Management Features
      3. Exercise 17.1 Develop a Management Plan
        1. Challenge
        2. Considerations
        3. Solution
        4. Logistics and Infrastructure
        5. Usage Management
        6. System Deployment
        7. Item Management
        8. Ongoing Maintenance
    23. Index