Device Management for Apple

Device Management for Apple (DMA) is our mobile device management (MDM) solution. MDM solutions are supported by Apple devices—Mac computers, iPhones, iPad tablets, and even Apple TVs—to configure devices securely and remotely.

Using Device Management for Apple, you can monitor and manage your Apple devices by sending configuration profiles, commands, and apps to them directly from N-central.

Device Management for Apple also supports Apple's enhanced macOS security framework to ensure our applications continue functioning with minimal user intervention.

Device Management for Apple requires Mac Monitoring Agent 1.2.0 or higher.

Enrollment of Virtual Machines (VMs) in Device Management for Apple is not tested or supported.

Getting Started

Before using Device Management for Apple, we recommend you review your N-central Roles and Permissions to ensure users have the required access level for their role.

To get started with Device Management for Apple, you must:

  1. Add an Apple Push Certificate
  2. Enroll devices in Device Management for Apple manually or automatically
  3. Upload configuration profiles to DMA

View the Quick Start Guide.

After Setup

After Device Management for Apple is set up, you can:

macOS security framework

macOS 10.13.2 or later, includes user data protections, which are managed by Apple's expanded security framework, Transparency Consent and Control (TCC), that prevent third-party applications from unauthorized interaction with the computer. Organizations can use mobile device management solutions to remotely manage these security preferences with Apple's Privacy Preferences Policy Control (PPPC) payload.

These enhanced Apple security changes have the following implications for our applications:

  • The security and privacy control settings defaulted to blocked. This forced end users to grant the required permissions for our applications to access the computer.
  • These privacy and security settings are not always remotely configurable through a remote assistance tool so end users must approve each request. The number of request notifications and configuration requirements can be daunting to end users. For example, the numerous requests from new software installations or requests for re-authorization on previously permitted applications after an Operating System update can be overwhelming to end users.
  • If end users do not grant the required permissions, Device Management for Apple may not run or they may run but with restricted functions.

To reduce the impact of these implications on our applications, we use our Device Management for Apple MDM solution to reduce the volume of end user notifications from our software and ensure all our installed applications have the required permissions.

Related topics

Updated: Mar 26, 2024