Device Management for Apple
Device Management for Apple (DMA) is our mobile device management (MDM) solution. MDM solutions are supported by Apple devices—Mac computers, iPhones, iPad tablets, and even Apple TVs—to configure devices securely and remotely.
Using Device Management for Apple, you can monitor and manage your Apple devices by sending configuration profiles, commands, and apps to them directly from N-sight RMM.
Device Management for Apple also supports Apple's enhanced macOS security framework to ensure our applications continue functioning with minimal user intervention.
Enrollment of Virtual Machines (VMs) in Device Management for Apple is not tested or supported.
To get started with Device Management for Apple, you must:
- Add an Apple Push Certificate
- Enroll devices in Device Management for Apple manually
or automatically using Apple Business Manager
- Upload configuration profiles to the DMA Profile Library
After Device Management for Apple is set up, you can:
- Deploy configuration profiles to devices
- Send commands to Apple devices
- Monitor and manage mobile devices
- Manage App Store purchases
- Update OS on Apple devices
Patch Management for Apple
To deploy verified third party updates, use Run Managed Patch task.
To update the Apple OS version on your devices, see Update OS on Apple devices.
To update App Store purchases on your devices, see Manage App Store purchases.
Before using Device Management for Apple, we recommend you review your N-sight RMM Roles and Permissions to ensure users have the required access level for their role. For information about the permissions for Device Management for Apple, see Default System Role Permissions.
macOS 10.13.2 or later, includes user data protections, which are managed by Apple's expanded security framework, Transparency Consent and Control (TCC), that prevent third-party applications from unauthorized interaction with the computer. Organizations can use mobile device management solutions to remotely manage these security preferences with Apple's Privacy Preferences Policy Control (PPPC) payload.
These enhanced Apple security changes have the following implications for our applications:
- The security and privacy control settings defaulted to blocked. This forced end users to grant the required permissions for our applications to access the computer.
- These privacy and security settings are not always remotely configurable through a remote assistance tool so end users must approve each request. The number of request notifications and configuration requirements can be daunting to end users. For example, the numerous requests from new software installations or requests for re-authorization on previously permitted applications after an Operating System update can be overwhelming to end users.
- If end users do not grant the required permissions, Device Management for Apple may not run or they may run but with restricted functions.
To reduce the impact of these implications on our applications, we use our Device Management for Apple MDM solution to reduce the volume of end user notifications from our software and ensure all our installed applications have the required permissions.