ABM registration options

There are several possible scenarios for registration (sometimes called assignment) and deployment with the Apple Business Manager. Our goal is to achieve full DEP/ADE enrolment whenever possible.

ABM scenarios

1. Registered by reseller during purchase and before use
2. Register before use with Apple Configurator (see below for link)
3. Erase a Mac and register with Apple Configurator
4. Register a Mac that's already in use with Apple Configurator (no longer supported)
5. Registered by reseller after purchase and can be erased
6. Registered by reseller after purchase but is already in use
7. No registration

Look in the device list on https://business.apple.com to check if it’s registered and assigned to the correct MDM server.

If a device is correctly registered and assigned it should appear in your MDM enrolment prestage. If you are using Mosyle go to Organisation > Enrolment > macOS > Automated Device Enrollment > View Devices and search for it in the device list.

You can also run the command below (double L in enrollment) to verify from the Mac itself.

sudo profiles show -type enrollment

NOTE: Apple have quotas set on the profiles command. Do not use it repeatedly or you will be be blocked for 24 hours.

NOTE: Apple spell enrollment with a double-L American style

• Options 1,2, 3 & 5 automatically enrol the device to MDM when the user first logs in

• Options 4, 6 & 7 require manual enrolment (see below)

• Options 2, 3 & 4 only work with T2 or Silicon Macs and require an iPhone within bluetooth range of the Mac and an ABM Device Manager account
• All options except 7 result in a full ADE/DEP enrollment

Prepare Apple Configurator

1. Download Apple Configurator to an iPhone https://apps.apple.com/gb/app/apple-configurator/id1588794674
2. Open Apple Configurator on the iPhone and login to the Apple Business Manager 
3. Tap the cog wheel and set MDM Server Assignment to the correct MDM server

Register a Mac

1. New registered Mac

Verify that the computer appeared in the ABM device list in your MDM server then simply deliver the boxed computer to the user.

2. Register a new Mac

1. Plug the Mac into a power source so it doesn’t go to sleep during the process
2. Start up the Mac
3. Select the language in Setup Assistant, click Continue, then stop when you see the Country or Region pane. Note: You must restart the Mac if you go past the Country or Region pane
4. Make sure the iPhone is connected to wifi (not cell network) and that bluetooth is enabled on the iPhone
5. Open Apple Configurator on your iPhone and bring it close to the Mac
6. Scan the image that appears in Setup Assistant on the Mac screen
7. Wait for Mac to complete the registration process and press Shutdown
8. Verify that the computer appeared in the ABM device list and that it’s assigned to the MDM server
9. The Mac is ready to deliver to user

3. Erase and register a used Mac

1. Plug the Mac into a power source so it doesn’t go to sleep during the process
2. Update the Mac to macOS 12.0.1 or later
3. Make sure the device is not enrolled to MDM, if it is, take steps to remove it
4. Open System Preferences and select Erase all Content and Settings… from the menu 
5. Follow the steps for option 2 above

4. Register a used Mac without erasing*

THIS METHOD WAS DISABLED BY APPLE IN SONOMA

1. Plug the Mac into a power source so it doesn’t go to sleep during the process
2. Update the Mac to macOS 12.0.1 or later
3. Make sure the device is not enrolled to MDM, if it is, take steps to remove the profiles and then delete it from MDM
4. Run these two command in Terminal
   

   sudo -s
   "/System/Library/CoreServices/Setup Assistant.app/Contents/MacOS/Setup Assistant" -MBDebug &

5. You should see the Setup Assistant
6. Select the language in Setup Assistant, click Continue, then stop when you see the Country or Region pane.
7. Make sure the iPhone and Mac are connected to the same wifi and that bluetooth is enabled on the iPhone
8. Open Apple Configurator on your iPhone and bring it close to the Mac*
9. Scan the image that appears in Setup Assistant on the Mac screen.
10. Wait for the process to complete and press Restart
11. Verify that the computer appeared in the ABM device list and that it’s assigned to the MDM server
12. Run this command (Do not use the command repeatedly, Apple have a quota!)

    sudo profiles renew -type enrollment
    

13. You should now see a notification prompting to accept the enrolment profile 

*This workaround doesn’t always work. If it fails, try restarting the phone and/or Mac.

5. Late registration by supplier

Many suppliers will register devices for you even years after the purchase, if you ask, nicely.

Computer can be erased

1. Verify that the computer appeared in the ABM device list and is assigned to the MDM server
2. Plug the Mac into a power source so it doesn’t go to sleep during the process
3. Update the Mac to macOS 12.0.1 or later
4. Make sure the device is not enrolled to MDM, if it is, take steps to remove it
5. Open System Preferences and select Erase all Content and Settings… from the menu 

6. Late registration by supplier

Computer is already in use

1. Verify that the computer appeared in the ABM device list
2. Run this command Do not use the command repeatedly, Apple have a quota!

   sudo profiles renew -type enrollment

3. You should now see a notification prompting to accept the enrolment profile 

7. No Apple Business Manager - Manual MDM enrolment

1. The user should use the web URL to enrol

MDM enrolment is normally done by the end-user. A Mac should be registered on ABM prior to MDM enrolment if at all possible. ABM registration enables full DEP/ADE enrolment and gives us the full MDM experience. Option 7 is our last resort.