Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Enrolling Devices
  3. iOS

Category filter

Apple Configurator Enrollment for iOS: The Complete Guide

Jump To

The Apple Configurator enrollment for iOS method uses a Mac computer to physically tether the devices into Hexnode UEM. This method is primarily used to apply Supervision status to devices that are not eligible for Automated Device Enrollment (ADE) or when an organization needs to manage small batches of devices locally.

1. What is Apple Configurator Enrollment?

Apple Configurator enrollment is a tethered process that allows an administrator to apply a configuration profile to an iOS/iPadOS device via a USB connection to a Mac running the Apple Configurator app.

  • Primary Outcome: It forces the device into Supervised Mode, enabling advanced security and management features.
  • Data Loss: This process involves a full device wipe, meaning all existing data is erased.

2. Essential Prerequisites

The following assets and configurations must be in place before beginning the enrollment process:

Prerequisite Detail
MDM Configuration A valid Apple Push Notification service (APNs) Certificate must be configured in the Hexnode UEM console.
Hardware/Software A Mac computer running Apple Configurator (latest version recommended).
Network Profile A Wi-Fi Configuration Profile must be created in Apple Configurator to allow the supervised device to connect to the network over-the-air after the wipe.
Device Status The device must be in an unactivated state (i.e., fully erased or brand new).

3. Enrollment Procedure

The enrollment procedure involves three main phases: defining the necessary profiles, preparing the device configuration using a Blueprint, and applying the final enrollment.

Phase A: Create Wi-Fi Profile and Blueprint

This phase defines the network settings and bundles the configurations into a reusable Blueprint.

  1. Create Wi-Fi Profile: Within Apple Configurator, create a new profile defining the corporate Wi-Fi network’s SSID and security credentials.
    1. Open Apple Configurator.
    2. Click on File > New Profile.

      Option to create new profile

    3. Give a name to the profile. All other fields are optional.
    4. Select the Security type as “With Authorization” and provide a password. Set Automatically Remove Profile as “Never”.

      Options to customize the profile details

    5. Select Wi-Fi from the left menu and click Configure.

      Option to select Wi-Fi profile

    6. Give the name of the Wi-Fi network at Service Set Identifier (SSID).
    7. Select Auto join.
    8. Configure the Proxy Setup and select the Security Type.
    9. Provide the Wi-Fi password.
    10. Select Network Type as Standard.

      Option to configure Wi-Fi for apple configurator mdm enrollment

    11. Click on File and Save the profile.

      Option to save the configured Wi-Fi profile

      Save the configured Wi-Fi profile on the device

  2. Create Blueprint: Create a new Blueprint within Apple Configurator. Blueprints are templates used to quickly apply configurations to multiple devices.
    1. On the Apple Configurator window, click on File > New Blueprint.

      Option to create new blueprint for apple configurator mdm enrollment

    2. Name the Blueprint.

      Name the created blueprint

    3. Select the created Blueprint, click on Add > Profiles and select the Wi-Fi profile you created earlier and click Add.

      Option to add the created Wi-Fi profile to the blueprint

      Select the Wi-Fi profile

      The chosen Wi-Fi profile is being added to the blueprint

    Phase B: Configure Preparation Settings and Apply Blueprint

    This phase links the Blueprint to the Hexnode UEM server and initiates the device wipe and supervision process.

    1. Prepare the Device: Select the Blueprint and begin the preparation process. Configure the following options in the wizard:
      1. Configuration: Select Manual.

        Select the configuration type as manual

      2. MDM Server: Select New Server and enter the Hexnode UEM server enrollment URL (e.g., https://portalname.hexnodemdm.com/enroll).

        Select a new server to enroll in Hexnode UEM

      3. Supervision: Ensure the Supervise devices option is checked.
      4. Organization: Enter the required organizational details (Name, Dept, Address).
    2. Setup Assistant: Choose the specific Setup Assistant Steps you want the end-user to skip after the wipe (e.g., Apple ID, Diagnostics).

      Choose the iOS Setup Assistant steps you would like to display

      The blueprint is being prepared according to the configured settings

    3. Connect and Apply: Physically connect the iOS devices to the Mac via USB. Select the devices and apply the Blueprint to initiate the wipe and supervision.

    Phase C: Supervision and Final Enrollment

    The process initiates a device wipe and applies the supervision profile.

    1. Device Wipe: Apple Configurator will automatically erase all content and settings on the device.
    2. Supervision: The device is configured into Supervised Mode with the Hexnode UEM server details.
    3. Wi-Fi Connection: The device restarts and automatically connects to the pre-configured Wi-Fi network (from the Blueprint).
    4. Final Enrollment: The Hexnode UEM profile is downloaded and installed over-the-air (OTA). The user may be prompted for authentication credentials to complete the final enrollment step, depending on the server settings.

    4. Comparison to Automated Device Enrollment (ADE)

    While both methods achieve Supervision, there are key distinctions relevant to enterprise scale.

    Feature Apple Configurator Enrollment Automated Device Enrollment (ADE)
    Connection Type Tethered (requires physical USB connection to a Mac). Over-the-Air (OTA); zero-touch process.
    Scale Best for small batches or ineligible devices. Best for bulk deployment and large corporate fleets.
    Device Source Any new or erased device. Only devices purchased through Apple Business/School Manager (ABM/ASM).
    Setup Requires creating and storing configuration profiles locally on the Mac via Blueprints. Configuration is managed remotely via the ABM/ASM portal.

    5. Troubleshooting and FAQs
    1. Why does the device show an error during the Prepare phase?

      Ensure the device is fully erased before attempting to prepare it. Also, verify that the UEM enrollment URL is correctly entered as the server address in Apple Configurator.

    2. Does Apple Configurator enrollment support BYOD devices?

      No. Apple Configurator applies Supervision, which is intended for corporate-owned devices and involves a complete device wipe. BYOD is typically handled by User Enrollment.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Enrolling Devices
Managing iOS Devices