Prepare the MDM solution 02
When you’re getting ready for the school year, it’s important to add your end-users for ease of management, including teachers, students and staff. Importing your school’s hierarchy is easy and there are a few different ways you can do this, depending on whether you already have a hierarchy/roster.
If you do have a list ready to be imported, you can either import your school’s hierarchy into the MDM solution by integrating Apple School Manager or using other methods. If you don’t already have your list of users, you can create your roster directly in Mosyle Manager.
We’ll go over the ways you can complete this important step of your Mac deployment process, starting off with Apple School Manager.
Integrate Apple School Manager
Apple School Manager (ASM) gathers all the information you need to deploy and manage your devices all in one web-based portal. It combines Device Enrollment (DEP) and the Apps and Books area, allowing you to automate supervision and enrollment.
If your school doesn't have an Apple School Manager account yet, just visit school.apple.com and submit your school’s information. If you already have an account, make sure you have properly set up your account with the user accounts and added your MDM server to the Apple School Manager account.
You can combine Mosyle's SSO and Auth solution to the federated authentication for linking Apple School Manager to Microsoft Azure Active Directory (AD) to provide the easiest experience for students and teachers by leveraging their AD usernames and passwords as Managed Apple IDs. With one single credential, students and teachers can assign their Apple devices, log in to the Mac and access their resources.
When creating a link between Mosyle Manager and ASM, make sure that you first integrate ASM with Azure AD and then integrate Azure AD with Mosyle Manager.
Ensure that your Apple School Manager account is integrated to your MDM solution. When using Mosyle Manager as your device management solution, follow these easy steps:
- 1. Log into your ASM account and add your MDM server
- 2. Next, go to the My School tab in Mosyle Manager and download the public key
- 3. Go back to your ASM account and register your Mosyle Manager public key
- 4. Download the generated .p7m file and return to your Mosyle Manager account
- 5. Upload the Apple server token and click "Save"
Add school's hierarchy using other methods
You can also easily import your school’s hierarchy/roster by integrating Active Directory with your MDM solution. Doing it this way also makes it easier to authenticate your end-users because it seamlessly works with Single Sign-On (SSO), which we cover in section 5.
This can be done in Mosyle Manager in three easy steps:
- 1. Click on the My School tab
- 2. On the left hand side, scroll down and click Active Directory
- 3. Choose your type of Active Directory (LDAP or AD FS) and follow the on-screen instructions
If you don’t already have a hierarchy/roster to import, you can easily create users within Mosyle Manager.
- 1. Click on the My School tab
- 2. From the menu on the left, go to the Users section
- 3. There, you can add Students, Teachers, Staff, Administrators and more
When you’re creating user profiles for students, you can also assign them to grade levels and class periods.
Next up, we’ll go over different ways to enroll your Mac computers.