Enrolling iOS devices

Coro enables you to iOS enroll devices:

• Manually, as a Company Owned Device (Supervised) or Bring Your Own Device (BYOD) .
• Automatically, through Coro being designated as a MDM for your Apple Device Enrollment Program (DEP)-deployed devices.

For more details about each type, see Overview.

Read the following procedure for instructions on enrolling your device type:

• Manually enrolling a supervised iOS device
• Manually enrolling a BYOD iOS device
• Enrolling devices through a DEP

Manually enrolling a supervised iOS device

Follow the steps in each of these sections to enroll a supervised iOS device:

• Prerequisites
• Get the enrollment link from your Coro workspace
• Set up Apple Configurator with server and organization details
• Prepare a device

Prerequisites for supervised devices

For supervised iOS devices, make sure you have the following before you begin:

• Your iOS device running version 15 or later, unlocked and powered up, with access to a Wi-Fi network. A factory reset of the device is required.
• A macOS computer running version 10.12.5 or later, with Apple Configurator 2 or later installed.
• A charging cable to physically connect the iOS device to the macOS computer.
• Standard Apple ID and password credentials.
• Access to the Coro console.

Getting the enrollment link from your Coro workspace

Before you can proceed to prepare a device, first obtain the MDM server enrollment link:

1. Sign into the Coro console and navigate to the Mobile Device Management module.
2. On the MDM Management page, select the Devices tab:

   

3. Select + ENROLL DEVICE , then select iOS Device :

   

4. From the Select iOS enrollment type dialog, select Manual enrollment :

   

   Coro displays the Enroll iOS devices dialog:

   

5. Select Company Owned Device (Supervised) , then select NEXT .

   Coro displays the Choose enrollment method step:

   

6. Select COPY SERVER LINK to copy the provided server link to your clipboard. Keep this information for later.

   note

   The Apple Configurator steps described in this dialog are covered later in this guide.

7. Select DONE to close the dialog.

Setting up Apple Configurator with server and organization details

In this section, you set up a macOS computer with all required software and settings to function as a platform for preparing iOS devices for Coro MDM.

This is a one-time procedure designed to set up your macOS computer with the Apple Configurator tool, details of Coro's MDM server, and information about your organization. These details are applied to each device on which you run the preparation procedure.

On your macOS computer, perform the following steps:

1. Install and run the Apple Configurator app. Download the configurator from this link: https://support.apple.com/apple-configurator .
2. Select Settings... from the Apple Configurator menu.
3. Select Servers :

   

4. Select the plus icon to add a new server. This starts the Define an MDM Server wizard:

   

5. Select Next to add the MDM server details:

   

6. Enter the following details:
   • Name : Enter a name for the server. Coro recommends "Coro MDM".
   • Host name or URL : Paste the MDM enrollment server link, see Getting the enrollment link from your Coro workspace .
7. Select Next to continue.

   Apple identifies the server and adds it to your Servers list:

   

8. Add an organization and supervision identity. Select Organizations :

   

9. Select the plus icon to add a new organization. This starts the Create an organization wizard:

   

10. Select Next to continue. Then, when prompted to login, select Skip :

    

11. Enter details for your organization into the fields provided:

    

12. Select Next to continue. Apple adds your organization to your Organizations list:

    

13. To view your organization's supervision identity, select Show Supervision Identity... :

    

14. Expand the Details section to make sure your Apple Push Notification Services certification is visible in the list, then select OK to close the dialog.
15. Close the Settings dialog.

Preparing a device

The following steps describe how to prepare an iOS device for Coro MDM management using the MDM server and organization details previously configured in Apple Configurator:

1. Connect your iOS device physically via a charging cable to the macOS computer and, on the device, agree to "Trust this computer":

   

2. Open the Apple Configurator app and select your mobile device:

   

3. Right-click on the displayed device and select Prepare... :

   

4. In the Prepare Devices dialog, select Manual Configuration and enable Supervise devices . Then, select Next to continue:

   

5. In the Enroll in MDM Server dialog, choose your Coro MDM server from the drop-down list. Then, select Next to continue:

   

6. In the Assign to Organization dialog, choose your organization from the drop-down list. Then, select Next to continue:

   

7. In the Configure iOS Setup Assistant dialog, enable the steps you want to appear during the device setup procedure. Then, select Prepare to complete the process:

   

8. The Apple Configurator app warns that the device was previously prepared. Select Erase to erase the device's current state, apply your settings, and prepare in Remote Management mode:

   

9. Wait for the device to reset and restart. When your device reaches the Apple Hello prompt, it is safe to disconnect:

   

Final steps

After you complete the device preparation process, you can proceed to distribute the device to your end user.

When your user signs into the device and sets up the Wi-Fi connection, it downloads the enrollment profile and connects to your Coro MDM service.

Your Coro MDM device list is automatically populated with the connected device.

Manually enrolling a BYOD iOS device

Follow these steps to enroll a BYOD iOS device:

• Prerequisites
• Send enrollment links to your users
• Activate enrollment on a device

Prerequisites for BYOD devices

For BYOD iOS devices, you need:

• An iOS device running version 15 or later, unlocked and powered up, with access to a Wi-Fi network.
• Access to the Coro console.

Sending enrollment links to your users

Before you can enroll a device as BYOD, you first need to obtain the enrollment link and send it to the device's user. Coro enables you to bulk email an enrollment link to one or more users. Alternatively, you can copy the link and paste it directly into a browser on the device.

To access the enrollment link, perform the following steps:

1. Sign into the Coro console and navigate to the Mobile Device Management module.
2. On the MDM Management page, select the Devices tab:

   

3. Select + ENROLL DEVICE , then select iOS Device :

   

4. From the Select iOS enrollment type dialog, select Manual enrollment :

   

   Coro displays the Enroll iOS devices dialog enabling you to select a manual enrollment type:

   

5. Select Bring Your Own Device (BYOD) , then select NEXT .

   Coro displays the Choose enrollment method step:

   

6. Choose one of the following methods:
   • Send an enrollment link via email to device owners :

     Enter one or more email addresses in the box provided, then select SEND INVITATIONS to request Coro to send a preformed email template to each address in the list containing instructions and a link to begin the enrollment process.

     note

     Type an email address, then press space or enter to validate it. Or, use commas to separate a list of addresses.

   • Share a link directly with device owners :

     Use the COPY TOKEN button to copy the unique enrollment link to your clipboard:

     

     Send this to your device owners with instructions to paste it into a web browser on the device.

7. Select DONE to close the dialog.

Activating enrollment on a device

On the iOS device, perform these steps to enroll:

1. Access the invitation email through your iOS device's mail app, and tap the included device enrollment link.
2. When prompted, tap Allow to start downloading a new configuration profile:

   

3. When complete, tap Close :

   

4. Now go to your device Settings app, then tap the Profile Downloaded link to access the downloaded enrollment profile:

   

5. Tap Install on the top right-hand side:

   

6. Your device may ask you to confirm your passcode or identity in order to continue.

   

7. A warning page is triggered explaining next steps. Tap Install again:

   

8. Tap Trust , then wait for the profile to be installed and the device to register with Coro MDM:

   

9. When this is complete, tap Done :

   

After the enrollment process has completed, your Coro MDM device list is automatically populated with the connected device.

Enrolling devices through a DEP

Coro can connect to an Apple Device Enrollment Program (DEP) to enable organizations to configure Coro as a designated MDM for their organization-owned centrally provisioned and deployed mobile iOS devices. Such devices are typically configured and enrolled in the program prior to shipping to the end-user.

Where Coro is assigned to devices as the designated MDM solution, such devices are automatically synchronized to the Coro console, and can be monitored and managed in the normal way. Upon receiving the device, the user completes the remote management setup procedure and the device is marked as active in Coro.

Prerequisites for DEP devices

For enrolling a DEP-deployed iOS device, you need:

• Coro configured with a valid DEP connection .
• Access to an ABM or ASM admin account.
• Access to the Coro console.
• An iOS device running version 15 or later, enrolled in an Apple DEP.

Assigning Coro as the MDM for devices

Before Coro can manage a device, you must first configure your DEP-deployed devices to use Coro as the designated MDM server. This will enable Coro to access the devices and provide management capabilities through the Coro MDM console.

To assign Coro as the MDM server for a device in your DEP service, perform these steps:

1. Sign into your Apple DEP service.
2. In the Devices section, locate and select the device to which you want to assign Coro as the MDM:

   

3. Select the three-dot actions menu in the device details pane, then select Edit MDM server :

   

4. In the Edit MDM server assignment dialog, select your Coro MDM server from the drop-down list:

   

5. Select Continue followed by Confirm to confirm your MDM assignment.

   After a short wait, your device has Coro MDM assigned to it.

Repeat this process for each device you want to add to Coro MDM.

Synchronizing DEP devices to Coro MDM

After you have assigned Coro as the MDM server for one or more devices in your DEP service, Coro receives details of the devices through an automatic synchronization process. This process occurs after approximately one hour.

To instead force an immediate synchronization, perform these steps:

1. Sign into the Coro console and navigate to the Mobile Device Management module.
2. On the MDM Management page, select the Devices tab:

   

3. Select + ENROLL DEVICE , then select iOS Device :

   

4. From the Select iOS enrollment type dialog, select Device Enrollment Program (DEP) :

   

   Coro displays the Device Enrollment Program (DEP) dialog:

   

   note

   This example shows the dialog for Apple Business Manager. The dialog you see will reference your connected DEP service.

5. Select SYNC DEVICES .
6. Select DONE to close the dialog.

Devices become active in Coro MDM after the end user completes the setup assistant on the device. See Preparing a DEP-deployed device for use for details.

Preparing a DEP-deployed device for use

When a DEP-deployed device is ready to be used, you must first run through the setup assistant. This operation might be performed by an organization's IT team prior to despatch or by the end user, depending on your organization's device policy. Devices must be factory-reset prior to setup.

During this process, the operator is requested to enroll the device for remote management:

After the setup assistant is completed, the device appears as active in the Coro MDM device list.