Skip to end of metadata
Go to start of metadata

You can configure the device startup settings of the Corporate Owned, Personally Enabled (COPE) iOS devices also known as Device Enrollment Program (DEP) devices, to skip configurations or include additional configurations. This is done by creating profiles in WSO2 IoT Server and assigning it to the devices.

Follow the steps given below:

  1. If you have not already started WSO2 IoT Server, start WSO2 IoT Server's core profile.

    cd <IOTS_HOME>/bin
  2. Sign in to the device management console using a username and password that has administrator privileges. The default administrator password is admin and the default administrator password is admin.

    The profile form is displayed.
  4. Configure the profile settings:

    Enter profile nameProvide a name for your profile.
    Enter profile URLEnter the URL to access the WSO2 IoT Server's EMM server.
    The URL needs to be in the following format: https://<IOTS_HOST>:8243/api/ios/v1.0/profile-dep/. If you port offset WSO2 IoT Server's core profile, make sure to offset the port defined here too. In a setup where hostnames are used, please replace the <IOTS_HOST>:8243 with the gateway hostname.
    Is supervisedIf selected, the device is set to the Supervised mode. The supervised devices are also referred to as DEP enabled device. The EMM administrators are able to carry out operations on the device as they are owned by the organization.
    Important: Without this tick, DEP related policies will not work.
    Is MDM removableIf selected, the device user is unable to unregister the device from the WSO2 IoT Server's EMM solution.
    Is mandatoryIf selected, the device users need to complete enrolling their devices with WSO2 IoT Server during the setup, and cannot skip the step.
    Important: It is highly adviced to keep this unchecked during testing to avoid getting locked out due to a misconfiguration. When moving to a production environment, this can be checked after testing.
    DepartmentEnter the department the device belongs to. This value is displayed when the device is starting up.
    Support phone numberEnter the support number. This is provided during the setup if device users require help or run into issues.
    Support email addressEnter the support email address. This is provided during the setup if device users require help or run into issues.
    Anchor certs
    • Production environment: You don't need to enter any value here because WSO2 IoT Server has a valid SSL certificate in a production environment.

    • Testing/Development environment: If the testing environment does not have a valid SSL certificate, follow the steps given to get the values you need to enter:

      1. Navigate to the <IOTS_HOME>/ios-configurator/output directory via the terminal.
        This directory is available only if you configured WSO2 IoT Server with the iOS features.
      2. Run the command given below to convert the SSL certificate you had already generated when configuring iOS features to the .pem format.

        openssl x509 -in ia.crt -out ia_cert.pem
      3. As per the Apple specifications, encode the ca_cert.pem file you generated when configuring the iOS features.

        openssl x509 -in ca_cert.pem -outform DER|base64
      4. As per the Apple specifications, encode the ia_cert.pem file you generated above.

        openssl x509 -in ia_cert.pem -outform DER|base64
      5. Enter the values you got in step c and step d as comma separated values:

    Skip setup items
    • If Skip setup items is selected, the device automatically skips through all the pages that appear at the time of setting up an iOS device.

    • If only specific items are selected, the device skips the selected pages at the time of setting up the iOS device.
      For example, if you select passcode and Siri, you don't have to enter a passcode or set up Siri at the time of setting up the iOS device for the first time.
  5. Click Add to add the configured profile.
  6. Navigate to the Device list page.
  7. Click Sync if you haven't done before to get the list of devices that are enrolled as DEP devices from the DEP portal.
  8. Assign a profile to a device. The settings in the profile are used when starting up the device for the first time.

What's next?

Now, you can enroll your DEP devices with WSO2 IoT Server's EMM solution. All your employees need to do is start up the device. 

  • No labels