Consolidating DEP Identities/Accounts

ee_dub's picture

ee_dub

Joined: Jun 13, 2016
No votes yet

I'm dealing with a slew of Apple IDs used to create/maintain VPP enrollment relationships. Has anyone found a way to roll those up under a singular Administrative account without breaking the relationship and re-issuing tokens to the associated EMM servers?

Regards,

Eric

Top
taylor's picture

taylor

Joined: Jan 25, 2016
WWW

Can you elaborate on how the

Your rating: None

Can you elaborate on how the existing Apple IDs and VPP relationships are unrolled currently? Are there multiple VPP accounts at play here?

Taylor
simplemdm.com
Intuitive, Powerful Apple Device Management

Top
ee_dub's picture

ee_dub

Joined: Mar 12, 2012

Taylor, Currently we have one

Your rating: None

Taylor,

Currently we have one agent account and several administrators owned by the Apple IDs of individual employees. We'd like to roll all of the 'Administrator' accounts into one master for ease of management. It also prevents the ability for something to break should one of those individual administrators leave the company, change their password, etc.

Regards,

Eric

Top
taylor's picture

taylor

Joined: Jan 25, 2016
WWW

I see. This is at the VPP

Your rating: None (1 vote)

I see. This is at the VPP account login level. Unfortunately I do not have any experience with the consolidation process of VPP accounts. I can tell you that we had to account for customers with multiple VPP accounts with our MDM product, so there isn't a problem there. Many MDMs only support one VPP account however, and I can still appreciate the problem with individual employees owning the Apple IDs that manage the VPP accounts.

Probably a good question for Apple, if you can find a relevant contact point.

Taylor
simplemdm.com
Intuitive, Powerful Apple Device Management

Top
ee_dub's picture

ee_dub

Joined: Mar 12, 2012

Taylor, AFAIK it pertains

Your rating: None

Taylor,

AFAIK it pertains just to DEP, Agent/Administrators and MDM Servers/Tokens issued from each of the associated Apple IDs. I'll reach out to our people at the Fruit Company and see what they're able to do. Will post updates as they're provided.

Top
ee_dub's picture

ee_dub

Joined: Mar 12, 2012

Sorry for the delay in

Your rating: None

Sorry for the delay in reporting back on this. This is a supported procedure by both Apple and MobileIron. Here's what you do:

1) Create a new "DEP Master" email box/alias
2) Invite "DEP Master" as an Admin to existing DEP Program from existing DEP Admin portal
3) Register Apple ID using emailed link and enable 2FA
4) As DEP Master, "Add new MDM Server" to DEP Portal
5) Download public certificate from each existing MDM Server
6) Upload public certificate to "Add MDM Server" wizard
7) Download MDM Server Token
8 ) Upload new Token to MDM Server
9) Verify Associated AppleID address change from old to new
10) Migration is complete

Top

Who is online?

There are currently 0 admins, 0 users and 57 guests online. Connected users: .

Recent Activity