🛰️

Mobile Device Management (MDM)

Use and configure MDM

36 articles

Manually uninstalling an MDM agent

To manually uninstall an MDM agent, follow the outlined steps for both Windows and MacOS, ensuring you have the necessary administrator access to remove the configuration profiles and the MDM agent itself.

Testing Primo & FleetDM

The guide provides essential information on testing Primo and FleetDM, including setup requirements, controls for managing devices, querying capabilities, and policies, while emphasizing the integration and synchronization between the two platforms.

Deploying an EDR with FleetDM

Learn how to deploy an EDR solution using FleetDM, including steps for software package configuration, policy creation, and optional configuration profiles for Mac devices to ensure effective security management across your fleet.

Deploying an EDR with FleetDM

Learn how to effectively deploy an EDR solution using FleetDM by following the outlined steps, which include uploading software, creating policies, and adding configuration profiles for optimal security management across devices.

General info

Supported platforms and OS

The overview provides a detailed recap of platform support in Primo, listing the capabilities of various operating systems including MacOS, Windows, Linux, ChromeOS, and iOS, while noting that Android support is prioritized for Q1 2025.

Introduction to Mobile Device Management (MDM)

Mobile Device Management (MDM) enables organizations to manage, secure, and configure mobile devices effectively, ensuring compliance, enhancing productivity, and minimizing risks associated with data breaches and device theft.

Managing Windows Home

For those considering using Windows Home for professional purposes, it's important to note its limitations in security, management, and compatibility, and to explore the advantages of upgrading to Windows Pro for enhanced features tailored to business needs.

MDM Settings

Employee experience for OS Updates

The content outlines the procedures and requirements for updating macOS and Windows operating systems, emphasizing user notifications, deadlines for updates, and special considerations for low disk space.

Password Policy

The password policy outlines the enforcement of minimum length, complexity requirements, and renewal frequency for session passwords, detailing how these processes are managed on both macOS and Windows systems.

Apps installation library

The installation library provides guidance for application installations, including a section under construction for assistance with installation guides and a specific installation script for SentinelOne.

Library of custom Windows Policies

The content provides a library of custom Windows policies, specifically focusing on the implementation of the Personalization CSP for various Windows editions, including detailed XML examples and important considerations for deployment.

Disk encryption policy and recovery key storage with Primo

The disk encryption policy outlines the automatic activation of encryption on MacOS and Windows devices through Primo, details the importance and storage of recovery keys, and specifies actions required for key storage based on the operating system.

Library of custom Windows Policies

The library provides custom Windows Policies, including XML configurations for enabling Personalization CSP on Windows Pro, and instructions for setting background images and lock screens, while emphasizing the need for thorough testing and compatibility considerations.

Rollout Primo MDM

Deploying MDM: FAQ

Prepare for the Primo installation campaign by familiarizing yourself with the MDM process, addressing common FAQs, and understanding potential issues your employees may encounter during installation.

MDM Installation Guide

Follow the step-by-step instructions to install the Primo MDM agent on your computer, ensuring you have administrator rights and the necessary email invitation to begin the enrollment process.

Employee experience for OS Updates

Device partially enrolled

A computer is considered "partially enrolled" in Primo when the MDM enrollment process is incomplete, and to resolve this, users should follow specific steps based on the situation, such as addressing missing profiles or agents, with further assistance available from Primo support if issues persist.

Inviting your employees to MDM

To successfully invite your employees to the MDM, follow the outlined steps for sending invitations, ensure they receive the enrollment email with a personal installation link, and remember that the invitation is valid for only 7 days.

Introduction to Mobile Device Management (MDM)

Resources for a successful MDM rollout

You will find a comprehensive guide for successfully deploying the Primo mobile device management system, including a proposed timeline, communication materials, and tracking methods to ensure an efficient rollout.

Zero-Touch (ZTD)

Creating your Apple Business Manager account

To create and validate your Apple Business Manager account for efficient device management, follow the outlined steps including signing up with your organization's details and completing the verification process with Apple.

Understanding Zero-Touch Deployment (ZTD)

Zero-Touch Deployment (ZTD) is an automated method for setting up devices without IT staff intervention, enhancing security, improving employee experience, and increasing efficiency, especially when integrated with solutions like Primo for streamlined procurement and management.

Create and authorise the FleetDM application on the Azure portal

To successfully create and authorize the FleetDM application on the Azure portal, it is essential to declare the FleetDM domain, create the application with the necessary permissions, and set FleetDM as the default MDM for new devices, ensuring a seamless transition from Intune.

Windows Autopilot with Primo

Windows Autopilot with Primo streamlines the deployment of new Windows devices by allowing pre-configuration, requiring an Entra account instead of a local account, and providing a detailed setup guide including domain creation, application configuration, and testing procedures for efficient management and immediate user productivity.

Using Primo MDM

One of your devices has been lost or stolen

If you've lost a device or had it stolen, Primo's MDM offers robust security features such as encryption, password management, and remote locking or wiping to help protect your data and ensure your peace of mind.

Device partially enrolled

Deploying an EDR with FleetDM

Learn how to deploy an EDR solution, such as SentinelOne, using FleetDM by following a structured process that includes uploading the software, creating policies, and optionally adding configuration profiles for Mac systems.

Location tracking for Macs

Precise location tracking for Macs through MDM is not available due to privacy restrictions, and while features like remote lock and wipe commands can be utilized, Lost Mode is exclusive to iOS devices; for location tracking, user-enabled services like "Find My" are recommended.

How to use the iCloud Bypass Code

Learn how to effectively use the Activation Lock Bypass Code to unlock devices secured by Activation Lock, with step-by-step instructions for different macOS versions and important legal considerations.

Changing a Collaborator's Computer

To successfully change a collaborator's computer, follow a three-step process: manage the old computer by unassigning and resetting it, assign a new computer from your inventory or send an enrollment invitation for a new device, and ensure the new device is enrolled in Mobile Device Management (MDM) for effective management.

Library

Deploying an EDR with FleetDM

Apps installation library

Library of OSQueries for Queries & Policies

The library contains various OSQueries for monitoring user sessions, analyzing processes, retrieving current IP addresses, and implementing policies related to device enrollment and application presence across different operating systems.

Deploying an EDR with FleetDM

Library of custom Windows Policies

MDM migration

Migrating from another MDM

The guide outlines the procedures for migrating macOS and Windows devices from one Mobile Device Management (MDM) system to another, detailing steps for both supervised and unsupervised macOS devices as well as specific instructions for migrating Windows devices via Intune.