šŸ›°ļø

Mobile Device Management (MDM)

Use and configure MDM

C
ByClƩmentine

33 articles

Reset MacBook password

For unlocking your MacBook after forgetting your password, various methods are available depending on whether the device is enrolled in MDM, linked to an Apple account, or completely unassociated, with the last resort being a full reset that will erase all data.

Testing Primo & FleetDM

Explore the integration of Primo and FleetDM for effective mobile device management, covering prerequisites, testing procedures, team management, controls, queries, and policies, along with essential FAQs for a seamless experience.

General info

Supported platforms and OS

An overview of supported platforms and operating systems is provided, detailing functionalities across various systems including MacOS, Windows, Linux, ChromeOS, and iOS, while also noting current limitations and future priorities for unsupported systems like Android.

Managing Windows Home

For organizations considering Windows Home, it's crucial to recognize its limitations in security, management, and compatibility compared to Windows Pro, which is better suited for professional use and offers advanced features essential for business environments.

Introduction to Mobile Device Management (MDM)

Mobile Device Management (MDM) is a critical tool for managing, configuring, and securing your organizationā€™s mobile devices, ensuring compliance, enhancing productivity, and protecting sensitive data through remote management capabilities.

MDM Settings

Disk encryption policy and recovery key storage with Primo

Disk encryption is vital for safeguarding data against loss or theft, with Primo facilitating automatic encryption through FileVault on MacOS and BitLocker on Windows, while also ensuring recovery keys are securely stored at the device level.

Manage Admin Accounts with FleetDM

Learn how to manage admin accounts using FleetDM, including creating and demoting users, implementing policies, and utilizing scripts for effective administration across macOS and Windows devices.

Password Policy

The password policy outlines the enforcement of minimum length, complexity requirements, and renewal frequency for session passwords on both macOS and Windows systems, with specific instructions for managing these settings through Primo and FleetDM.

Rollout Primo MDM

MDM Installation Guide

The MDM Installation Guide provides a step-by-step process for installing the Primo tool on your computer, essential for effective fleet management, while ensuring you have the necessary administrator rights and support resources.

Inviting your employees to MDM

You are provided with essential instructions for inviting employees to enroll in the Mobile Device Management (MDM) system, including how to send invitations and important details regarding the installation process and email validity.

Resources for a successful MDM rollout

A comprehensive kit is provided to assist you in preparing for the deployment of the Primo Mobile Device Management (MDM) solution, including a proposed timeline, communication materials, and guidance for tracking installation progress.

Employee experience for OS Updates

Detailed guidelines are provided for managing OS updates for Mac and Windows users, including notification processes, deferral options, and special considerations for low disk space scenarios.

Deploying MDM: FAQ

The FAQ section provides essential information regarding the deployment of the Primo MDM solution, addressing common concerns such as installation process, machine performance, and employee control, while also offering guidance for troubleshooting potential issues during the installation.

Using Primo MDM

Device partially enrolled

Devices are deemed partially enrolled when the enrollment process is incomplete, which may result from various factors such as an incomplete installation of the Fleet agent or network issues, and troubleshooting steps should be followed to resolve these issues and ensure proper enrollment within 30 minutes.

Manage your apps via Primo & FleetDM

Manage your applications efficiently using Primo and FleetDM by connecting to FleetDM, adding or removing applications, and configuring installation targets, while ensuring to stay updated on the migration process affecting visibility in Primo.

One of your devices has been lost or stolen

If you've lost a device or had one stolen, Primo's MDM offers robust security features, including encryption, password quality control, and remote locking or wiping, to protect your data and help you manage the situation effectively.

How to use the iCloud Bypass Code

Learn how to effectively use the Activation Lock Bypass Code to unlock devices secured by Activation Lock, with step-by-step instructions for different macOS versions and important legal considerations.

Changing a Collaborator's Computer

To ensure a smooth transition when changing a collaborator's computer, follow the outlined steps for managing the old device, assigning the new one, and enrolling it in the MDM system.

Location tracking for Macs

Precise location tracking for Macs is not accessible through MDM due to privacy restrictions, and while features like remote lock and wipe commands are available, Lost Mode is not applicable on macOS, necessitating reliance on user-enabled services like ā€œFind Myā€ for location tracking.

Deploying an EDR with FleetDM

Learn how to deploy an EDR solution, particularly SentinelOne, using FleetDM, including essential steps for uploading software, configuring policies, and adding necessary configuration profiles for seamless installation and security enhancement across devices.

Zero-Touch (ZTD)

Windows Autopilot with Primo

Windows Autopilot with Primo simplifies the deployment of new Windows devices by allowing pre-configuration, ensuring a seamless user experience, and requires specific Microsoft licenses and administrative setup to manage device configurations effectively.

Understanding Zero-Touch Deployment (ZTD)

Zero-Touch Deployment (ZTD) is an automated process that enables organizations to efficiently set up and configure devices without physical IT interaction, enhancing security, improving employee experience, and increasing operational efficiency.

Apple Business Manager with Primo

Apple Business Manager (ABM) facilitates the deployment of Apple devices through a centralized web portal, enabling features like Zero Touch Deployment when integrated with a Mobile Device Management (MDM) system, and outlines the steps for creating and validating an ABM account, along with the experience of setting up a new employee's workstation.

Create and authorise the FleetDM application on the Azure portal

The guide outlines the steps to create and authorize the FleetDM application on the Azure portal, including domain declaration, application creation, and setting FleetDM as the default MDM for new devices.

Library

Useful scripts

You'll find useful scripts for modifying host names on macOS, along with a warning that all provided scripts are offered as-is and should be tested prior to implementation.

Manage Admin Accounts with FleetDM

Learn how to manage admin accounts using FleetDM, including creating and demoting users, implementing policies, and utilizing scripts for effective administration across macOS and Windows devices.

Library of custom Windows Policies

The library provides custom Windows policies, including guidelines for applying CSP policies, allowing personalization on Windows Pro, and setting background images and lock screens, along with important notes on compatibility and testing.

Library of OSQueries for Queries & Policies

Explore a comprehensive library of OSQueries that includes queries for user sessions, process analysis, IP retrieval, and policies for device enrollment and application presence across various operating systems.

Deploying an EDR with FleetDM

Learn how to deploy an EDR solution, particularly SentinelOne, using FleetDM, including essential steps for uploading software, configuring policies, and adding necessary configuration profiles for seamless installation and security enhancement across devices.

Apps installation library

The content provides a comprehensive library of installation and uninstallation scripts for various applications, including Notion, Google Drive, Microsoft Teams, and Microsoft Office 365, along with relevant policies and details for effective software management.