Mobile Device Management (MDM)
Use and configure MDM
34 articles
Reset MacBook password
For unlocking your MacBook after forgetting your password, various methods are available depending on whether the device is enrolled in MDM, linked to an Apple account, or completely unassociated, with the last resort being a full reset that will erase all data.
Testing Primo & FleetDM
Explore the integration of Primo and FleetDM for effective mobile device management, covering prerequisites, testing procedures, team management, controls, queries, and policies, along with essential FAQs for a seamless experience.
General info
Supported platforms and OS
An overview of supported platforms and operating systems is provided, detailing functionalities across various systems including MacOS, Windows, Linux, ChromeOS, and iOS, while also noting current limitations and future priorities for unsupported systems like Android.
Managing Windows Home
For organizations considering Windows Home, it's crucial to recognize its limitations in security, management, and compatibility compared to Windows Pro, which is better suited for professional use and offers advanced features essential for business environments.
Introduction to Mobile Device Management (MDM)
Mobile Device Management (MDM) is a critical tool for managing, configuring, and securing your organizationās mobile devices, ensuring compliance, enhancing productivity, and protecting sensitive data through remote management capabilities.
MDM Settings
Disk encryption policy and recovery key storage with Primo
Disk encryption is vital for safeguarding data against loss or theft, with Primo facilitating automatic encryption through FileVault on MacOS and BitLocker on Windows, while also ensuring recovery keys are securely stored at the device level.
Manage Admin Accounts with FleetDM
Learn how to manage admin accounts using FleetDM, including creating and demoting users, implementing policies, and utilizing scripts for effective administration across macOS and Windows devices.
Password Policy
The password policy outlines the enforcement of minimum length, complexity requirements, and renewal frequency for session passwords on both macOS and Windows systems, with specific instructions for managing these settings through Primo and FleetDM.
Rollout Primo MDM
MDM Installation Guide
The MDM Installation Guide provides a step-by-step process for installing the Primo tool on your computer, essential for effective fleet management, while ensuring you have the necessary administrator rights and support resources.
Inviting your employees to MDM
You are provided with essential instructions for inviting employees to enroll in the Mobile Device Management (MDM) system, including how to send invitations and important details regarding the installation process and email validity.
Device partially enrolled
Devices are considered partially enrolled when the enrollment process is incomplete, which can result from various issues such as incomplete steps, agent installation problems, or network connectivity issues, and troubleshooting steps are provided to resolve these situations.
Resources for a successful MDM rollout
A comprehensive kit is provided to assist you in preparing for the deployment of the Primo Mobile Device Management (MDM) solution, including a proposed timeline, communication materials, and guidance for tracking installation progress.
Deploying MDM: FAQ
The FAQ section provides essential information regarding the deployment of the Primo MDM solution, addressing common concerns such as installation process, machine performance, and employee control, while also offering guidance for troubleshooting potential issues during the installation.
Employee experience for OS Updates
Detailed guidelines are provided for managing OS updates for Mac and Windows users, including notification processes, deferral options, and special considerations for low disk space scenarios.
Using Primo MDM
Manage your apps via Primo & FleetDM
Manage your applications efficiently using Primo and FleetDM by connecting to FleetDM, adding or removing applications, and configuring installation targets, while ensuring to stay updated on the migration process affecting visibility in Primo.
Device partially enrolled
Devices are considered partially enrolled when the enrollment process is incomplete, which can result from various issues such as incomplete steps, agent installation problems, or network connectivity issues, and troubleshooting steps are provided to resolve these situations.
One of your devices has been lost or stolen
If you've lost a device or had one stolen, Primo's MDM offers robust security features, including encryption, password quality control, and remote locking or wiping, to protect your data and help you manage the situation effectively.
How to use the iCloud Bypass Code
Learn how to effectively use the Activation Lock Bypass Code to unlock devices secured by Activation Lock, with step-by-step instructions for different macOS versions and important legal considerations.
Changing a Collaborator's Computer
To ensure a smooth transition when changing a collaborator's computer, follow the outlined steps for managing the old device, assigning the new one, and enrolling it in the MDM system.
Deploying an EDR with FleetDM
Learn how to deploy an EDR solution, particularly SentinelOne, using FleetDM, including essential steps for uploading software, configuring policies, and adding necessary configuration profiles for seamless installation and security enhancement across devices.
Location tracking for Macs
Precise location tracking for Macs is not accessible through MDM due to privacy restrictions, and while features like remote lock and wipe commands are available, Lost Mode is not applicable on macOS, necessitating reliance on user-enabled services like āFind Myā for location tracking.
Zero-Touch (ZTD)
Windows Autopilot with Primo
Windows Autopilot simplifies the deployment of new Windows devices by allowing pre-configuration for immediate productivity, requiring certain prerequisites, and involving a series of setup steps to ensure a seamless user experience.
Understanding Zero-Touch Deployment (ZTD)
Zero-Touch Deployment (ZTD) is an automated process that enables organizations to efficiently set up and configure devices without physical IT interaction, enhancing security, improving employee experience, and increasing operational efficiency.
Apple Business Manager with Primo
Apple Business Manager (ABM) facilitates the deployment of Apple devices through a centralized web portal, enabling features like Zero Touch Deployment when integrated with a Mobile Device Management (MDM) system, and outlines the steps for creating and validating an ABM account, along with the experience of setting up a new employee's workstation.
Create and authorise the FleetDM application on the Azure portal
The guide outlines the steps to create and authorize the FleetDM application on the Azure portal, including domain declaration, application creation, and setting FleetDM as the default MDM for new devices.
Library
Useful scripts
You'll find useful scripts for modifying host names on macOS, along with a warning that all provided scripts are offered as-is and should be tested prior to implementation.
Apps installation library
The content provides a comprehensive library of installation and uninstallation scripts for various applications, including Notion, Google Drive, Microsoft Teams, and Microsoft Office 365, along with relevant policies and details for effective software management.
Manage Admin Accounts with FleetDM
Learn how to manage admin accounts using FleetDM, including creating and demoting users, implementing policies, and utilizing scripts for effective administration across macOS and Windows devices.
Library of custom Windows Policies
The library provides custom Windows policies, including guidelines for applying CSP policies, allowing personalization on Windows Pro, and setting background images and lock screens, along with important notes on compatibility and testing.
Library of OSQueries for Queries & Policies
Explore a comprehensive library of OSQueries that includes queries for user sessions, process analysis, IP retrieval, and policies for device enrollment and application presence across various operating systems.
Deploying an EDR with FleetDM
Learn how to deploy an EDR solution, particularly SentinelOne, using FleetDM, including essential steps for uploading software, configuring policies, and adding necessary configuration profiles for seamless installation and security enhancement across devices.
MDM migration
Windows Autopilot with Primo
Windows Autopilot simplifies the deployment of new Windows devices by allowing pre-configuration for immediate productivity, requiring certain prerequisites, and involving a series of setup steps to ensure a seamless user experience.
Manually uninstalling an MDM agent
Learn how to manually uninstall an MDM agent on Windows and MacOS, including necessary steps for removing configuration profiles and the MDM software itself.
Migrating from another MDM
Learn how to effectively migrate macOS and Windows devices from one MDM to another, including detailed steps for both supervised and unsupervised devices, as well as specific instructions for working with Intune.