Mobile Device Management (MDM)
Use and configure MDM
35 articles
Manually uninstalling an MDM agent
To manually uninstall an MDM agent, follow the outlined steps for both Windows and MacOS, ensuring you have the necessary administrator access to remove the configuration profiles and the MDM agent itself.
Useful scripts
Explore a collection of useful scripts, including a detailed bash script for modifying host names on macOS, accompanied by important usage notes and a disclaimer regarding their support.
Testing Primo & FleetDM
The guide provides essential information on testing FleetDM in conjunction with Primo, covering prerequisites, functionalities, controls, queries, policies, and important FAQs to ensure effective integration and usage.
Deploying an EDR with FleetDM
Learn how to deploy an EDR solution using FleetDM, including steps for software package configuration, policy creation, and optional configuration profiles for Mac devices to ensure effective security management across your fleet.
Deploying an EDR with FleetDM
Learn how to effectively deploy an EDR solution using FleetDM by following the outlined steps, which include uploading software, creating policies, and adding configuration profiles for optimal security management across devices.
General info
Supported platforms and OS
Supported platforms and operating systems for Primo are outlined, detailing capabilities for each OS, current version support, and noting that Android is prioritized for future support.
Introduction to Mobile Device Management (MDM)
Mobile Device Management (MDM) is a crucial tool for managing, securing, and configuring mobile devices within an organization, ensuring compliance with security policies, enhancing productivity, and minimizing risks associated with data breaches and device loss.
Managing Windows Home
For those considering using Windows Home for professional purposes, it's important to note its limitations in security, management, and compatibility, and to explore the advantages of upgrading to Windows Pro for enhanced features tailored to business needs.
MDM Settings
Manage Admin Accounts with FleetDM
Manage admin accounts effectively using FleetDM by implementing policies and scripts to control user permissions across macOS and Windows devices, ensuring compliance and security within your organization.
Password Policy
The password policy outlines the enforcement of minimum length, complexity requirements, and renewal frequency for session passwords, detailing how these processes are managed on both macOS and Windows systems.
Disk encryption policy and recovery key storage with Primo
The disk encryption policy outlines the automatic activation of encryption on MacOS and Windows devices through Primo, details the importance and storage of recovery keys, and specifies actions required for key storage based on the operating system.
Rollout Primo MDM
Deploying MDM: FAQ
Prepare for the Primo installation campaign by familiarizing yourself with the MDM process, addressing common FAQs, and understanding potential issues your employees may encounter during installation.
Resources for a successful MDM rollout
A comprehensive kit is provided for the deployment of Primo, including a proposed timeline, communication materials, and guidance on tracking installation, ensuring efficient and secure management of company computers.
Employee experience for OS Updates
The guidelines outline the employee experience and procedures for OS updates on macOS and Windows, detailing notification mechanisms, deferment options, and special considerations for low disk space situations.
MDM Installation Guide
To successfully install the Primo tool for managing and securing your company's computers, follow the outlined steps for either macOS or Windows, ensuring you have administrator rights and access to the necessary installation files.
Device partially enrolled
A computer is considered "partially enrolled" in Primo when the MDM enrollment process is incomplete, and to resolve this, users should follow specific steps based on the situation, such as addressing missing profiles or agents, with further assistance available from Primo support if issues persist.
Inviting your employees to MDM
To successfully invite your employees to the MDM, follow the outlined steps for sending invitations, ensure they receive the enrollment email with a personal installation link, and remember that the invitation is valid for only 7 days.
Zero-Touch (ZTD)
Apple Business Manager with Primo
Learn how to set up and integrate Apple Business Manager with Primo for efficient device management and Zero Touch Deployment, including account creation, validation steps, and the onboarding experience for new employees.
Create and authorise the FleetDM application on the Azure portal
To successfully create and authorize the FleetDM application on the Azure portal, follow the outlined steps for declaring the FleetDM domain, creating the application with necessary permissions, and setting FleetDM as the default MDM for new devices.
Windows Autopilot with Primo
Windows Autopilot with Primo streamlines the deployment of Windows devices by allowing pre-configuration for an out-of-the-box experience, detailing prerequisites, setup procedures, and testing methods to ensure efficient management of devices within an organization.
Understanding Zero-Touch Deployment (ZTD)
Zero-Touch Deployment (ZTD) is an automated method for setting up devices without IT staff intervention, enhancing security, improving employee experience, and increasing efficiency, especially when integrated with solutions like Primo for streamlined procurement and management.
Using Primo MDM
One of your devices has been lost or stolen
If you've lost a device or had it stolen, Primo's MDM offers robust security features such as encryption, password management, and remote locking or wiping to help protect your data and ensure your peace of mind.
Deploying an EDR with FleetDM
Learn how to effectively deploy an EDR, specifically SentinelOne, using FleetDM, including steps for uploading software, configuring installations, and adding a configuration profile for optimal security management.
Manage your apps via Primo & FleetDM
Manage your apps efficiently by connecting to FleetDM from your Primo cockpit, configuring application settings, and defining installation targets to ensure smooth deployment across devices, while noting that some processes are still being migrated.
Device partially enrolled
A computer is considered "partially enrolled" in Primo when the MDM enrollment process is incomplete, and to resolve this, users should follow specific steps based on the situation, such as addressing missing profiles or agents, with further assistance available from Primo support if issues persist.
Location tracking for Macs
Precise location tracking for Macs through MDM is not available due to privacy restrictions, and while features like remote lock and wipe commands can be utilized, Lost Mode is exclusive to iOS devices; for location tracking, user-enabled services like "Find My" are recommended.
How to use the iCloud Bypass Code
Learn how to effectively use the Activation Lock Bypass Code to unlock devices secured by Activation Lock, with step-by-step instructions for different macOS versions and important legal considerations.
Changing a Collaborator's Computer
To successfully change a collaborator's computer, follow a three-step process: manage the old computer by unassigning and resetting it, assign a new computer from your inventory or send an enrollment invitation for a new device, and ensure the new device is enrolled in Mobile Device Management (MDM) for effective management.
Library
Useful scripts
Explore a collection of useful scripts, including a detailed bash script for modifying host names on macOS, accompanied by important usage notes and a disclaimer regarding their support.
Manage Admin Accounts with FleetDM
Manage admin accounts effectively using FleetDM by implementing policies and scripts to control user permissions across macOS and Windows devices, ensuring compliance and security within your organization.
Apps installation library
The content provides a comprehensive library for installing and uninstalling various applications, including scripts and policies for Notion, Google Drive, Microsoft Teams, and Microsoft Office 365, along with details on ownership, status, and visibility.
Deploying an EDR with FleetDM
Learn how to effectively deploy an EDR, specifically SentinelOne, using FleetDM, including steps for uploading software, configuring installations, and adding a configuration profile for optimal security management.
Library of custom Windows Policies
The library provides custom Windows policies, including guidelines for applying Personalization CSPs and specific XML configurations for enabling personalization features on various Windows editions.
Library of OSQueries for Queries & Policies
The library contains various OSQueries for monitoring user sessions, analyzing processes, retrieving current IP addresses, and implementing policies related to device enrollment and application presence across different operating systems.
Deploying an EDR with FleetDM
Learn how to deploy an EDR solution using FleetDM, including steps for software package configuration, policy creation, and optional configuration profiles for Mac devices to ensure effective security management across your fleet.
Deploying an EDR with FleetDM
Learn how to effectively deploy an EDR solution using FleetDM by following the outlined steps, which include uploading software, creating policies, and adding configuration profiles for optimal security management across devices.
Library of custom Windows Policies
The library provides custom Windows Policies, including XML configurations for enabling Personalization CSP on Windows Pro, and instructions for setting background images and lock screens, while emphasizing the need for thorough testing and compatibility considerations.
MDM migration
Migrating from another MDM
The content outlines the procedures for migrating macOS and Windows devices from one MDM to another, detailing steps for both supervised and unsupervised devices for macOS, and specific guidelines for Windows devices when using Intune and Entra ID.
Windows Autopilot with Primo
Windows Autopilot with Primo streamlines the deployment of Windows devices by allowing pre-configuration for an out-of-the-box experience, detailing prerequisites, setup procedures, and testing methods to ensure efficient management of devices within an organization.