When setting up a Bushel account, we require you to setup a certificate between an Apple ID and your Bushel account. This is a little file exchange that protects your data with Apple. No other Bushel user (and certainly not we who run Bushel) can access your secure connection with Apple. When you’re first setting up a Bushel account, you’ll get prompted to configure a certificate. That’s done by downloading a file from us and giving it to Apple (to prove our authenticity to Apple) and then downloading another file from Apple (to prove their authenticity to us).
If it seems complicated, don’t worry, it’s actually much simpler than we’re probably making it out to be – so we’ll walk you through it now. From the first Bushel screen, you’ll see some basic instructions. Here, click on “Download Plist file” and a file will by default download to your Downloads directory.
Once downloaded, click on the Go to Apple Certificates Portal button and login using an Apple ID. Now, at some point, the company will need to renew this file (because certificates expire) and someone will need to login. We therefore recommend using what we call an institutional ID to do so. This ID uses an email address from the company but isn’t tied to an individual user. For example, you might use firstname.lastname@example.org if your email domain were domain.com to setup the account with Apple. Once you’ve got an Apple ID you’d like to use, login using that Apple ID and click on Create Certificate.
Click on “Upload plist” and then choose the certificate in your downloads directory. Once create, you’ll see a confirmation screen. Click on Download.
Once downloaded, go back to Bushel and click on the bottom button for . Upload Push Certificate.
You’ll then have a dialog to select the certificate, which is the one you just downloaded from Apple. Once uploaded, click Continue and you’re all done. Happy Busheling!
One of the greatest features of Bushel is the ability to have an Apple device shipped to an employee in a far away place. That person then opens that beautifully designed box themselves. Bushel then automatically sets the device up with all of your apps, mail settings and security policies. In short, Apple’s Device Enrollment Program (DEP for short but also referred to as Streamlined Deployment) joins your devices to the Bushel servers automatically to facilitate this process. DEP-enabled devices can also use device supervision rather than have to plug into Apple Configurator, which gives you a whole slew of new options.
Note: All devices that enroll in an MDM via DEP are automatically supervised no matter the Mobile Device Management (MDM) solution being used.
DEP-enabled devices also have another awesome attribute in that DEP is the only way you can lock a device to an MDM solution. This means that if a user wipes a device, the device will automatically re-enroll into the MDM upon activation. A feature key to anyone wanting to truly guarantee policy enforcement.
The DEP program is available in Australia, Belgium, Canada, Denmark, Finland, France, Germany, Greece, Hong Kong, Ireland, Italy, Japan, Luxembourg, Mexico, the Netherlands, New Zealand, Norway, Singapore, Spain, Sweden, Switzerland, Taiwan, Turkey, United Arab Emirates, the United Kingdom and of course, the United States. When introduced, DEP was only available to customers that had a terms account with Apple and that purchased devices directly through Apple. In November, Apple announced that resellers would also be able to sell DEP-enabled devices. Now, if you buy devices from a reseller you can take use of DEP on those devices as well! And we’re finally starting to see the first devices purchased through resellers being enrolled! Contact your reseller to see if they’re ready for DEP and if they’re not, please feel free to apply a little bit of pressure, ’cause it’s awesome!
For many iOS deployment projects, iTunes is used as the primary deployment vehicle for the devices. iTunes can be used to “Backup” and “Restore” an iPad, similar to how you image desktop and laptop computers.
The actual deployment process is straight forward. First we’ll create a backup in iTunes. Then we can deploy the backup using the Restore option within iTunes. Provided the backup is encrypted, the Restore option will maintain the maximum amount of data available. For example, if a device has been activated then the fact that it has been activated is maintained across a restore. As are the applications that are installed on the device.
To Create an iTunes Backup:
Open iTunes and dock the device with the master configuration.
iTunes To Backup
Check the box to “Encrypt local backup.”
At the Set Password screen, provide a password for the encrypted backup.
iTunes Backup Password
In order to ease restore, check the box for “Remember this password in my keychain (passwords are set to user names).
Control-click on the name of the device in the DEVICES section.
Click on “Back up”.
Immediate iTunes Backup
If prompted, click Set Password (subsequent backups will not require passwords).
Restoring with iTunes
To Restore an iTunes Backup:
Open iTunes and dock the device to be restored.
Control-click on the device.￼
Click “Restore from Backup”
At the “Restore From Backup” screen, select the name used in the previous backup.
Choose iTunes Restore Device
Authenticate to Restore from iTunes
If prompted, enter the Password.
iTunes Restored a Device
Rename the iPad once the restore process is complete.
Once the Restore is complete, if prompted to “Set Up Your iPad”, uncheck the Automatically sync songs and videos to my iPad box and “Automatically sync apps to my iPad”, putting the students Active Directory name in the Name field and clicking Done