Set up company-owned iOS device management

How can you manage company-owned iOS devices?

• Managed iOS devices listed as company-owned

Step 1: Set up Apple Enrollment

You must be signed in as a super administrator for this task. Admins who have the Mobile Device Management privilege but aren't super admins always see the setup flow, even if your organization is already set up. If they try to download the public key, they get an error message.

1. Go to Menu > Devices > Mobile & endpoints > Settings > iOS settings.
2. Requires having the Services and devices administrator privilege.
3. Click Apple certificates > Set Up Enrollment.
4. Click Get public key. The public key downloads to your device.
5. Open Apple Business Manager or Apple School Manager and sign in with your business Apple ID. In the Device Enrollment Program section:
   • Click Manage Servers.
   • If you already set up an MDM Server to use for these devices, click it. Otherwise, create a server.
   • When prompted, upload the public key you downloaded from the Admin console.
   • Download the server token from Apple.
6. Return to the Admin console.
7. Under Business Apple ID, enter the Apple ID you used to get the token. This entry helps you track which admin did the setup.
8. Click Upload Server Token, select the token you downloaded from Apple, and click Open.
9. Click Save and Continue.
10. The token and its expiration date are now listed on the settings page. Set a calendar reminder to renew the token before it expires.

Step 2: Configure device setup settings

You can control how company-owned iOS devices are set up when a user first signs in. These settings apply to your entire organization.

1. In your Admin console .
2. Go to  Menu > Devices > Mobile & endpoints > Settings > iOS settings.
3. Requires having the Services and devices administrator privilege.
4. Click Company-owned iOS device setup > Device enrollment settings. To learn more about the settings, see the iOS settings reference.
5. Click Save.

Note: Changes can take up to 24 hours but typically happen more quickly as described in How changes propagate to Google services.

Company owned management works differently and is setup differently depending on the OS the user need.