+ Post New Thread
Results 1 to 11 of 11
Netbooks, PDA and Phones Thread, Profile Manager set up, what next? in Technical; So finally got a mac mini with mountain lion serverr and profile manager set up, i've succesfully enrolled an Ipad ...
  1. #1

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51

    Profile Manager set up, what next?

    So finally got a mac mini with mountain lion serverr and profile manager set up, i've succesfully enrolled an Ipad and i can play about (I've added some test restrictions and they pushed out ok).
    Question is so what exactly can I do with it?, its not the magic bullet I thought it would be.
    Do I still have to manually enrol each Ipad before dishing it out? (I thought I could bulk add the devices)
    Do I still need to manually add each exchange server settings per device? (exchange profile needs a user name)
    I can see this taking up a lot of our time, or am I missing something?

  2. #2
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    896
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    You need to bind the server to Active Directory. This will let your users login to the /mydevices enrollment link with their AD credentials. That then allows you to use %short_name% for the user name within the Exchange payload, and %email% within the Email Address field, so when the profile is pushed out after they've enrolled it'll auto set all those from AD and just prompt them for their email password.

    The way we do it, each iPad is unboxed and configured for our network (we use static IPs etc). Once that's done, I install the trust profile direct from profile manager and add a link to /mydevices on the homescreen. When staff collect their iPad, they simply tap the /mydevices link, and tap enroll.

    If working with DHCP, then you can use the Apple Configurator to provide the WLAN key, drop on the trust profile, /mydevices Web Clip and batch name them... just plug each one in on USB and let Configurator do it's stuff, then users do as above - tap the /mydevices link, login with AD credentials, enrol, and let it configure itself.
    Last edited by Marci; 11th October 2012 at 03:19 PM.

  3. Thanks to Marci from:

    caffrey (11th October 2012)

  4. #3

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51
    Cheers for that, sounds like what we need, *except* the mac mini and all apple stuff is on a seperate vlan and we don't want them anywhere near the main domain network - so I guess its manual all the way :/
    The wifi is automatic (guest open network) with no key so thats ok.
    All I can do is deploy per department and assign email settings per ipad.

  5. #4
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    896
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    Connect the MacMini to your Domain network via WiFi, and to the mobiledevices vlan by ethernet (or vice versa, or grab a USB NIC and connect to both by wire)... That way the Mac can bind to AD and access everything it needs to without the risk of the iPads or any other devices on the guest network being able to do so. The server won't allow routing through unless you tell it to, and there really is bugger all risk involved.
    Last edited by Marci; 11th October 2012 at 04:03 PM.

  6. #5

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51
    Great suggestion, I wasn't sure you could do that - the mac mini is connected via wifi on the vlan, so sounds easier - i'll give it a go.
    The mac isn't going to kill anything is it? (heh)

  7. #6
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    896
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    Your only issue may be if you use the macmini to provide dhcp on the guest vlan, but I'm presuming you don't. It won't kill anything. You need to set it's time server to your domain dc, and set up a DHCP reservation on your domain network for it, and give it a DNS entry also. Just makes life easier. Then bind it to AD. Back in Server on the mac, create some user groups (students, staff, ictsupport) and then add the relevant AD groups to those (rather than individual users). Voila. You can now use AD credentials to authenticate on /mydevices and populate payloads with content from AD fields.

  8. Thanks to Marci from:

    caffrey (12th October 2012)

  9. #7

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51
    Great, thanks for the advice - been really helpful, one last thing is a self signed cert ok for the trust profile ?

  10. #8
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    896
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    It should generate it's own when you set profile manager up iirc.

  11. #9

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51
    Yes it did, just wondering if I need a commercial one, all i need to do now is fix the AD binding !

  12. #10
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    896
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    Forgot about this: you could just head to "manage virtual interfaces" in network setup, and connect to both vlans on a single wired connection (also assuming the switch port is configured correctly to allow this)

  13. #11

    Join Date
    May 2010
    Posts
    1,116
    Thank Post
    108
    Thanked 101 Times in 76 Posts
    Rep Power
    51
    Trying that now, however the virtual interface isn't listed in the server.app ?

    I'm considering throwing the ipads at the staff now ;p

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle: what is the best set-up?
    By witch in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 1st September 2009, 07:23 PM
  2. Setting up SIMS profiles 7 for reporting
    By IT_Man_Dan in forum MIS Systems
    Replies: 3
    Last Post: 18th July 2009, 01:28 PM
  3. Replies: 18
    Last Post: 14th October 2008, 05:41 AM
  4. Setting up Profiles
    By Grommit in forum Windows
    Replies: 1
    Last Post: 7th July 2008, 04:40 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •