If you have not already started WSO2 IoT Server, start WSO2 IoT Server's core profile.
Code Block
cd <IOTS_HOME>/bin
./iot-server.sh
Sign in to the device management console using a username and password that has administrator privileges. The default administrator password is admin and the default administrator password is admin.
Click > CONFIGURATION MANAGEMENT > DEP CONFIGURATIONS > Add Profile. The profile form is displayed.
Configure the profile settings:
Enter profile name
Provide a name for your profile.
Enter profile URL
Enter the URL to access the WSO2 IoT Server's EMM server. The URL needs to be in the following format: https://<IOTS_HOST>:8243/api/ios/v1.0/profile-dep/. If you port offset WSO2 IoT Server's core profile, make sure to offset the port defined here too. In a setup where hostnames are used, please replace the <IOTS_HOST>:8243 with the gateway hostname.
Is supervised
If selected, the device is set to the Supervised mode. The supervised devices are also referred to as DEP enabled device. The EMM administrators are able to carry out operations on the device as they are owned by the organization. Important: Without this tick, DEP related policies will not work.
Is MDM removable
If selected, the device user is unable to unregister the device from the WSO2 IoT Server's EMM solution.
Is mandatory
If selected, the device users need to complete enrolling their devices with WSO2 IoT Server during the setup, and cannot skip the step. Important: It is highly adviced to keep this unchecked during testing to avoid getting locked out due to a misconfiguration. When moving to a production environment, this can be checked after testing.
Department
Enter the department the device belongs to. This value is displayed when the device is starting up.
Support phone number
Enter the support number. This is provided during the setup if device users require help or run into issues.
Support email address
Enter the support email address. This is provided during the setup if device users require help or run into issues.
Anchor certs
Production environment: You don't need to enter any value here because WSO2 IoT Server has a valid SSL certificate in a production environment.
Testing/Development environment: If the testing environment does not have a valid SSL certificate, follow the steps given to get the values you need to enter:
Navigate to the <IOTS_HOME>/ios-configurator/output directory via the terminal. This directory is available only if you configured WSO2 IoT Server with the iOS features.
Run the command given below to convert the SSL certificate you had already generated when configuring iOS features to the .pem format.
Code Block
openssl x509 -in ia.crt -out ia_cert.pem
As per the Apple specifications, encode the ca_cert.pem file you generated when configuring the iOS features.
Code Block
openssl x509 -in ca_cert.pem -outform DER|base64
As per the Apple specifications, encode the ia_cert.pem file you generated above.
Code Block
openssl x509 -in ia_cert.pem -outform DER|base64
Enter the values you got in step c and step d as comma separated values: Format:
Code Block
<STEP_C_VALUES>, <STEP_D_VALUE>
Skip setup items
If Skip setup items is selected, the device automatically skips through all the pages that appear at the time of setting up an iOS device.
If only specific items are selected, the device skips the selected pages at the time of setting up the iOS device. For example, if you select passcode and Siri, you don't have to enter a passcode or set up Siri at the time of setting up the iOS device for the first time.
Click Add to add the configured profile.
Navigate to the Device list page.
Click Syncif you haven't done before to get the list of devices that are enrolled as DEP devices from the DEP portal.
Assign a profile to a device. The settings in the profile are used when starting up the device for the first time.