How to Enroll your iOS Devices (APNS)
At this moment, certain users may see their APNS certificate showing up as unverified. This is purely cosmetic, as our certificate has been validated by Apple and users are still able to execute APNS-specific actions. We’re currently investigating why Apple is showing our valid certificate as not verified.
Enrollment? APNS? Say whaaat?
To activate management features ( Lock, Wipe) on iOS Apple devices from 1.7.7 up, Apple requires a trust-certificate from Prey that confirms you are the administrator of said devices and enables Apple Push Notification Service (ANPS).
If you haven't gone through this process already and got your certificate, please see the following article before trying to enroll your devices: Activating Extra Features on iOS (APNS)
Once you have your certificate, it's crucial for you to enroll your iOS devices to the certificate, this way Apple will in which devices they need to allow the use of advanced management features. This process needs to be done individually on each iOS device that is to be enrolled.
Where to begin:
Log into your Prey account through the panel, and open one of your iOS devices in the device tab, if you look at the right-hand action sidebar, you'll see that the extra features have been activated but still require the device's enrollment.
Have your iOS devices at hand
To enroll your device, you will need to send a push message through our platform, which requires a manual confirmation. This is the standard security protocol issued by Apple for this process. The push message expires after a few minutes, don't send the notification to all your devices at once. Please, take your time and make sure the device is connected to a network to avoid missing the enrollment push.
Send the Push Notification
There are two ways to do this. You can click one of the greyed out features and a pop-up will appear, which will have the Send Enrollment Push link for you to click.
Or you can click the same link under your device's name and picture. Prey will send the confirmation message to the device and you will have to manually confirm it to pair it with your APNS Certificate.
Can I Re-send the Push?
Yes! If your message expired, or it didn't reach your device, feel free to try again any of the two options available.
In order to correctly enroll your device, make sure you're using Safari as the browser to download the profile. Due to Apple's restrictions, if you use an alternative browser, the profile installation will fail.
Open the App and accept the Push Notification
Open the app on the device you'll enroll and a pop-up message will appear on your iOS device.
Follow the flow (left to right) and accept, the device will be configured accordingly to allow the use of our Extra Management Features (Wipe, Lock).
A successful enrollment will result in the following screen in the app:
On the other hand, you can confirm it in the panel with the following message, plus all greyed-out features will be now available for your use. Hooray!
Add a new iOS device & enroll
Do you already have the APNS certificate and you want to add a new iOS device to your fleet? We have something for you...
1. Log into your Prey Panel utilizing Safari on your new iOS device and click on the Protect New Device button.
2. Follow the instructions at the bottom of the pop-up to download and install Prey.
3. Finally, open the app to accept Prey's privileges requests and validate the device was properly enrolled: the PROTECTED screen is to be shown.
Re-enroll Devices When a Certificate Expires
When your certificate expires, you must re-enroll your devices. To do so, you must uninstall the certificate for each device and then re-enroll.
Step by Step on iOS devices:
To complete the process of uninstalling, go to Settings> General> Profile> MDM uninstall certificate. Follow the steps explained at the beginning of this article to complete the enrollment process once again.