Apple Business Manager profile settings (iOS)
This page lists the available settings for Apple Business Manager profiles for iPhones and iPads.
General settings
| Setting | Description |
|---|---|
| Name | The name of the profile. |
| Description | An optional description of the profile. |
| Device group | A device group that will be assigned to devices when they are enrolled with Sophos Mobile. For information on device groups, see Device groups. To simplify device management, we recommend that you use a separate device group for Apple Business Manager devices. |
| Task bundle | A task bundle that will be transferred onto the devices when they are enrolled with Sophos Mobile. The list includes all task bundles that contain no enrollment task. For information on task bundles, see Task bundles. |
Enrollment
| Setting | Description |
|---|---|
| Assign user to device | Select whether users must authenticate during device enrollment.
If you select one of the Yes options, Sophos Mobile assigns the user to the device. |
| User can remove MDM policy | The user is able to remove the Sophos Mobile enrollment profile through the user interface. This option can only be deselected for supervised devices. |
| Install SMC app | Install Sophos Mobile Control on the device. When you turn on this option, you must also do one of the following:
|
| User can skip MDM policy assignment | The user is able to skip the setup step that applies the Sophos Mobile enrollment profile. |
iOS setup
On the iOS setup tab, you disable configuration steps of the setup assistant that starts when the device is switched on for the first time.
These settings only affect the setup assistant. If you disable a configuration step, the user is still able to enable the relevant option later. To completely disable a feature, use a Restrictions configuration. See Restrictions configuration (iOS device policy).
| Setting | Description |
|---|---|
| Apple ID | Skip configuring an Apple ID. The user cannot log in with their Apple ID to access Apple services. |
| Apple Pay | Skip configuring Apple Pay. The user cannot add credit or debit card information for paying in stores or within apps using Apple Pay. |
| Safety | Skip the Safety page. |
| Passcode | Skip creating a passcode to unlock the device. |
| Accessibility | Skip the Accessibility page. |
| Term of Address | Skip the Term of Address page. This page is available for some languages and lets users select how they want to be addressed by the device (feminine, masculine, or neutral). |
| True Tone | Skip activating True Tone (the automatic adaptation of display colors based on ambient lighting conditions). |
| iMessage and FaceTime | Skip activating iMessage and FaceTime. |
| Software Update Complete | Skip the page that shows the mandatory updates that happened during the setup. |
| Restore from backup | Skip restoring data from iCloud or transferring data from an Android device. |
| Disable “Move Data from Android” | The option to transfer data from an Android device is not available. |
| Touch ID & Face ID | Skip configuring Touch ID and Face ID. The user cannot set up biometric authentication in place of a passcode. |
| Appearance | Skip configuring the appearance of the user interface (light or dark). |
| Siri | Skip configuring Siri. Siri is turned off. |
| Display Zoom | Skip configuring Display Zoom, that is a zoomed view providing larger icons, text and buttons. |
| Privacy | Skip the page that explains the Data & Privacy icon. |
| Screen Time | Skip configuring Screen Time (the reporting and limiting of time spent on the device). |
| Get Started | Skip the Get Started page. |
| Diagnostics | Skip configuring diagnostics. Diagnostic and usage data are not sent to Apple. |
| Restore Completed | Skip the Restore Completed page, which is shown after a restore is performed during the setup. |
| Location services | Skip configuring location services. Location services are turned off. |
| App Store | Skip the App Store page. |
| Terms and Conditions | Skip the Terms and Conditions page. |
| Watch migration | Skip restoring Apple Watch data from an iCloud or iTunes backup. |
| Cellular plan | Skip configuring a cellular data plan. |
| iOS update information | Skip the page that informs users that iOS updates are installed automatically. |
Support information
| Setting | Description |
|---|---|
| Department | The department or location name associated with the profile. This name is included in the information that the user can access by clicking About Configuration during device setup. |
| Phone number | The support phone number for your company. This field is pre-populated with the phone number from the technical support contact details. See Configure IT contact. The phone number is stored internally in the profile but is not available to the device user. |
The support email address for your company. This field is pre-populated with the email address from the technical support contact details. See Configure IT contact. The email address is stored internally in the profile but is not available to the device user. |
USB pairing
On the USB pairing tab, you can restrict the USB pairing of Apple Business Manager iPhones and iPads to selected Macs. USB pairing is required to connect the device to Apple Configurator 2.
| Setting | Description |
|---|---|
| Allow USB pairing with all hosts | If you select the check box, you can pair the device with any computer. If you clear the check box, you can only pair the device with Macs you’ve configured for device supervision. You can’t pair the device with Windows computers. |
| Upload host certificate | Upload a supervision identity certificate. All Macs containing the certificate in their keychain can supervise the device. You can upload several certificates. |
Note
If you clear Allow USB pairing with all hosts and don’t upload a certificate, you can’t connect the device to Apple Configurator 2.