Access Keys:
Skip to content (Access Key - 0)

IS&T Device Enrollment Program (DEP) for Macs

Apple provides the Device Enrollment Program (DEP) as a way of deploying institute-owned Mac or iOS devices. This process works by technicians providing the serial number of any Mac they would like enrolled into the DEP program to IS&T. IS&T will then upload the serial number to Apple and assign it to the correct Mobile Device Management (MDM) server. Once the computer has been booted, it will automatically receive any policies that have been supplied by the MDM server.

IS&T provides DEP as a service to the MIT community in conjunction with either IS&T's MDM server (Jamf Pro) or your department's own MDM server if you have one. If you are interested in our Jamf Pro offering, please visit our Jamf Pro page for more information. There is no cost associated with either the DEP or Jamf Pro service.

Please note machines must be purchased through an official MIT channel for this to work.

IS&T will also provide training and one-on-one time for both DEP and Jamf Pro if requested.

Contact Information

If you would like to enroll computers or have any questions regarding DEP they should be emailed to euc-help@mit.edu.

DEP Process

  1. The IS&T End User Computing (EUC) team enrolls your Mac into DEP program and confirms your machine is enrolled.
  2. Boot your new or re-imaged Mac (not before above step!)
  3. Go through the Out of Box Experience.If you're using a wired connection on campus, you must use on an already registered dongle. If using wifi, you can use the open "MIT" network. You can also connect from off-campus networks.
  4. You will then see a screen that says Configured by MIT. If you do not see this screen, contact the EUC team to double check enrollment.
    If you missed the Configured by MIT screen
    • On macOS High Sierra or newer, run sudo profiles renew -type enrollment
  5. Create an account and log in. The below policies will apply if you are using IS&T Jamf Pro.
    • Software Installs
      • Adobe Reader
      • CertAid
      • Code42
      • Dropbox
      • Firefox
      • Google Chrome
      • GlobalProtect VPN
      • Kerberos Extras
      • Microsoft Office
      • Slack
      • Sophos
      • Spirion
      • VLC
      • Webex Meetings
      • Zoom
      • Apple Software Updates
    • Configurations
      • Enable Filevault 2 file encryption
      • Add dock icons for Office, Firefox, and Crashplan
      • Enable firewall
      • Create a local admin account
      • Change hostname to serial number
      • Set password policy to minimum 8 characters
      • Force password change on next login
      • Configure 802.1x authentication for ethernet

When setup is complete, the computer will shut down, and the user will be prompted to change their password and begin encryption the next time they log in.

You can also set up machines to have additional software/scripts/printers installed through our Jamf offering, or your own MDM policies if you have an MDM server.

Removal of machines from DEP

Machines that will be leaving MIT should be removed from DEP. Send any serial numbers to euc-help@mit.edu for removal, and specify whether this should be permanent or temporary. Computers being sold or recycled should be removed permanently, while repairs being sent back to Apple should be removed temporarily so they can be re-added when they come back to MIT.

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

March 30, 2021

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
casper casper Delete
dep dep Delete
imaging imaging Delete
mac mac Delete
c-casper c-casper Delete
endpoint endpoint Delete
management management Delete
jamf jamf Delete
c-jamf c-jamf Delete
macos macos Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki