Automated Device Enrollment (ADE) , which was previously called Device Enrollment Program (DEP), of ABM provides the basis of automated bulk enrollment and device-theft deterrence of Apple devices owned by companies. Each devices registered in the ABM account of a company can be assigned to use a specific MDM/EMM/UEM solution already integrated with the ABM account.  Upon device factory reset, each such assigned device will ALWAYS be directed by Apple ADE backend to talk to the designated MDM/EMM/UEM server to get enrolled and  MDM policies deployed.  If properly implemented, the whole mechanism ensures that a stolen device will have no re-sale value in second-hand market, nor can it be deployed for doing anything useful by the thief himself/herself.

Without ABM, OPTIONAL enrollment to MDM/EMM/UEM has to be done/selected manually by anyone holding the device.

The Apple Software License (ASL), previously called Volume Purchase Program (VPP), of ABM provides asset management and deployment of Apple App-Store software purchased with the ABM corporate account to its devices assigned to integrated MDM solution(s) with ADE.  App licenses on lost/stolen/broken devices can be reclaimed and then redeployed to other device(s) under the ABM account.  Besides,  app licenses can also be transferred between different integrated MDM/EMM/UEM solutions under the ABM account.

ABM also provides support for generating managed AppleID's associated with the company for its shared-device use cases.

Hi Vidura,

Thanks for posting on SOTI Pulse.  Thanks Raymond for responding to the post, your expertise and willingness to help are greatly appreciated! In response to your query, "In an environment without ABM (Apple Business Manager) for managing Apple devices, which features are limited? Can these devices be managed in the same way as Android devices?" please find the answer below.

If an environment does not have Apple Business Manager (ABM) for managing Apple devices, there are several limitations in features compared to environments that utilize ABM:

Device Enrollment: Without ABM, organizations cannot take advantage of Automated Device Enrollment (ADE), which facilitates zero-touch deployment. This means devices cannot be automatically enrolled and configured during setup.

User Management: ABM provides options to assign roles and manage users effectively. Without it, administrative tasks become more cumbersome, and organizations lack centralized user management.

Profile Management: Profile creation and distribution can be less efficient. Organizations may have to manage device configurations individually rather than distributing them through a centralized system like ABM.

Limited Access to Features: Some MDM features that enhance security and usability may be restricted. For example, certain features like Managed Apple IDs and restrictions on system functions might not be available.

Update Management: The ability to manage updates and app installations might be limited, leading to inconsistencies in device compliance and security.

In terms of managing Apple devices in environments without ABM, while there are some similarities with managing Android devices, the overall management experience is less streamlined. Android devices often utilize various platforms like Google Workspace or Android Management API, which can provide a more flexible management structure without needing a dedicated enrollment program like ABM.

For a more detailed understanding of the limitations of not using ABM and differences between management of Apple and Android devices, you can refer to the SOTI MobiControl documentation and support resources: Managing Apple Devices without ABM.

Incase of any further concerns, please don't hesitate to reach out.

Kind Regards,

Technical Support | SOTI Inc. |1.905.624.9828 | support@soti.net | www.soti.net |