14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. How-to Guides
  3. Migration Guides

Category filter

How to migrate Mac devices from another MDM to Hexnode?

Jump To

Switching your mobile device management solution is thought to be a challenging process. But you can simplify the process with proper preparations and planning. This guide will assist you in migrating your Mac devices from another MDM solution to Hexnode.

Migration steps

These steps will guide you through the process of migration:

  1. Remove assets from current MDM and back up required data.
  2. Create DEP and VPP accounts (if your organization doesn’t have one).
  3. Migrate certificates and tokens to Hexnode UEM.
  4. Sync users from directory services to Hexnode UEM.
  5. Disenroll devices from current MDM.
  6. Enroll devices into Hexnode UEM.

Step-1: Remove assets from current MDM and back up required data

When migrating devices, you might have to wipe all the content from the devices. Prior to doing so, decide what all data needs to be kept. Back up the required data to your preferred cloud storage service. Export device and user details from the current MDM to use them for the enrollment process. Delete the DEP and VPP accounts configured in the current MDM.

Step-2: Create DEP and VPP accounts

Go to https://business.apple.com/ and sign up for an Apple Business Manager account if your organization doesn’t have one. Device Enrollment Program (DEP) and Volume Purchase Program (VPP) are seamlessly integrated into Apple Business Manager.

Note:

It will take some time for your organization to get enrolled, as Apple have to review the information you have provided before approving the registration.

Step-3: Migrate certificates and tokens to Hexnode UEM

APNs certificate

– Create a new Apple Push Notification service certificate and add it to your Hexnode UEM portal. APNs certificate is required for Apple devices to communicate with MDM. So, this is a mandatory step.

  • Download the self-signed certificate from the Hexnode UEM portal.
  • Go to Apple Push Certificates Portal, upload the self-signed certificate and download the APNs certificate generated by Apple.
  • Upload the APNs certificate back to the Hexnode UEM portal.

If your organization is already using DEP and VPP with the current MDM, you can continue using the services with Hexnode UEM. Move DEP and VPP tokens to Hexnode UEM. Your DEP token is a record of your organization’s devices and your VPP token keeps track of all app purchases.

DEP server token

In your DEP portal, create a new MDM server for Hexnode and move all the devices from the previous MDM server to the newly created Hexnode UEM server.

  • Create a new MDM server in Apple Business Manager using the public key downloaded from your Hexnode UEM portal.
  • Get the server token and upload it to your Hexnode portal to link Hexnode and DEP.
  • Create a DEP profile in Hexnode which need to be applied during the DEP configuration.
  • Assign your DEP devices to the Hexnode UEM server.

VPP token

Revoke all app licenses and remove any of the previous VPP tokens from the current MDM. Link your VPP account with Hexnode UEM

  • Download a new VPP token.
  • Configure VPP in Hexnode by uploading this token.

Step-4: Sync users from directory services to Hexnode UEM

You can sync the users from various directory services such as Active Directory (AD), Microsoft Entra ID and Google Workspace (G Suite) to the MDM console.

Unbind your current MDM vendor from the directory services and configure Hexnode UEM with them.

  1. Active Directory
    • Configure Active Directory settings under Admin tab to get the users synced from the AD account to the Hexnode portal.
  2. Microsoft Entra ID
    • Configure Microsoft Entra ID under Admin tab to get the users synced from the Microsoft Entra ID account to the Hexnode portal.
  3. Google Workspace (G Suite)
    • Configure G Suite under the Admin tab to get the users and user groups synced from the Google Workspace (G Suite) account to the Hexnode portal.
Note:

Users synced from the various directory services will be listed under Manage > Directory Services. Admins can send enrollment requests, associate policies, and carry out various remote actions from here.

Step-5: Disenroll devices from current MDM

Disenroll all your devices from the current MDM.

  • Perform disenroll action using the current MDM.
  • Manually remove enrollment profiles from your devices. This can’t be done if the MDM enrollment profile is made non-removable.

Step-6: Enroll devices into Hexnode UEM

Your devices can be enrolled in Hexnode using different methods. Choose the method that suites your organization’s requirements.

Note:

Devices need to be fully erased if you are planning to enroll the devices via Apple DEP.

Automatic enrollment via Apple DEP

Use DEP enrollment for eligible devices. If you haven’t assigned devices to the Hexnode UEM server you have created, assign them by providing the serial number, order number or uploading a CSV file containing the serial numbers of all devices. Devices will automatically enroll upon their initial set up.

Bulk enrollment with CSV import

Use the device and user details downloaded in Step-1 to enroll devices in bulk.

Self-enrollment

Allow users to authenticate with their AD credentials or usernames and passwords set in the portal.

Open enrollment

Allow users to enroll without authentication using only the enrollment URL.

Email/SMS enrollment

Admin can send enrollment requests with the server address, username and password to the users via email/SMS, and they can enroll using them.

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • How-to Guides