Mobile Device Management Enrollment
As the IT administrator for Acme Corporation, you need to configure a Mobile Device Management (MDM) enrollment profile for the new batch of corporate-owned iOS devices. The IT security team requires a specific configuration that enforces the company's security policies and ensures compliance with industry regulations.
Your task is to configure the MDM enrollment profile in the web console with the following requirements:
- Set up TLS and HTTPS Certification settings
- Configure compliance policies that enforce the minimum required iOS version and password security standards
- Implement application restrictions to prevent unauthorized app installation
- Set up the enrollment method using the company’s Apple Device Enrollment Program
Please follow the specifications below carefully to ensure all corporate devices are properly secured and managed.
SSL/TLS Information:
- Company top level domain:
acmecorp.com - MDM sub-domain:
mdm - Certificate file location:
/mnt/certs/AcmeMDMCertificate.pfx
Policy requirements:
- Device must be no more than 1 major iOS version behind
- Users must specify a password or passcode
- Passwords/codes must be >=6 characters
- Paswords/codes must never be reused
- Auto-lock should be enabled and devices should lock after 1 minute of inactivity
- Jailbreak and rooting email alerts should be enabled and configured to go to
alerts@at the companies MDM domain name used in the HTTPS settings.
App Restrictions: Only official ACME company applications should be permitted. Apps should update automatically.
Automatic Enrollment Apple's automatic enrollment service should be used. The certification can be found in the /mnt/certs/ directory as file AdeServerToken.p7m. Enrollment setting should be as strict and secure as possible.