You can use manual enrollment and ADE in parallel, depending on your device fleet and purchasing process.
# Apple manual enrollment (Enrollment Profile) Cerberus Enterprise supports manual enrollment for Apple devices using an enrollment URL and an enrollment profile file.Manual enrollment is available when Apple Management (APNs) is configured. If you have not completed APNs setup yet, read [**Apple Management setup (APNs)**](https://enterprise.cerberusapp.com/docs/books/user-manual/page/apple-management-setup-apns "Apple Management setup (APNs)").
## Get the enrollment URL and profile - Open the **Enrollment** section in the dashboard and select the **Apple manual enrollment (Enrollment Profile)** tab. - Copy the **Enrollment URL**, or use the send-by-email action. - Download the **Enrollment Profile** (mobileconfig file). ## How to enroll an iPhone or iPad iOS/iPadOS 15.0+ 1. Send the enrollment profile file (*enroll.mobileconfig*) to the device, or open the Enrollment URL in Safari on the device. 2. On the device, open *Settings* → *Profile Downloaded* → *Install*, then follow the instructions. 3. After enrollment, you can verify the status in *Settings* → *General* → *VPN & Device Management* (or *Profiles & Device Management*).Only install enrollment profiles that you obtained from your Cerberus Enterprise dashboard.
# Apple Automated Device Enrollment (ADE) Automated Device Enrollment (ADE) integrates with Apple Business Manager (ABM) to automatically enroll company-owned devices when they are turned on for the first time (or after a factory reset).ADE requires Apple Management (APNs) to be configured first. If needed, read [**Apple Management setup (APNs)**](https://enterprise.cerberusapp.com/docs/books/user-manual/page/apple-management-setup-apns "Apple Management setup (APNs)").
## How to enroll devices automatically 1. Add devices to your Apple Business Manager account. 2. After adding new devices to your ABM account, sync them in Cerberus Enterprise from the **Devices** section using the **Sync from ABM** action. 3. Create an ADE profile in the dashboard from **Enrollment** → **Apple Automated Device Enrollment (ADE)** → **New ADE profile**. 4. Assign an ADE profile to a device from the device details page using the **ADE profile** field. ## ADE profile settings (overview) An ADE profile controls how the device is enrolled and how Setup Assistant behaves. In Cerberus Enterprise, an ADE profile includes a name, an optional initial policy, and some enrollment options. ### Profile name A human-readable name for the profile (for example, *Default ADE profile*). ### Policy The policy initially applied to enrolled devices. You can assign a policy when creating a new ADE profile. ### Enrollment options - **MDM removable**: controls whether the MDM payload can be removed from the device. - **Allow pairing**: controls whether pairing is allowed (deprecated by Apple in iOS 13). - **Auto-advance setup**: automatically advances Setup Assistant through its screens. - **Await device configured**: blocks Setup Assistant until the server marks the device as configured. - **Mandatory**: prevents skipping profile application during setup. - **Multi user (Shared iPad)**: configures the device for Shared iPad. - **Supervised**: requests supervision for the device.After a device has an ADE profile assigned, it is ready to be automatically enrolled.