With apple's iOS 15 update, I found I had some issues to fix with some of our organizations iPads, specifically because they are only 16 gb versions; they were out of space. Also with the pandemic the Push cert was not kept up due to the systems being off. Resetting and reformatting the ipads ended up being required. Now these ipads were store bought ipads and not directly purchased from apple; which complicates things. That caused the ipads to no longer connect to the Meraki MDM due to the bad push certificate and when I tried to re-add them using Apple Configurator 2, I got the invalid profile error.
After a lot of pain and troubleshooting, I had managed to make some progress on getting these ipads re-set up on the Meraki MDM. After updating them to iOS 15.0.2 I ran the apple configurator which put them in the Apple Business Management center, but would not configure the ipads for use with the MDM.
An issue that I also found which was causing me some of the grief is these ipads were somehow added to an icloud account, which I need to be removed before I could continue. After removing the ipads from the iCloud account, I setup the ipads for automated enrollment thought Apple Configurator 2. Doing this put the ipads into Apple Business Manager but still would not configure the ipads to use the MDM with the push certificate.
I thought I would try and add them to the Meraki DEP, which I was able to do but this did not help me with getting the ipads setup to be used and updated with the push certificate. What ended up being the solution was resetting all the certs (again), and setting up the ipads for just supervision with no MDM. After the iPads were Supervised I was apple to add them to the MDM using Safari and the MDM web link. I also had to remove the education configuration part of a profile configuration
I thought this was odd but it was causing the following two errors in the Meraki log which you can see below.
Error: The top-level user “xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx” is neither a leader nor a member.
Error: The payload “Your Meraki iPad Profile” is invalid.
Ultimately I re-did all the certs between apple business manager and Meraki
- The Apple configurator certificate
- the VPP certificate
- the push certificate
- DEP certificate.
Then I removed the education part of the profile and setup the ipads as just supervised devices with no MDM having to add them manually after. This worked and got the ipads back up in working order.
Connect the ipads to your mac and open Apple Configurator 2 and select the ipad or ipads and select the Prepare
Select Supervise devices and allow devices to pair with other computers.
Select do not enroll in MDM
Select the Organization
Configure iOS Setup
After the ipad has been supervised, the ipad could be connected to the internet.
 |
| Un-Supervised Device |
Once the ipad was supervised, the wifi screen shows up and when connected can then be joined to the MDM by the enrollment URL/Link. You must use safari to connect to the MDM.
 |
| iOS Screen |
I was able to use safari get to the enrollment URL/Link to join the MDM and the profiles were applied right away. However before you do if you have apps that you will want to use that were purchased on a specific profile you will have to sign into the ipad with that account before loading the MDM. Otherwise you will lose access to those apps.
 |
| Meraki Network Registration |
 |
| Sign in with Google |
 |
| Sign in with a Meraki email. |
 |
| Enter the password |
 |
| Finds The MDM Network |
 |
| Allow the profile to download to the iPad |
 |
| Close the alert and open the settings |
 |
 |
| Click on Profile Downloaded |
 |
| Install the profile |
Trust the certificate from the MDM
Once the profile is installed, the ipad will start reconfiguring to what you have setup for the profile on the MDM.
to get the devices setup. Once that was done. I used apple configurator to just supervise the devices. Then I used safari to add them to the MDM. Once there I was able to set them up as before in Meraki, adding and removing profiles as required for apps.
