Creating Supervision Identity Files
Some device management tasks, such as erasing devices, require the approval of the device’s designated supervision authority in order to be performed. Since the management workflows you create may be designed to be run by non-administrative personel, authentication is accomplished through the use of certificate and private key files that you generate from your Configurator supervision profile.
These validation files are then selected (when required) from within the action interfaces that require supervision authority, such as the “Erase Devices” action (⬆ see above )
The information provided on the following pages, outline the steps for creating and exporting a supervision identity for use with the Configurator Automator actions.
Creating the Organization Profile
Supervision identities are created in the Configurator preferences window, accessed from the Configurator > Preferences menu in the Configurator application. Select the “Organizations” pane in the preferences window (⬇ see below )
Click the “Add” button ( + ) located at the bottom left of the window (⬆ see above ) and the process of creating a supervision identity will begin (⬇ see below )
Click the “Next” button (⬆ see above ) and enter the information for the supervising organization in the provided fields (⬇ see below )
Once the organization information has been entered, click the “Next” button (⬆ see above ) and choose the option to Generate a new supervision identity in the following pane (⬇ see below )
Click the “Done” button (⬆ see above ) and a security authentication dialog will prompt you to approve changes to the Certificate Trust Settings on your system (⬇ see below )
Click the “Update Settings” button (⬆ see above ) to finish the process of create a supervision identity (⬇ see below ) which will now be added to the preferences window.
The next step will be to export the Keychain identity certificate that is used by the supervision identity you just created.
NEXT TOPIC: Exporting the Keychain Certificate