Introduction to Managing macOS Devices

Workspace ONE UEM powered by AirWatch provides complete management solutions for macOS devices. With Workspace ONE UEM's Mobile Device Management (MDM) solution, enterprises can manage Corporate-Dedicated, Corporate-Shared or Employee Owned (BYOD) macOS devices throughout the entire device lifecycle.

Workspace ONE UEM supports devices running macOS versions 10.9 and all Apple devices running those operating system versions.

This guide shows administrators how to:

  • Enroll macOS devices or allow end users to enroll the devices by themselves.

  • Configure the Workspace ONE Intelligent Hub.

  • Create profiles for macOS devices to manage configuration.

  • Manage devices through the Workspace ONE UEM console and on the Self-Service Portal (SSP).

  • Integrate with macOS tools such as File Vault 2.

  • Enable Product Provisioning.

Workspace ONE UEM macOS Management Prerequisites

To manage macOS devices, make sure you have the all the prerequisites mentioned in this section.

You must have the following prerequisites ready:


  • Active Environment – Your active Workspace ONE UEM environment and access to the UEM console.
  • Appropriate Admin Permissions – Type of permission that allows you to create profiles, policies, and manage devices within the UEM console.
  • Group ID – A unique identifier for the organization group where the device is enrolled that defines all configurations the device receives.
  • Credentials – User name and password combination used to identify and authenticate the user account to which the device belongs. These credentials can be AD/LDAP user credentials.

Apple Platform

  • Apple Push Notification service (APNs) Certificate – A certificate issued to your organization to authorize the use of Apple's cloud messaging services. For information about generating an APNs certificate, see Generate a New APNs Certificate in the Console Basics documentation.

  • Apple ID for Apple Business Manager – An Apple ID is required to purchase the managed distribution or the user-based licenses when using the Volume Purchase Program (VPP) with a macOS deployment. It is also used to enroll the macOS devices through Automated Enrollment. Apple Business Manager is a web-portal which you can use with the Mobile Device Management (MDM) solution for easily deploying and managing your Apple devices. For more information about Apple Business Manager, see the VMware Workspace ONE UEM Integration with Apple Business Manager documentation.

    Note: Apple ID that is used for VPP or Automated Enrollment must not be entered in the settings or preferences on the device. For example, do not use for iTunes or iCloud.


  • Enrollment URL – The web address entered into Safari to begin the enrollment procedure. This location is specific to your company's enrollment environment. For example, this enrollment URL follows the format of https://<companyspecificdeviceservicesurl>/enroll.

  • Apple Business Manager/Apple School Manager account or Automated Enrollment/VPP accounts.

Supported Devices

Workspace ONE UEM currently supports devices running macOS 10.9 and later, including:

  • MacBook
  • MacBook Pro
  • MacBook Air
  • iMac Pro
  • iMac
  • Mac Mini
  • Mac Pro
check-circle-line exclamation-circle-line close-line
Scroll to top icon