MDM and DDM 101 - Understanding Apple Mobile Device Management Fundamentals

Learn the fundamentals of Mobile Device Management (MDM) and Declarative Device Management (DDM) for Apple devices in this comprehensive 48-minute conference talk from JNUC 2025. Discover how MDM works with Apple Push Notification Service (APNs), understand the certificate chain of trust, and explore how DDM transforms device management with JSON declarations, status channels, and autonomous endpoint management. Master the core concepts of APNs including how it establishes trust with devices, the certificate chain involving APNS vendor certificates, push certificates, device tokens, and push magic. Avoid common MDM pitfalls such as the critical difference between renewing versus creating new APNS certificates. Explore Declarative Device Management (DDM) and understand why Apple built this next-generation management framework, including the four declaration types: configurations, assets, activations, and management. Learn how status channels reduce server load through targeted reporting and see live demonstrations of software updates via Jamf blueprints to macOS Tahoe, deployment of tamper-resistant sudoers configurations with DDM, and MDM profile deployment via DDM with device restrictions. Gain practical insights into the MDM enrollment process, sending commands, and real-world use cases including firewall profiles and VPP app deployment. Perfect for Mac administrators learning MDM and DDM fundamentals, IT professionals transitioning from legacy management systems, system engineers implementing Jamf Pro with blueprints, security teams needing to understand certificate chains and trust relationships, and Apple deployment specialists preparing for DDM migration.