Skip to main content
Skip table of contents

Electric IT Hub | Utilizing Zero Touch Provisioning of Devices

Introduction

Zero Touch Provisioning (ZTP) automates device setup, eliminating manual configuration and reducing errors and saving time.

When employees receive new devices, they simply power on, complete basic setup, and create an account. The MDM then automatically installs, applying security policies and required applications.

This ensures consistent, secure device configuration while minimizing downtime and improving scalability. ZTP frees your team to focus on strategic priorities instead of repetitive setup tasks.

Overview of IT Hub’s ZTP Offering

Today, ZTP will pre-load your new devices with the MDM and the Electric Desktop App.

  • The new device will come with MDM policies and the Electric Desktop App already installed for the employee

    • For more information about the policies, please see this article.

    • For more information about the app, please see this article.

  • The new device will come with any third party software applications you have requested be deployed by the MDM in IT Hub at a prior date.

  • If the new device was purchased in the IT Hub storefront, it will appear first as an asset until the Electric Desktop App is activated.

  • If the new device is not purchased via the IT Hub storefront, there will be no asset created in the platform and the new device record won’t appear until it is assigned to an employee or the employee activates the Electric Desktop App that was pre-provisioned by signing in to it.

Please note: third party software desktop application deployment (i.e., Zoom, Google Chrome, Slack) must be requested on demand from the Electric support team at this time.

  • To enable third party software application deployment, and to view a list of currently supported desktop applications, or to request a new application, please contact product support via an email to product-support@electric.ai.

  • Self-service support for this process will be added to the IT Hub at a later date.

Prerequisite for Apple Devices

Before configuring zero touch provisioning, you must have an active Apple Business Manager (ABM) account.

Apple Business Manager is essential for device management because it allows your organization to purchase, assign, and remotely configure Apple devices at scale. Without it, you cannot automatically enroll devices in Electric’s MDM or deploy corporate policies during the initial setup process.

Please follow these steps to enroll in ABM:

  1. Follow these instructions: How to Enroll in Apple Business Manager (can take 3-5 business days)

  2. You will need a D-U-N-S Number to create an Apple Business Manager account:

    1. Check to see if you already have a D-U-N-S Number

    2. Get a free D-U-N-S Number (3-4 weeks)

    3. Get an expedited D-U-N-S Number for $229 (4-5 days)

  3. Device Management configured in the IT Hub. If you haven’t yet, follow these instructions: Enable MDM (Mobile Device Management (3-5 minutes)

  4. Connected your Apple Business Manager account to the IT Hub in the Settings section. (3-5 minutes)

ZTP is not a retroactive process. Only new devices added to ABM after the below configuration steps are all successfully complete in full will it be leveraged.

Configure Zero Touch Provisioning with Electric IT Hub

Please note: the current process is not yet fully self-service and requires some manual cooperation from your team.

While we're working toward complete automation, certain steps still need manual coordination between you and Electric to ensure proper device configuration and deployment. We appreciate your collaboration during this transition period as we continue to streamline the experience!

If you need any dedicated support for this process, please reach out to the product support team via email to schedule a time to walk through the processes on a screen share call.

Apple Devices

Step 1: Make a .pem File via Email Request

  • Email product-support@electric.ai to initiate the Zero Touch Provisioning configuration process. Make the subject line of the email “CustomerName - Zero Touch Provisioning Request”.

  • Once received, the Electric Product Support team will email back a MDM Push Certificate (.pem)

Step 2: Login to Apple Business Manager to Upload .pem

Within your Apple Business Manager portal:

  • Log in to ABM: Go to business.apple.com and sign in with your Admin account.

  • Go to MDM Servers

    • In the sidebar, click Settings.

    • Under MDM Servers, click Add MDM Server.

  • Name the MDM Server

    • Enter a name for the server (i.e., "Electric/JumpCloud MDM"). Click Next.

  • Upload the Certificate (.pem)

    • You’ll see an option to Upload File. Select your .pem file from your computer and upload it.

  • Save / Complete Setup

    • Once uploaded, click Done (or Save). ABM will now trust your MDM server with that certificate.

  • Download the Token

    • On the server details page, you should see Download Server Token.

    • Click it. It is expected you’ll get a .p7m file to export.

Step 3: Email Your Token to Electric – Reply to the Email in Step 1.

  • Electric will complete the process by linking this .p7m file to the MDM on the Electric backend.

  • Once confirmed, you can proceed with step 4 to complete this process.

Step 4: Within Apple Business Manager, “Assign Device Management”

  1. Go to https://business.apple.com/#/main/preferences/devicepurchases

  2. Navigate to the Device Management Services

  3. Assign the Device Management. It should appear as below:

    image-20250821-213048.png

Windows Devices

Coming soon

FAQs

  1. Is software application provisioning and deprovision available and configured with ZTP?

    1. Application provisioning to the desktop is only offered if the above mentioned on demand process is followed in advance. And, the application is connected for onboarding account creation in the IT Hub applications page.

    2. Application deprovisioning is only offered via account disabling/suspension/deactivation in the process of offboarding in the IT Hub applications page.

    3. For more information, please review this article on our SaaS automation configurations.

  2. Is ZTP available for Windows devices?

    1. ZTP for Windows devices will be available Summer 2025.

  3. IS ZTP available for Apple devices if we do not have Apple Business Manager?

    1. No. Per Apple guidelines, ZTP can only be performed on Apple devices via ABM.

  4. Can ZTP be deployed for iPhone, iPads, Androids, tablets, or other non-laptop devices?

    1. No. Electric’s MDM and ZTP only works within the scope of Windows and MacOS supported laptops at this time.

  5. How do I manage a device that is not registered in ABM, and reset that device so ZTP can work?

    1. After ABM is set up for your business, any existing devices will need to be wiped (or perform a factory reset) so that the device can enroll into ABM.

      1. Once the existing device has been moved into ABM, and assigned to the Electric MDM server, the device will then need to be wiped in order for it to go through the proper ZTP enrollment flow.

      2. If the Apple configurator does not apply at this point, then an admin would need to manually assign the device to the MDM server with the help of Electric product support, and then proceed wipe it after that.

      3. Please reference further help documentation from Apple as needed: https://support.apple.com/guide/apple-business-manager/add-devices-using-apple-configurator-axm200a54d59/web

    2. ZTP should be configured before the steps of receiving a device back to its storage location – whether it be a warehouse, an admin’s home, or otherwise – and before assigning it to a new employee in order to function as designed.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close