Best Path Forward for Expired DEP Token and Migrating Apple ID

Best Path Forward for Expired DEP Token and Migrating Apple ID

Hello!

I have recently come onboard at a company that uses an on-premise ManageEngine MDM Plus server to manage a dozen iPads.  Unfortunately, the poor thing has been neglected before my arrival and I would like some help to make sure I'm moving forward correctly and not cause a disruption in service to the tablets or cause them to become unusable. (This is also my first experience using a MDM as well as Apple products, so any newbie precautions would be greatly appreciated.)

It is currently running build version 92329. Our DEP token has been expired for six months and our APN certificate expires in four weeks. Further, due to credentials and security questions not being documented, we don't have access to our Apple deployment portal to manage the devices.  Given all of these problems along with Apple's migration to Business Manager, we're hoping to get a fresh start.

We've established a new Apple Business Manager account.  After speaking with Apple, they suggested we contact our reseller (Verizon) to move the devices from the old Deployment portal to ABM.  Before we commit to this action, what should we do on the MDM side to make this go as smoothly as possible?

I have physical access to all the devices and I would perform everything during off-hours over a weekend. I'm assuming the process will go something like this:
1) Reseller puts in request to Apple to move devices from old account to the new one.
2) Once this is completed, deprovision the devices and then unassign them. (or should this be done first?)
3) Delete current DEP token and APN certificate
4) (Optional: Use this opportunity to upgrade server to latest build.)
5) Register the server with new ABM account and generate a new enrollment token and APN Certificate
6) Re-enroll devices.

I'm also assuming I may also need to do some resetting/reloading/etc.  My main concern is I'm going to do something out of order and reduce our ability to use these devices which are critical to our operations. (Or worse, brick them and render them unusable!)

Thank you in advance for any help getting us back on the right track.
              New to ADManager Plus?

                New to ADSelfService Plus?