In short answer: You are right.
You can not build app to your device if you don't own an iDP. Once you enroll a paid iDP, you can generate certifications and provisioning files step by step with Apple's documentation. If you really want to debug on a device, you can jail break it and install a sync patch, which will skip the signture verify and run your code without iDP. But when you want to submit it to AppStore, of course you need a paid account.