A naukri.com initiative
Medium
4w
106
Image Credit: Medium
Configuring Account Driven User Enrollment for iOS 18
- In iOS 15, users can sign in with a work or school account through the Settings app to initiate enrollment into mobile device management (MDM).
- Setting up Account Driven User Enrollment involves creating a Security Group for personal device enrollment and adding users who are allowed to self-enroll into MDM as members.
- Administrators should have their domain federated so that Managed Apple Accounts are automatically created when new users attempt to enrol their devices, but can manually create and assign account IDs for each user.
- MDM solutions should be configured for device management with the necessary certificates, including Apple Push Notification certs.
- The next step is to build an Enrollment Profile and create the JSON file that directs the device to an MDM server to continue the enrollment process.
- Once the JSON file is created and saved with a specific name, it needs to be placed in a hidden directory at the root of the domain on a web server.
- The domain listed in the user's email address is then contacted to see if there is a specific JSON file that directs the device to an MDM server. If there is no JSON file found, then the user will receive a message that this service isn’t supported.
- Creating the JSON file involves creating a new text file and converting it from rich text format to regular text-only format, then copying and pasting the JSON string template provided by Microsoft. The tenant ID out of the M365 Azure instance is then included.
- Once the JSON file is placed in the specified hidden directory, users can begin using Account Driven User Enrollment to onboard their devices.
- Once devices are enrolled, User Enrollment profile payloads can be used to deploy apps, apply data security restriction policies, and configure a VPN.
Read Full Article
6 Likes
For uninterrupted reading, download the app