Enrolling Personal/Employee owned Mac device for users enforced to sign in via PingOne
  • 29 Sep 2023
  • 2 読む分
  • PDF

Enrolling Personal/Employee owned Mac device for users enforced to sign in via PingOne

  • PDF

The content is currently unavailable in Ja - 日本語. You are viewing the default English version.

This guide helps you to enroll your personal device to Scalefusion for SAML SSO users enforced to sign in with PingOne.

Before You Begin

  1. Make sure you have access to the corporate email.
  2. Make sure that your IT Admin has invited you to enroll in Scalefusion.
  3. Users should have accounts registered with the respective Identity Service Provider (PingOne)
  4. SAML settings for PingOne should be configured on Scalefusion Dashboard
  5. The setting Enforce Users to sign in using SAML SSO is enabled in User Management Settings on Scalefusion Dashboard

Steps to Enroll Your Personal Device

The users who have configured and signed in with PingOne, and have enabled the setting Enforce users to sign in using SAML SSOin User Management, will be asked to authenticate by signing in with their PingOne credentials. In this case following will be the process of enrollment:

If this setting is disabled, the device is enrolled with the normal procedure as described here
When the setting to sign in using SAML SSO is enforced, the OTP flow is replaced by authentication using PingOne credentials, at the time of sending invite.
  1. To start the enrollment process, Click Enroll your Device if you are accessing the email on the Mac device that you are trying to enroll.
  2. This will open your default browser and load up a page with the email address to begin enrollment. Verify your email address and click Authenticate.
    We recommend using Safari or Chrome to enroll your devices.
  3. Next, the user would be taken to the Microsoft login page, where they have to pick the same login details to sign in and further handling till authorization succeeds.
  4. Read the Terms of Service set by your organization and click ACCEPT
  5. On the enrollment screen, click ENROLL.
  6. Depending upon which browser you used to start the enrollment, either of the following will happen,
    1. Google Chrome: A *.mobileconfig will be downloaded. Once it is downloaded, click on the downloaded file to go to the next step.
    2. Apple Safari: If you have enabled Auto-Open, then the file will be downloaded, and you will be automatically directed to the next step. If you are not directed to the next step, please double-click on the downloaded file.
  7. This will open the System Preferences pane, and the following dialog will be shown. Click on Install to proceed with enrollment.
  8. You will be shown the details of the enrollment profile and asked to confirm the installation. Click Install
  9. If you are enrolling from a non-administrator user, you will be asked to enter administrator credentials to confirm the installation. Please enter the administrator credentials and Click OK.
  10. It will take around 1-2 minutes for the enrollment to be complete, and the following screen confirms that the enrollment is complete. Depending upon the type of policies applied, you would see around 3 Profiles that are installed,
    1. Device Profiles: This section lists all the Profiles/Policies that are applicable at a device level. The items marked 1 & 2 are device-level profiles, and the policies applied by these profiles are applied to all the users of this machine.
    2. User Profiles: This section lists all the Profiles/Policies that are applicable at a user level. Identified by point 3 in the image below, these policies are applicable only to the Mac user account from where the enrollment was done.

If you have any questions or are having issues enrolling your device, please leave us a message at support@scalefusion.com with your Device details, and we will get in touch with you.