User Authenticated Enrollment of Company Owned Mac Devices
  • 14 Aug 2024
  • 3 読む分
  • PDF

User Authenticated Enrollment of Company Owned Mac Devices

  • PDF

The content is currently unavailable in Ja - 日本語. You are viewing the default English version.
記事の要約

To remotely manage your Mac devices, they need to be enrolled in the Scalefusion Dashboard. If you have procured your Mac devices under Apple's Device Enrollment Program (DEP) program, then you can automate the enrollment right when the devices are unboxed for the first time. Please refer to our DEP guide on how to set up DEP and sync DEP devices.

However, if you are using Mac devices that are not under the DEP program, then you would have to manually enroll them in Scalefusion Dashboard. In this document, we will see how to enroll your Mac device with user authentication.

If you are looking for user-based enrollment via user invites, please refer to Create Enrollment Configurations for Employee-Owned Mac.

Before You Begin

  1. Complete the Configure APNs step.
  2. Create a macOS Device Profile.
  3. Create an Enrollment Configuration for Company Owned Mac with User Authenticated Enrollment selected as the Enrollment Method.
  4. Have physical access to a Mac device having macOS version 10.15 and above.

Enrolling a Mac (macOS) Device

Scalefusion supports single-user management. To understand the impacts, please read the section Understanding Device vs User Policies/Profiles above.
  1. Power on the Mac device and Sign in to the user that you want to manage.
  2. Launch Safari. Sign In to Scalefusion Dashboard, and navigate to Enrollment Configurations > QR Code Configurations. Select the QR code configuration (with User Authenticated enrollment chosen). Under the Mac tab, you will find the enrollment URL and enrollment code.
  3. In the Safari browser, type in the Enrollment URL and press Enter Key. A new window, Kiosk Device Enrollment, will open. Enter the Code you have received in the Enrollment Code section and click Enroll

  4. Enter the email ID (entered at the time of adding the user) of the user and click Confirm.
  5. You will receive OTP on the registered email ID. Enter the OTP on the device and click Confirm.
  6. On the Terms of Service, click on Accept.
  7. Next, click on Enroll
  8. This will open the System Preferences pane, and the following dialog will be shown. Click on Install to proceed with enrollment.
  9. If you are enrolling from a non-administrator user, you will be asked to enter administrator credentials to confirm the installation. Please enter the administrator credentials and Click Enroll.
  10. It will take around a minute or so for the enrollment to complete, and you will see the following screen,
  11. It will take around 2-3 minutes for the enrollment to be complete, and the following screen confirms that the enrollment is complete. As mentioned in the Device and User Policies section, you would see 3 Profiles that are installed,
    1. Device Profiles: This section lists all the Profiles/Policies that are applicable at a device level. The policies applied by these profiles are applied to all the users of this machine.
    2. User Profiles: This section lists all the Profiles/Policies that are applicable at a user level. These policies are applicable only to the Mac user account from where the enrollment was done.
  12. Now if you Login into the Scalefusion Dashboard and navigate to the Devices section, you will see the newly enrolled device, confirming the successful enrollment.

Frequently Asked Questions

Question: We get an error while installing the *.mobileconfig file, and the enrollment fails when installing the profile. What might be the reason?

Answer: Make sure that the device is not enrolled in any other test account that you might have created with Scalefusion. Also, make sure that you have completed the APN setup or renewed your APN certificate if it has expired.

Question: Although the enrollment is complete, we see that none of the policies are applied, and the device appears as Unnamed in Scalefusion Dashboard.

Answer: This can happen if you have not completed the APN setup or if your APN certificate has expired. Please complete the APN setup or renew the certificate.

Question: What do we do if clicking on Enroll does not launch the Preferences app?

Answer: Sometimes, the Preferences app may not open, but clicking on Enroll will download a *.mobileconfig file. In that case, please follow the steps below

  1. Open a Finder window and navigate to the location where the *.mobileconfig file is downloaded. Double-click on the file to start the enrollment.
  2. Click on the file to launch the Preferences app. Follow the onscreen instructions to Install the profile.

Now that you have enrolled your device head over to the Device Information & Actions document to see the device information that is collected and the various actions that can be performed.


この記事は役に立ちましたか?