The device user's selection determines which enrollment process is carried out. For more information about this enrollment method, see Device Enrollment and MDM on the Apple Support website. (Company) owns this device: The device enrolls via Apple Device Enrollment.I own this device: As a follow-up, the user must select whether they want to secure the entire device or only secure work-related apps and data.On the Settings page, select User enrollment with Company Portal.Īlternatively, you can select Determine based on user choice, which lets assigned users select the enrollment type during enrollment. For more information, see Azure Active Directory dynamic groups. Use the profile name to define the enrollmentProfileName parameter. You can use the name field to create a dynamic group in Azure Active Directory, and assign devices to the enrollment profile automatically. For more information about how this affects your policies and what actions to take, see Evaluate and update Conditional Access policies after new iPadOS release. For more information, see Intro to federated authentication with Apple Business Manager in the Apple Business Manager User Guide.Īpple released iPadOS in September 2019, which introduced a change that can affect Microsoft Azure Active Directory (Azure AD) and Intune customers who use Conditional Access policies in their organization. Instead, a device user can sign in to their apps with the same credentials they use for their work account. If you enable federated authentication, which consists of linking Apple Business Manager with Azure AD, you don't have to create and provide unique Apple IDs to each user. Create Managed Apple IDs for device users (Opens Apple Support website)Īdditionally, review the following information:Īpple User Enrollment requires you to create and provide managed Apple IDs to enrolling users.Set mobile device management (MDM) authority.Before beginning setup, complete the following tasks: User enrollment with Company Portal is supported on devices running iOS version 13 or later, and iPadOS version 13.1 or later. This article describes how to set up an enrollment profile in the Microsoft Intune admin center for Apple User Enrollment with Company Portal. From there, they're redirected to Safari and the device settings app, where they download and install the enrollment profile. The device user authenticates and initiates enrollment by signing into the Intune Company Portal app. When the device owner attempts to sign into an app with their work or school account, Intune prompts them to enroll their device and provides instructions for next steps. This Apple User Enrollment method gives you access to a limited but appropriate set of device management settings and actions, so you can protect work data without affecting the device user's personal data or apps. Set up user enrollment with Company Portal for iOS/iPadOS personal devices enrolling in Microsoft Intune.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |