Jamf Now offers a straightforward solution for managing Apple devices in your organization. Open Enrollment simplifies device onboarding, especially when users are remote or working independently. This guide walks you through the process of enrolling macOS devices using Open Enrollment in Jamf Now.
Step 1: Setting Up Open Enrollment
Before enrolling macOS devices, you need to configure Open Enrollment in Jamf Now.
Steps to Set Up Open Enrollment:
- Log in to Jamf Now:
- Visit Jamf Now and sign in with your administrator credentials.
- Visit Jamf Now and sign in with your administrator credentials.
- Navigate to Open Enrollment Settings:
- Go to the Devices tab and select Open Enrollment from the menu.
- Go to the Devices tab and select Open Enrollment from the menu.
- Enable Open Enrollment:
- Toggle the switch to enable Open Enrollment.
- Toggle the switch to enable Open Enrollment.
- Set Enrollment Duration:
- Specify how long the enrollment session will remain active. You can set this duration based on your organization’s needs (e.g., 24 hours, 1 week).
- Specify how long the enrollment session will remain active. You can set this duration based on your organization’s needs (e.g., 24 hours, 1 week).
- Create a PIN:
- Generate a secure PIN for users to authenticate during the enrollment process.
- Generate a secure PIN for users to authenticate during the enrollment process.
- Share Enrollment URL and PIN:
- Provide the enrollment URL and PIN to users who need to enroll their macOS devices.
Tip: Limit the enrollment duration and share the PIN securely to prevent unauthorized device enrollments.
Step 2: Enrolling a macOS Device Using Open Enrollment
Once Open Enrollment is set up, users can enroll their macOS devices by following these steps:
Steps for Device Enrollment:
- Access the Enrollment URL:
-
- On the macOS device, open a browser and navigate to the enrollment URL provided by your administrator.
- On the macOS device, open a browser and navigate to the enrollment URL provided by your administrator.
- Enter the Enrollment PIN:
-
- Input the secure PIN shared by the administrator to authenticate the device.
- Input the secure PIN shared by the administrator to authenticate the device.
- Download the Enrollment Profile:
-
- Once authenticated, click on the link to download the enrollment profile.
- Once authenticated, click on the link to download the enrollment profile.
- Install the Profile:
-
- Open System Preferences > Profiles.
- Select the downloaded profile and click Install.
- Authenticate with the device’s admin credentials if prompted.
- Complete Enrollment:
-
- The device will automatically configure itself according to the settings defined in Jamf Now. This includes installing required apps, applying restrictions, and configuring network settings.
Enrolling a Mac Without Using Open Enrollment(Optional)
If Open Enrollment is not suitable for your organization, you can still enroll macOS devices manually using a different process.
Steps for Manual Enrollment:
- Download Enrollment Profile:
-
- In Jamf Now, navigate to the Devices tab and select Add Device.
- Download the enrollment profile.
- Transfer Profile to macOS Device:
-
- Use a secure method to transfer the enrollment profile to the macOS device (e.g., email, cloud storage, or USB drive).
- Use a secure method to transfer the enrollment profile to the macOS device (e.g., email, cloud storage, or USB drive).
- Install the Profile:
-
- On the macOS device, open System Preferences > Profiles.
- Locate and select the transferred profile, then click Install.
- Authenticate with the device’s admin credentials if prompted.
- Complete Enrollment:
-
- The device will configure itself according to the policies and settings defined in Jamf Now. This process includes app installations, restrictions, and network configurations.
Best Practices for Open Enrollment
- Secure PIN Distribution: Use secure communication channels to share the enrollment URL and PIN.
- Limit Enrollment Duration: Set a short enrollment window to reduce security risks.
- Monitor Device Activity: Regularly check the Devices tab in Jamf Now to verify newly enrolled devices.
Wrapping Up
Open Enrollment in Jamf Now provides an easy and efficient way to onboard macOS devices without requiring physical access to them. By following the steps above, you can ensure a smooth and secure enrollment process for your organization. Alternatively, manual enrollment offers a flexible option for unique situations. For more details, refer to Jamf’s official documentation:
X
0 Comments
No Comments