![]() After it installs, users sign in to the Company Portal app with their organization Azure AD account. You want to lock the device until the Company Portal app installs.If your company uses the Volume Purchase Program (VPP), you can automatically install Company Portal app during enrollment without user Apple IDs. You want to automatically install the Company Portal app during enrollment.When they're registered, you can use features available with Azure AD, such as conditional access. You want devices registered in Azure AD. ![]() You want to prompt users to reset their expired passwords during enrollment.You want to prompt users to update their expired password when they first sign in.You want to use multi-factor authentication (MFA). ![]() Using the Company Portal app or Setup Assistant with modern authentication is considered modern authentication. Make this decision before you create the enrollment profile. For more information, see Get an Apple MDM push certificate.ĭecide how users will authenticate on their devices: the Company Portal app, Setup Assistant (legacy), or Setup Assistant with modern authentication. This certificate is required to enroll iOS/iPadOS devices. For more specific information, see Get an Apple ADE token.īe sure the Apple MDM push certificate is added to Intune, and is active. Need access to the Apple Business Manager (ABM) portal, or the Apple School Manager (ASM) portal.īe sure the Apple token (.p7m) is active. For more specific information, see Apple Business Manager enrollment or Apple School Manager enrollment. You use the device enrollment manager (DEM) account. Since these devices are organization-owned, we recommend enrolling in Intune. Or, you can use MAM to manage specifics apps on the device. ❌ To be fully managed by Intune, users must unenroll from the current MDM provider, and then enroll in Intune. ❌ Existing devices should be enrolled using Apple Configurator (in this article).ĭevices are managed by another MDM provider. Applications on BYOD or personal devices can be managed using MAM (opens another Microsoft article), or User and Device enrollment (in this article). Need to enroll a few devices, or a large number of devices (bulk enrollment).ĭevices are associated with a single user.ĭevices are user-less, such as kiosk or dedicated device. ✔️ Supervised mode deploys software updates, restricts features, allows and blocks apps, and more.ĭevices are owned by the organization or school.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |