User-Initiated Enrollment Settings

Enrollment is the process of adding computers and mobile devices to Jamf Pro. This establishes a connection between the computers and mobile devices and the Jamf Pro server.

User-initiated enrollment allows users to initiate the enrollment process on their own.

Users can enroll the following:

  • Mac computers

  • Institutionally owned iOS devices

  • Personally owned iOS devices

The User-Initiated Enrollment settings allow you to do the following:

  • Enable user-initiated enrollment for the appropriate platforms.

  • Customize text displayed for each step in the enrollment process, including adding different languages.

  • Restrict re-enrollment so that a user is only allowed to re-enroll a computer or mobile device if one of the following conditions is met:

    • The user is a Jamf Pro user with the “Computers” or “Mobile Devices” privilege.

    • The username of the user re-enrolling the computer or mobile device matches the Username field in the User and Location category in inventory information.

    • The Username field in the User and Location category in inventory information is blank.

  • Skip certificate installation during enrollment.

  • Use a third-party signing certificate to ensure configuration profiles sent to computers and mobile devices are signed by a trusted third-party and the MDM profile appears as verified to users during user-initiated enrollment.

  • Require users to install the CA certificate.

  • Specify a management account (computers only).

  • Ensure that SSH (Remote Login) is enabled (computers only).

  • Ensure that Self Service is launched after enrollment (computers only).

  • Sign the QuickAdd package used for enrollment (computers only).
    Signing the QuickAdd package ensures that it appears as verified to users who install it. It also allows users to install the QuickAdd package on computers that have Apple’s Gatekeeper feature set to only allow applications downloaded from the Mac App Store and identified developers.
    If you choose to sign the QuickAdd package, you need:

Customizing the User-Initiated Enrollment Experience

You can customize the text displayed in each step of the enrollment experience using Markdown. You can also add different languages.

For information about Markdown, see the Using Markdown to Format Text Knowledge Base article.

The following table describes each step that can be customized and the platform each step is displayed on:

Enrollment Step



Institutionally Owned iOS Devices

Personally Owned
iOS Devices

Login Page

Customize how you want the Login page to be displayed to users.

images/download/thumbnails/66027585/checkmark.png images/download/thumbnails/66027585/spacer.png


images/download/thumbnails/66027585/checkmark.png images/download/thumbnails/66027585/spacer.png

Device Ownership

Customize the text that prompts the user to specify the device ownership type if user-initiated enrollment is enabled for both institutionally owned and personally owned devices.

You can also specify the device management description that displays to users to provide custom messaging on the IT management capabilities for each device ownership type.





Enter text for the End User License Agreement (EULA). If the EULA is left blank, it is not displayed to users during enrollment. The EULA is not displayed for users logging in with a Jamf Pro user account.





Customize the message that prompts users to choose a site. If a user logs in with a Jamf Pro user account, they can assign an LDAP user to the computer or mobile device.

If you have more than one site in Jamf Pro and have entered information on the Messaging Pane in Personal Device Profiles in Jamf Pro, this information is displayed to users when they are prompted to choose a site. For more information, see Personal Device Profiles.





Customize the message that prompts users to install the CA certificate for mobile devices to trust at enrollment.




MDM Profile

Customize the message that prompts users to install the MDM profile for institutionally owned devices.




Personal MDM Profile

Customize the message that prompts users to install the MDM profile for personally owned devices.




QuickAdd Package

Customize the message that prompts users to download and install the QuickAdd package.




Complete Page

Customize the messages that are displayed to users if enrollment is successful or if it fails.




Configuring the User-Initiated Enrollment Settings

  1. Log in to Jamf Pro.

  2. In the top-right corner of the page, click Settings images/download/thumbnails/66027585/Icon_Settings_Hover.png .

  3. Click Global Management.

  4. Click User-Initiated Enrollment images/download/thumbnails/66027585/User_Initiated_Enrollment.png .

  5. Click Edit.

  6. Use the General pane to restrict re-enrollment, skip certificate installation, or upload a third-party signing certificate to be used during enrollment.

  7. Use the Messaging pane to customize the text displayed during the enrollment experience and add languages.

    Note: English is the default language if the computer or mobile device does not have a preferred language set on it.

    • To add a language, click Add images/download/thumbnails/17105139/Icon_Add_Button.png , and then choose the language from the Language pop-up menu.
      You can repeat this process as needed for other languages.

    • To customize the text for a language already listed, click Edit or View depending on what's displayed. Then click Done.

  8. Use the Platforms pane to enable user-initiated enrollment and configure the enrollment settings for each platform as needed.

  9. Use the Access pane to choose the site you want to display to LDAP user groups during enrollment. Then, click Done.
    If an LDAP user belongs to more than one LDAP user group in Jamf Pro, the user will have the option to select the sites you assign to each group that user belongs to.

  10. Click Save.

Related Information

For related information, see the following sections in this guide:

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.