Requirements

General Requirements

• A push certificate in Jamf Pro

  For more information, see Push Certificates in the Jamf Pro Documentation.

• (LDAP login only) An LDAP server set up in Jamf Pro

  For more information, see Integrating with LDAP Directory Services in the Jamf Pro Documentation.

• The following Jamf Pro and personally owned device versions:

  Note: Personally owned mobile devices must also have free storage space for corporate data.

  Account-Driven User Enrollment	Jamf Pro 10.33.0 or later iOS or iPadOS 15 or later
  Profile-Driven User Enrollment	Jamf Pro 10.17 or later iOS or iPadOS 13.1 or later

Managed Apple ID Requirements

To create Managed Apple IDs for Account-Driven User Enrollment or User Enrollment, you must either use federated authentication between Apple and Microsoft Azure AD or create them manually in Apple School Manager or Apple Business Manager.

For more information, see the following resources from Apple:

Enrollment Requirements

Before you can allow users to enroll personally owned mobile devices via User Enrollment, you must define the Jamf Pro enrollment information in a JSON file and host it on a web server that is accessible to any device you want enrolled with Jamf Pro. To set this up, you need the following:

• The web server must have the same fully qualified domain name (FQDN) as the verified domain that the Managed Apple IDs belong to, and web services must be enabled.

• The JSON file must be hosted on a server which supports HTTPS GET requests.

• The SSL certificate for the web server must be issued by a trusted certificate authority. For a list of trusted root certificates on iOS devices, see Available trusted root certificates for Apple operating systems from Apple's support website.

For more information about defining the Jamf Pro enrollment information in a JSON file and hosting it on a web server, see Account-Driven User Enrollment for Personally Owned Mobile Devices in the Jamf Pro Documentation.