Customizing the User Experience and Enabling Personal Device Enrollment

Enrollment is the process of adding mobile devices to Jamf Pro to establish a connection between the devices and Jamf Pro. User-initiated enrollment allows users to initiate this process by logging in to an enrollment portal and following the onscreen instructions to enroll a device.

Personally owned devices can only be enrolled via user-initiated enrollment.

When configuring personal device enrollment using the User-Initiated Enrollment settings in Jamf Pro, you can do the following:

  • Customize messaging displayed for each step in the enrollment process, including adding different languages.
    Note: You can use Markdown, a text-to-HTML conversion tool, to specify formatting for the text displayed to users during enrollment. For more information, see the Using Markdown to Format Text Knowledge Base article.

  • Enable user-initiated enrollment for personally owned iOS devices.

  • Configure enrollment access for specific LDAP groups.

Note: Enrolling a personal device using user-initiated enrollment requires an enabled personal device profile for the site that the user belongs to, or an enabled personal device profile for the full Jamf Pro. Instructions for creating a personal device profile are included in the “Defining Site-Specific Settings and Apps for Personal Devices” section in this guide.

Configuring the User-Initiated Enrollment Settings

  1. Log in to Jamf Pro.

  2. In the top-right corner of the page, click Settings images/download/thumbnails/17120755/Icon_Settings_Hover.png .

  3. Click Global Management.

  4. Click User-Initiated Enrollment images/download/thumbnails/17120755/User_Initiated_Enrollment.png .

  5. Click Edit.

  6. Use the General pane to restrict re-enrollment and to skip certificate installation.

  7. On the Messaging pane, do the following to customize the text displayed during the enrollment experience and add languages:

    1. Do one of the following:

      • To add a language, click Add images/download/thumbnails/17120755/Icon_Add_Button.png and then choose the language from the Language pop-up menu.
        Note: English is the default language if the mobile device does not have a preferred language set on it.

      • To customize the text for a language already listed, click Edit next to the language.

    2. In the Page Title for Enrollment field, enter a page title to display at the top of all enrollment pages.

    3. On the Login tab, use the fields provided to customize how you want the Login page to be displayed to users.

      images/download/attachments/17120755/UIE_Messaging_Login_EN.png

    4. Click the Device Ownership tab and use the fields provided to customize the text that is displayed to users based on their device ownership type. The text displayed and the enrollment page that the text displays on depends on the enrollment options that you enable:

      • If you enable user-initiated enrollment for both institutionally owned and personally owned iOS devices—Customize the text that prompts users to choose the appropriate device ownership type, and customize the device management description that explains the IT management capabilities for each device ownership type. When users select the personal or institutional device ownership type, the respective device management description is displayed.

      • If you enable user-initiated enrollment for personally owned devices only—Customize the device management description that explains the IT management capabilities for personal device ownership. This description is accessible to users by tapping the Information images/download/thumbnails/17120755/iOS_MDM_info.png icon displayed on the Personal MDM Profile page during enrollment.

      (For instructions on enabling user-initiated enrollment, see step 8 later in this procedure.)

      images/download/attachments/17120755/UIE_Messaging_Device-Ownership_EN.png

    5. Click the EULA tab and use the fields provided to specify an End User License Agreement (EULA) for personally owned devices. If the EULA fields are left blank, a EULA page is not displayed to users during enrollment.
      Note: The EULA page is not displayed for users logging in with a Jamf Pro user account.
      images/download/attachments/17120755/UIE_Messaging_EULA_EN.png

    6. Click the Sites tab and customize the message that prompts users to choose a site.

      images/download/attachments/17120755/UIE_Messaging_Sites.png

    7. Click the Certificate tab and use the fields provided to customize the message that prompts users to install the CA certificate for mobile devices to trust at enrollment.
      images/download/attachments/17120755/UIE_Messaging_Certificate.png

    8. Click the Personal MDM Profile tab and use the fields provided to customize the message that prompts users to install the MDM profile for personally owned devices.
      You can also specify the MDM profile name and description to display during enrollment.

      images/download/attachments/17120755/UIE_Messaging_Personal-MDM-Profile_EN.png

    9. Click the Complete tab and use the fields provided to customize the messages that are displayed to users if enrollment is successful or if it fails.

      images/download/attachments/17120755/UIE_Messaging_Complete_EN.png

    10. Click Done.

  8. On the Platforms pane, click the iOS tab and then select the Enable user-initiated enrollment for personally owned iOS devices checkbox.

  9. On the Access pane, do the following to configure enrollment access for all LDAP users and/or specific LDAP groups:

    1. Do one of the following:

      • To configure enrollment access for a specific LDAP user group, click Add images/download/thumbnails/17120755/Icon_Add_Button.png and then search for the group.

      • To configure enrollment access for a group already listed, click Edit next to the group.

    2. To allow the group to enroll personally owned devices, select the Allow group to enroll personally owned devices checkbox.

    3. (Optional) If there are one or more sites in Jamf Pro, choose the site you want to allow the LDAP user group to select during enrollment.
      If an LDAP user belongs to more than one LDAP user group in Jamf Pro, the user will have the option to choose a site from a pop-up menu of sites assigned to each of those groups.

    4. Click Done.

  10. Click Save.

Copyright     Privacy     Terms of Use     Security
© copyright 2002-2018 Jamf. All rights reserved.