No UserId in the request for macOS mobile device through MDM request
- Boot up mac and establish local admin account
- Connect mac to domain (join as network access server)
- Log in with AD account which creates mobile account on the mac (you are logging in here as the end user not your AD account)
- Enroll the device in MDM as the user
- Push a user scope profile and the mobile account is not able to receive the profile
The issue has happened when we push a user scope profile to the mobile account enrolled devices since the user scope profile needs to use the DEVICE_USER channel, but this channel seems not activated, by checking with the code we found when we doing the mdm authentication, the mobile account will not bring UserId when requesting. (We did the same test but with a normal account, not a mobile account, the request will have UserId, and the user can be validated with DEVICE_USER channel)