1 Reply
      Latest reply on Aug 16, 2019 12:04 AM by mipas
      jeffwi Level 1 Level 1 (0 points)

        I am interested in learning more about and experimenting with the new "User Enrollment" management mode for BYOD devices.

         

        I have watched the video about "What's new in Device Management" (here) which provided a lot of good information, but I'm not sure if I have enough information to actually test this new enrollment mode out.

         

        Based on looking through the online documentation and the content in the video, I learned these key things:

         

        1) The video said that a UE profile is determined by the presence of a ManagedAppeID parameter. However, while that value is present in the documentation there is no detailed information (the description is blank), which seems odd. (As a side comment, I was expecting a different payload type to indicate this new mode, instead of indirectly inferring the mode from a new parameter, which seems a little hacky)

         

        2) Many properties/features in the MDM documentation have the flag "Allowed in User Enrollment", which is helpful (but not sufficient) to using UE mode.

         

        I can try to experimentally take a regular MDM profile and add "ManagedAppleID" and see if UE works, but ideally I would like some more specifics in the documentation. For example, a section on User Enrollment that describes the flow and protocol differences between regular MDM. The video says there are protocol differences, but doesn't go over all of them.

         

        The WWDC 2019 MDm session has a link to the "iOS Deployment Refrence", but at present that goes do a document with iOS 12. I think what really need is an updated version of this document to include User Enrollment details.

         

        Also, I'd like to know from Apple (and anyone else who has gotten this to work) if User Enrollment is even supposed to work with the first set of current betas released. I know it is going to be a new feature, but it isn't clear if this is actually live at this point.

        • Re: Details on User Enrollment
          mipas Level 1 Level 1 (0 points)

          The documentation is still also in beta.

          We have worked out that you can use user enrollment with the beta 1 - 5.

          In beta 6 it did not work anymore for us.

          For beta 1 - 5 you just needed to remove the access rights flag in the mdm payload like they did said in the apple keynote and add the ManagedAppleID key that value contains an AppleID e.g. that was created through the business manager or an already existed AppleID.

          After that the device was starting the user enrollment workflow like shown in the apple keynote.