User Enrollment
Use user-based enrollment for Bring Your Own Device (BYOD) environments,
where devices are personal, and the enterprise adds its accounts, apps, or data.
Upon user enrollment, a cryptographically isolated managed volume gets created to
keep work data separate from personal data.
Upon unenrollment, the device
destroys the managed volume and its associated cryptographic keys, ensuring no
enterprise data remains on the device.
Restriction: User enrollment requires iOS 13.1+ and Managed Apple IDs.
These devices are not supervised, limiting administrators to only the
deployment of iOS Custom
Applications. Features such as the Send
SMS and Clear Passcode device
actions, the Roaming Restrictions advanced
configuration, and the Wi-Fi proxy configuration are not supported.
Important: To maintain device user
privacy, devices enrolled via user enrollment report a more limited set of
information to SOTI MobiControl than those enrolled using
device enrollment. Omitted information includes, but is not limited to,
phone number, IMEI, and device ID.
You can create user-based enrollment policies based on the following account types.
Federated Accounts | Select this option to use a Microsoft Entra ID connection to federate your Managed Apple IDs. |
Local Accounts | Select this option to add local Managed Apple ID accounts. You can add up to 1,000
accounts. Accounts must conform to a valid email address format,
such as user@domain or
user@domain.topleveldomain .Tip: Select Import to upload a
.csv file containing Managed Apple IDs.
This file should be a list of Managed Apple IDs without a
header. |