User Enrollment
Use user based enrollment in BYOD environments, where devices are
personal devices and the enterprise adds accounts, apps, and data. A
cryptographically isolated managed volume is created on devices enrolled with user
enrollment to keep work data separate from personal data. Upon device unenrollment,
this managed volume and associated cryptographic keys are destroyed, ensuring that
no trace of enterprise data remains on the device.
Restriction: User enrollment requires iOS 13.1+ and Managed Apple IDs.
These devices cannot be supervised and administrators are limited to the
deployment of iOS Custom
Applications.
To maintain device user privacy, devices
enrolled via user enrollment report a more limited set of information to
SOTI MobiControl compared to those devices enrolled using
device enrollment. Omitted information includes but is not limited to, phone
number, IMEI and device ID.
Note: Features
such as the Send SMS and Clear
Passcode device actions, the Roaming
Restrictions advanced configuration, and WiFi proxy
configuration are not supported.
Create user based enrollement policies with either of the following account types. See Creating an iOS Device Policy for more details.
| Federated Accounts | Select this option to use a Microsoft Entra ID connection to federate your Managed Apple IDs. |
| Local Accounts | Select this option to add local Managed Apple ID accounts. You can add up to 1,000
accounts. Accounts must conform to a valid email address format,
such as user@domain or
user@domain.topleveldomain
Tip: Select Import to upload a
.csv file containing Managed Apple IDs.
The file should be a list of Managed Apple IDs without a
header. |