Enrolling Windows Modern Desktop Devices
Use the Windows Modern platform to enroll and manage Windows desktop devices in SOTI MobiControl. Enrollment policies define the enrollment method, control access, set device limits, and specify terms and conditions for users. Each enrollment policy targets a single platform and provides a structured process for on-boarding and managing Windows 10 or later devices.
Attention: SOTI MobiControl version 2024.1
introduces Enrollment Policy PINs for all Windows Modern enrollment policies. Upon
upgrading, SOTI MobiControl assigns a new PIN to each existing policy. The
system determines device compatibility with PIN-based enrollment at the time of
enrollment. If a device does not prompt for a PIN, it indicates incompatibility with the
Directory/Federated enrollment flow. This scenario is rare and does not affect the
enrollment process.
Supported Enrollment Types
Directory/Federated | Leverages an on-premises LDAP directory (such as Active Directory, Domino, or Open Directory) or a federated identity provider (IdP) to assign devices to groups. |
Provisioning package | Devices enroll using a provisioning package that contains enrollment and configuration data. |
Azure AD Join (On-premises) | Uses an on-premises Azure Active Directory for authentication and group assignment. |
Azure AD Join (Cloud) | Connects to a cloud-hosted Azure Active Directory (Microsoft Entra ID) for cloud-based group assignments. |
Tip: Automate bulk enrollment using Microsoft's
Autopilot program. For details, see Using Windows Autopilot Bulk Enrollment.