How to enroll Mac devices?

Before enrolling a Mac device, please make sure that you have configured the APNs certificate in your server.
Device Management allows you to stay on top of your devices. With Hexnode you can restrict, secure and manage your macOS devices. To establish a connection between the device and the MDM first you would have to enroll your devices.

Hexnode UEM provides a wide range of methods to enroll your macOS devices. You can use these methods based on various criteria like number of devices, security, etc.

1. Open Enrollment
2. Authenticated Enrollment
   • Email or SMS Enrollment
   • Self Enrollment
3. DEP enrollment
4. DEP enrollment via Apple Configurator.
5. Google Workspace Enrollment for Mac.

Enrollment without authentication

Users will be able to enroll their device without any enrollment credentials.

In Hexnode UEM Portal:

1. Navigate to Enroll → Platform Specific → macOS → Email or SMS
2. Click on Switch to Open Enrollment.
3. Choose the user Domain. Only the user belonging to this domain can be chosen as the default user.
4. Select a Default User.
5. Change the Ownership based on the enrolling device to either Personal or Corporate.
6. Click Next.

In the device:

1. Open Safari browser.
2. Enter the enrollment URL.
3. Click Enroll. The MDM profile gets downloaded.
4. To install the MDM profiles click Continue and click Install.
5. Enter the Mac administrator’s username and password.

Authenticated Enrollment

Email or SMS enrollment

User can enroll their devices with the enrollment credentials sent via enrollment mail. The mail contains username and password for enrollment.

In Hexnode Portal:

1. Navigate to Enroll → Platform Specific → macOS → Email or SMS.
2. Click on Switch to Authenticated Enrollment → Authenticated Enrollment.
3. Select the types of users to be enrolled either via Enrollment Request.
4. Change the Ownership to Personal, Corporate, let the user choose or Choose it later.
5. Click Next.
6. A message “Enrollment settings successfully updated” will be displayed.
7. Check the box corresponding to Email or SMS based on how you want to send the enrollment request.
8. Change the Domain and select the User.
9. Click on Send.

In the device:

1. Open Safari browser.
2. Enter the enrollment URL.
3. Click Enroll.
4. Enter the username and password received in the enrollment request mail.
5. Click Authenticate The MDM profile gets downloaded.
6. To install the MDM profiles click Continue and click Install.
7. Enter the Mac administrator’s username and password.

 
The profiles will install and the device will get enrolled in Hexnode UEM

Self enrollment

Self-enrollment allows the users to enroll devices with their Active Directory/ Microsoft Entra ID/ Google/ Okta user credentials. For other users, the admin can create a default user and a dedicated password manually or assign a common password. Hexnode also provides the privilege to set individual passwords for the users and sends it to them as a bulk mail. The admin will have to provide only the enrollment URL to the users.

In the Hexnode Portal:

1. Go to Enroll → Platform Specific → macOS → Email or SMS.
2. Click on Switch to Authenticated Enrollment → Authenticated Enrollment.
3. Select the types of users to be enrolled either via Self Enrollment.
4. Change the Ownership to Personal, Corporate, let the user choose or Choose it later.
5. Click Next.
6. A message “Enrollment settings successfully updated” will be displayed.

In the device:

1. Open Safari browser.
2. Enter the enrollment URL.
3. Click Enroll.
4. Select the domain.
5. Enter the username and password.
6. Click Authenticate.
7. To install the MDM profiles click Continue and click Install.
8. Enter the Mac administrator’s username and password.