With user enrollment, private iOS and macOS devices can be enrolled without the owner having to give up all control over the devices. Based on the
Bring Your Own Device approach (BYOD), private devices of students or employees can be integrated and used in the school or company context while maintaining the protection of private data.
- Administrators cannot view privately installed apps.
- Devices remain under control of users.
- Not all actions and policy configurations are possible.
- Managed Apple IDs are required.
Prepare enrollment in Relution
Starting from the Relution organization, a manual enrollment for iOS or macOS devices can be created classically and the enrollment link can be sent to the desired students or employees.
The basic prerequisite for the creation of a user enrollment is the assignment of users. For these, either a ‘Managed Apple ID’ or ‘Email address’ must be stored in the user details. Afterwards the corresponding users can be added and the enrollment can be completed. Users assigned to devices can no longer be changed or removed from enrolled devices via user enrollment.
Afterwards, the received enrollment link will perform the device enrollment on the iOS or macOS device using the users’ Managed Apple IDs and the device will automatically appear in the device inventory of the corresponding Relution organization.
Can users enroll using account-based user enrollment?
Relution supports account-based user enrollment of iOS and macOS devices that are not in ‘supervised mode’.
This requires either a manually created user enrollment for a corresponding user in the respective Relution organization, or enabling
Allow account-based Apple user enrollment for all users in the
Device Management Settings for the respective Relution organization.
Option 2 makes it much easier to register personal devices in Relution. As soon as Relution users register on private devices via the option
Log in to work or school account... in
VPN & Device Management of the general settings, user enrollments are automatically generated in Relution. Using the Managed Apple ID of the respective users, the enrollment URL of the respective MDM solution is automatically identified. After logging in with the users login credentials from Relution, the devices automatically show up in the device inventory of the corresponding Relution organization after successful authentication.