Home » Self Enrollment
pdf icon
Category Filter
x

Self Enrollment

Mobile Device Manager Plus provides an option for self enrollment, where the end users can enroll the devices themselves. Follow the steps mentioned below to configure Self Enrollment settings. Self Enrollment process is the same for iOS, Android and Windows devices. User should access the following URL from the device which needs to be enrolled

The following steps needs to be performed to enable self enrollment.

  1. On the web console, navigate to Enrollment
  2. Click Settings and configure the Self Enrollment settings
  3. Specify whether you want to enable or disable the self enrollment
  4. Click the checkbox to receive notifications when a device is enrolled using self enrollment.
  5. Specify the e-mail address to which the notification is to be sent.
  6. Click Save

When users try to self enroll the device, they will be prompted to sign up and create an account with Zoho. On successful account creation, they will receive an email, to register their account and join the organization. An email with the OTP and the enrollment invite will be sent to the users.

The devices which are self enrolled are listed under the default groups, such as corporate or personal. Mobile Device Manager Plus has six default groups, they are Default_iOS_Corporate, Default_iOS_Personal, Default_Android_Corporate, Default_Android_Personal, Default_Windows_Corporate and Default_Windows_Personal. Apart from the default groups, you can also set any of the group you have created as a default group. For example if you have created a new group for managing corporate iOS devices named iOS admin, you can set iOS admin as the default group and all corporate iOS devices which are enrolled henceforth are listed under iOS admin.

When a new device is enrolled into a specific group, all the profiles and apps distributed to the group are automatically applied to the newly added device. This ensures all policies and restrictions are applied to the device, as soon as it is enrolled. If any device is manually moved to the group, then the restrictions and apps are not applied. Similarly when a device is removed from a group or moved to a different group, the profiles or the apps are not revoked.

It is recommended to promote Self Enrollment to users by publishing/promoting the self enrollment URL, through the internal forums, blogs, mails to reach more users.

Using Directory Services for Self Enrollment

You can also permit the users to enroll the device by themselves using their Directory credentials. MDM currently supports enrollment using Entra ID(formerly Azure AD)/On Premises AD, which needs to be integrated with MDM as explained here for Entra ID(formerly Azure AD) and here for On-Premises AD. You can chose to restrict self enrollment to certain AD groups as explained below.

Restrict Self Enrollment to specific AD groups

The self enrollment URL is usually shared across the organization and any device can enroll with the URL as it is device/ user independent. Thus, administrators may want to restrict self enrollment to specific AD groups. MDM allows you to restrict self enrollment only to specific AD groups, ensuring only specific device gets enrolled with MDM. Follow the steps specified below to restrict self enrollment:

  1. For the option Allow Self Enrollment for, select All AD Groups, to allow users in all the AD groups to self enroll the devices. You can optionally exclude specific groups as well by specifying the groups to be excluded the option of Self Enrollment.
  2. If you choose Selected AD Groups, only users of specific groups are allowed to self enroll the devices. Specify the groups to be allowed self enrollment.

Change the Default Group for Self Enrollment

Follow the steps mentioned below to change the default group:

  1. On the web console, navigate to Enrollment
  2. Click Settings, and choose Groups for Enrolled Devices under Self Enrollment
  3. Select the device type for which you wanted to change the default group and click Edit Default Group button.

    4. All the groups available based on the operating system are listed, from which you can choose and save the default group.

Self Enrollment process on iOS devices

  1. End user uses the self enrollment URL, to access the Enrollment window
  2. End user are prompted to sign in using the Zoho account. The user must be a part of the org. To know more about Zoho Accounts, you can refer to Zoho Accounts FAQ.
  3. Specify the device type as personal or corporate
  4. Install the Mobile Device Manager Plus profile.

As soon as the device gets enrolled, users receive an App Catalog from where they can install apps distributed through Mobile Device Manager Plus. Administrators can also be notified about a new user enrolling the device. If any specific profiles, or apps are distributed to the group where the device is enrolled, then the newly added device automatically receives all the configurations and apps applied to the group.

Self Enrollment process on Android devices

  1. When the user access the self enrollment URL, user are redirected to the ME MDM app in the Play Store.
  2. Once the download is successful, user has to click on the downloaded ME MDM app to install it
  3. Once the download has been successful, user has to install it.
  4. After the installation completes, user should open the app and select MDM Cloud
  5. User needs to login in to MDM account and specify the device type as personal or corporate
  6. User should accept the terms and conditions by clicking continue
  7. Users need to enable Device Administrator on their mobile device and click Activate

Users can see the device has been enrolled successfully. By clicking the ME MDM app, user can see the distributed apps and associated profiles. Apps distributed by ME MDM are listed in App Catalog. Profiles associated to the devices are listed under Policies and Restrictions. Device details provide the complete information about the device.

Self Enrollment process on Windows devices

Users can follow the steps mentioned below on their Windows device, and have it enrolled with the Mobile Device Manager Plus. Users must access the self enrollment URL and subsequently are instructed to following the steps mentioned below:

  1. When the user access the self enrollment URL, user is prompted to login using the MDM account
  2. User has to copy the server URL and the password
  3. User has to click Company Apps (in Windows 8) / Workplace (in Windows 8.1)/Accounts -> Access work or school (in Windows 10) and specify the e-mail address, copied server URL and password
  4. Click Sign In

Users can see they have successfully enrolled the Windows device. As soon as the device is enrolled successfully, the device is scanned automatically and the device details are updated in the Mobile Device Manager Plus server. Users can see the hardware details and details of the apps installed on the device. All the devices enrolled via self enrollment are listed under Default_Windows_Corporate. Administrator can choose to modify it manually if required.

Jump To

    Related Articles

    < Previous

    Next >