Using Account-driven User Enrollment
Before you begin
Note: Use account-driven user enrollment on iOS/iPadOS 15 or
later. On iOS/iPadOS 18 or later, you must use account-driven enrollment because the
SOTI Enrollment service isn’t supported. On
iOS/iPadOS 14 or earlier, you must use the SOTI Enrollment service.
To configure
Account-driven user enrollment:- SOTI MobiControl must be on version 2025.0.1 or later.
-
You must have managed Apple IDs or enterprise accounts federated in Apple Business Manager (ABM).
About this task
Configuring the Discovery Service
Procedure
-
Create a user-based iOS enrollment policy with Account-driven enrollment
enabled. See Creating an iOS Enrollment Policy.
Important: Ensure that only one account-driven enrollment policy is active. If more than one policy exists, set the required policy as the default in the section.
-
Select Download JSON in the created enrollment
policy to download the .JSON registration file.
//Example JSON registration file content { "Servers": [ { "Version": "mdm-byod", "BaseURL": "https://<your-mobicontrol-server>/appleenrollment/userenroll.mobileconfig" } ] } -
Host the .JSON file at a well-known endpoint in your
enterprise’s service discovery system.
Example: A GET request to
https://acme.com/.well-known/com.apple.remotemanagementshould return the JSON object with your SOTI MobiControl enrollment base URL.
Enrolling Your Apple Device
Procedure
-
On the device, navigate to .
-
Select Sign In to Work or School Account.
-
When prompted, enter your Managed Apple ID or federated user account. The
device uses this account to find the correct enrollment URL from the
com.apple.remotemanagementdomain.
- Enter your organizational username and password to authenticate.
-
After successful authentication, the device automatically receives the
enrollment profile. Follow any on-screen instructions to complete
enrollment.
- If required, authenticate again to complete the device configuration.