Each device in your organization's deployment must be enrolled in your organization's environment before it can communicate with AirWatch and access internal content and features. macOS devices enroll using MDM functionality built into the native OS in conjunction with AirWatch functionality.
There are three ways to initiate enrollment for macOS devices:
- Allow end users to enroll a device using the AirWatch Agent.
- Sideload devices with an MDM profile.
- Utilize Apple's Device Enrollment Program.
End-User Enrollment Using the AirWatch Agent
The agent-based enrollment process secures a connection between macOS devices and your AirWatch environment through the AirWatch Agent app. The AirWatch Agent application facilitates the enrollment, and then allows for real-time management and access to device information. Agent-based enrollment is best suited for deployments where users have an available Apple ID, which they will need to download the AirWatch Agent from the App Store.
For more information, see:
Admin Enrollment Using a Sideloaded Staging Profile
Device Staging on the AirWatch Admin Console allows a single administrator to outfit devices for other users on their behalf, which can be particularly useful for IT administrators provisioning a fleet of devices. Admins can sideload a staging profile for a single user devices and multi-user devices.
Single-user staging allows an admin to stage devices for a single user, such as a company-issued laptop. LDAP binding is required when staging devices for single users.
For more information, see Stage macOS Devices for Single User Enrollment.
Multi-user device staging allows an administrator to provision devices intended to be used by more than one user, such as a customer service kiosk computer. Multi-user staging allows the device to dynamically change its assigned user as the different network users log into that device.
For more information, see Configure Multi-User Staging for macOS Devices.
Bulk Device Enrollment
Depending on your deployment type and device ownership model, you may want to enroll devices in bulk. AirWatch provides bulk enrollment capabilities for macOS devices using the Apple Device Enrollment Program (DEP).
Bulk Enrollment with Apple Device Enrollment Program
Deploying a bulk enrollment through the Apple Device Enrollment Program (DEP) allows you to install a non-removable MDM profile on a device, which prevents end users from being able to remove the profile from their devices. You can also provision devices in Supervised mode to access additional security and configuration settings.
For more information, see Apple Device Enrollment Program.