Devices enrolled through the Workspace ONE Intelligent Hub app are MDM managed by default. To allow some iOS devices to enroll without MDM management you must enable the unmanaged mode for a smart group.

The selection criteria available is OS version, ownership type, and user group.

In unmanaged enrollment, users can access applications that require a basic level of security. When users try to access an app that requires management, users are guided through the MDM enrollment process. You use the adaptive management app policies to control device management levels for iOS devices enrolled without management.

Procedure

  1. In the Workspace ONE UEM console, select the organization group to be enabled with unmanaged enrollment and navigate to the Devices > Devices Settings > Devices & Users > General > Enrollment > Management Mode page.
  2. In Current Settings, click Override.
  3. For iOS, select Enabled.
  4. In Smart Groups, add the smart group that is enabled for unmanaged enrollments.
  5. Click Save.

Results

Users with iOS devices from the configured smart group are entitled unmanaged access to apps. Users can use the Workspace ONE Intelligent Hub app to access applications that require a basic level of security without the device being enrolled into Workspace ONE UEM Mobile Device Management.

What to do next

Go to the Workspace ONE Access console to configure adaptive management app policies to control device management levels for iOS devices enrolled without management. See Managing Access Policies in the Workspace ONE Access Managing User Authentication Methods guide on the page VMware Workspace ONE Access documentation page.