Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Enrolling Devices

            By Jeff Saul

            When it comes to enrolling devices into Kandji, you have many options

            Enrollment Methods

            Kandji supports several different types of Apple devices. There are also several different methods that can be used to enroll those devices. Below are the supported enrollment options for each device type: 

            All Device Types

            • Automated Device Enrollment: ADE is great for brand-new or restored devices that have been assigned to Kandji in Apple Business Manager.
            • Kandji Enrollment Portal: Enrolling via the Kandji Enrollment Portal is a great option for devices that are already set up and/or not available to you in Apple Business Manager. 

            macOS Devices 

            • Automated Enrollment after device setup: Sometimes referred to as “Device Enrollment notification”, this allows you to run a one-line command in Terminal to initiate a notification that allows the user to enroll in Kandji using Automated Device Enrollment.
              • This option can be especially useful if your devices are already enrolled in another MDM solution, as you can use that old MDM to unenroll the devices and to install a LaunchDaemon to run an Automated Device Enrollment notification prompting your users to enroll in Kandji.

            iOS, tvOS, and iPadOS Devices

            For more information about Configurator, review this Apple Support article.

            What if your mobile device is already set up and enrolled in another MDM via Automated Device Enrollment? You have two options:

            • After re-assigning the device to Kandji via Apple Business Manager, erase and re-enroll your mobile devices if you wish to maintain supervision in Kandji.
            • Un-manage the mobile device in your existing MDM and leverage the Kandji web enrollment portal. Note: This will not result in your devices being in a supervised state.

            How to Enroll

            Automated Device Enrollment (All Device Types)

            Enrolling devices via Automated Device Enrollment ensures that Kandji can not be removed from the device unless permitted.

            An Apple Business Manager account is required for Automated Device Enrollment.

            Automated Device Enrollment (new or restored devices)

            1. Assign Mac or iOS Devices to the Kandji MDM server inside of Apple Business Manager.
            2. Navigate to Devices > Automated Device Enrollment to confirm that the desired devices are listed in Kandji.
            3. Turn on the device, connect to the internet, and begin the Setup Assistant. A Remote Management screen during the setup process will confirm enrollment has been successful.
            macOS Ventura
Mac computers registered to an organization must connect to a network during Setup Assistant after being erased or reset. By first enrolling a device into Kandji, admins can make sure that newly provisioned devices will no longer have the ability to skip ADE enrollment.

            Automated Device Enrollment (after device setup) (macOS only)

            If a Mac has already passed through Setup Assistant, it's possible to force another check and re-enroll the computer into Kandji. After assigning the device to the Kandji MDM server in Apple Business Manager, ensure the following steps are performed.

            If you are moving from an existing MDM, you can install a LaunchAgent prior to removal from your current MDM to run this command daily. It will prompt your users to enroll in Kandji. 

            1. Open Terminal and run the following command:
              sudo profiles -N

              or (these commands perform the same function) 

              sudo profiles renew -type enrollment
            2. The Mac will display a banner notification in the right-hand corner prompting to enroll the device into Kandji. Click on the banner notification.


            3. System Preferences will open to confirm the enrollment; select Allow. The Mac will then enroll into Kandji.

            Assigning a device in Apple Business Manager

            1. Log in to Apple Business Manager and select Devices from the left-hand navigation bar.
            2. Search for a device in the search field
            3. Select the device from the list
            4. Click Edit MDM Server

            5. Select Assign to the following MDM and choose the Kandji server you created when enabling MDM with Kandji
            6. Select Continue

            7. Confirm that you want to change the MDM server the device is assigned to

            Ensure all new devices purchased will be assigned to Kandji

            1. Select your name from the left-hand navigation bar

            2. Select Preferences
            3. Select MDM Server Assignment

            4. Under Default MDM Server Assignment, select Edit

            5. Choose the Kandji server you created when enabling MDM with Kandji for each device type


            Note that the default Blueprint can be changed at any time inside the Kandji web app.


            Make devices available for assignment in Apple Business Manager

            • If you do not see your devices available for assignment in your Apple Business Manager account, there can be several reasons, with different solutions for each.
              • You purchased your devices directly from Apple.
                • You may not have added your Apple Customer Number in Apple Business Manager (Settings > Device Management Settings > Customer Numbers).
                • To find your Apple Customer Number, check with your Apple account executive or your purchasing department or reach out to Apple sales support. When using an Apple Customer Number, all devices purchased from Apple since March 1, 2011, will be added to your Apple Business Manager account. 
              • You purchased your devices from an Apple Authorized Reseller or a carrier.
                • You may have not established a link between your Apple Business Manager account and the reseller.
                  • Ask your reseller for its Reseller ID and add this in Apple Business Manager (Settings > Device Management Settings > Customer Numbers).
                  • Provide your reseller with your Apple Business Manager Organization ID, located in Apple Business Manager (Settings > Enrollment Information), along with a list of the serial numbers or orders that you want your reseller to add to your Apple Business Manager account. The "Look-Back" period for devices to be added is at the discretion of your reseller.
                • Your devices may not have been purchased through a Device Enrollment–enabled reseller or were not purchased as a business from Apple.


            This Apple Support article addresses questions about customer numbers and adding devices into Apple Business Manager

            This Apple Support article has a list of Device Enrollment enabled resellers; note that even if your reseller is not listed that it may still be able to add your devices


            Devices are already set up but not available in Apple Business Manager

            1. Navigate to Add Devices in the left-hand navigation bar of the Kandji web app.
            2. If the Enrollment Portal is set to active, you will have a custom Enrollment Portal Link you can provide to your user so they can enroll their devices.
            3. Provide the user the custom Enrollment Portal Link and the Enrollment Code for the Blueprint you wish to enroll their device in.
            Preview
            0 of 0