Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enroll personally owned BYOD iOS/iPadOS hosts using account-based user enrollment #19329

Open
ddribeiro opened this issue May 29, 2024 · 11 comments
Open

Enroll personally owned BYOD iOS/iPadOS hosts using account-based user enrollment #19329

ddribeiro opened this issue May 29, 2024 · 11 comments
Labels
~csa Issue was created by or deemed important by the Customer Solutions Architect. ~customer request A prioritized, customer feature request. Has ≥ 1 customer codename label(s) customer-eponym customer-flavia customer-numa customer-pingali customer-preston customer-reedtimmer customer-starchik prospect-quantz ~sc Request is a requirement in a presales opportunity

Comments

@ddribeiro
Copy link
Member

ddribeiro commented May 29, 2024
edited by noahtalerman
Loading

User stories
@ddribeiro ddribeiro added :product Product Design department (shows up on 🦢 Drafting board) customer-starchik customer-reedtimmer ~feature fest Will be reviewed at next Feature Fest customer-preston ~csa Issue was created by or deemed important by the Customer Solutions Architect. labels May 29, 2024
@nonpunctual
Copy link
Contributor

related to #18119

@nonpunctual nonpunctual mentioned this issue May 29, 2024
Closed
10 tasks
@noahtalerman
Copy link
Member

noahtalerman commented May 30, 2024
edited
Loading

Thanks for tracking this @ddribeiro.

enroll their personally owned devices (iOS/iPadOS) into Fleet using a Managed Apple ID

Do you know if customers attached to this issue provide Managed Apple IDs to their end users today?

I think customer-starchik is planning on rolling out Managed Apple IDs but hasn't started yet.

@noahtalerman noahtalerman removed the :product Product Design department (shows up on 🦢 Drafting board) label May 30, 2024
@nonpunctual nonpunctual changed the title Enroll personally owned Apple devices using account based user enrollment Enroll personally owned BYOD Apple devices using account based user enrollment May 30, 2024
@nonpunctual nonpunctual changed the title Enroll personally owned BYOD Apple devices using account based user enrollment Enroll personally owned BYOD Apple devices using account-based user enrollment May 30, 2024
@nonpunctual
Copy link
Contributor

I think that's correct @noahtalerman these features can be aligned with the ability of customers to federate Apple IDs & reclaim domain-owned email addresses.

@dherder dherder added ~sc Request is a requirement in a presales opportunity customer-numa labels May 30, 2024
@noahtalerman noahtalerman assigned ddribeiro and unassigned ddribeiro May 30, 2024
@noahtalerman noahtalerman removed the ~feature fest Will be reviewed at next Feature Fest label Jun 4, 2024
@noahtalerman noahtalerman added the ~duplicate This issue or pull request already exists label Jun 25, 2024
@noahtalerman
Copy link
Member

Hey @dherder, @ddribeiro, and @nonpunctual heads up, I'm closing this issue as a duplicate of #19448.

@fleet-release
Copy link
Contributor

Apple ID enrolls,
Data in harmony, peace.
Fleet, the bridge, connects.

@nonpunctual nonpunctual mentioned this issue Jun 25, 2024
Closed
9 tasks
@nonpunctual nonpunctual mentioned this issue Aug 19, 2024
Open
@ddribeiro
Copy link
Member Author

Reopening because this request did not end up getting covered in #19448. That ticket is still using profile driven device enrollment.

This ticket to support account driven user enrollment, which uses Managed Apple Accounts.

@ddribeiro ddribeiro reopened this Oct 11, 2024
@ddribeiro ddribeiro added the ~feature fest Will be reviewed at next Feature Fest label Oct 11, 2024
@MalteKiefer
Copy link

I would be very grateful if you could implement this feature promptly because we would like to switch from Intune and Jamf to you.
However, there are over 350 Managed Apple IDs in our company, where the management has decided that they can now all use BYOD.
Accordingly, this is currently a showstopper to switch to you.
Let me know if you need anything as support or testing for the implementation

@noahtalerman
Copy link
Member

Support for account driven user enrollment would enable an organization to allow their employees to enroll their personally owned devices (iOS/iPadOS) into Fleet using a Managed Apple ID. User Enrollment provides several benefits to the employee and organization when enrolling personally owned devices:

  1. Organization data is cryptographically separated from personal data.
  2. Enrollment of personal devices is streamlined as there is a standardized flow built into iOS in Settings > General
  3. Some typical MDM capabilities for organization owned devices is not available (i.e. Erase Device), offering an employee peace of mind that their personal information cannot be erased when they enroll.
  4. Organization can see limited device details (i.e. Can only see a list of managed apps, not a full list).

Links:
Apple Platform Deployment: User Enrollment and MDM
Apple Platform Deployment: User Enrollment MDM Information

@noahtalerman
Copy link
Member

Hey @spokanemac, can you please take this guide update? Thanks :)

@spokanemac spokanemac mentioned this issue Oct 15, 2024
Merged
spokanemac added a commit that referenced this issue Oct 16, 2024
@spokanemac @noahtalerman
Article: Add enrollment method section (#22949)
a00bd0c 
Adds a section to clarify profile-driven vs. account driven BYOD
enrollment.
#19329 (comment)

---------

Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
@noahtalerman
Copy link
Member

@ambrusps @Patagonia121 we peeled a research story off of this request and brought it into the design sprint: #23233

This means that we think we won't ship a feature for it in 6 weeks. Instead, it might take an extra sprint (9 weeks).

@noahtalerman noahtalerman removed the ~feature fest Will be reviewed at next Feature Fest label Oct 25, 2024
@noahtalerman noahtalerman mentioned this issue Oct 25, 2024
Open
15 tasks
@noahtalerman noahtalerman added Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. and removed Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. labels Oct 25, 2024
@nonpunctual
Copy link
Contributor

nonpunctual commented Nov 5, 2024
edited
Loading

latest from Apple on account-driven enrollment:
Screenshot 2024-11-05 at 2 42 34 PM

@noahtalerman noahtalerman added the ~customer request A prioritized, customer feature request. Has ≥ 1 customer codename label(s) label Nov 12, 2024
@mostlikelee mostlikelee mentioned this issue Nov 13, 2024
Open
17 tasks
@noahtalerman noahtalerman changed the title Enroll personally owned BYOD Apple devices using account-based user enrollment Enroll personally owned BYOD iOS/iPadOS hosts using account-based user enrollment Nov 14, 2024
@noahtalerman noahtalerman added ~feature fest Will be reviewed at next Feature Fest and removed ~feature fest Will be reviewed at next Feature Fest labels Nov 14, 2024
@ddribeiro ddribeiro removed the ~duplicate This issue or pull request already exists label Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
~csa Issue was created by or deemed important by the Customer Solutions Architect. ~customer request A prioritized, customer feature request. Has ≥ 1 customer codename label(s) customer-eponym customer-flavia customer-numa customer-pingali customer-preston customer-reedtimmer customer-starchik prospect-quantz ~sc Request is a requirement in a presales opportunity
Milestone
No milestone
Development

No branches or pull requests
10 participants
@ddribeiro @dherder @ksatter @allenhouchins @noahtalerman @MalteKiefer @fleet-release @zayhanlon @ambrusps @nonpunctual