On this website you will find useful information on how to use the free IT management tools on the ITarian and Comodo ONE platform. There is also information on how to use products from our partners, including Comodo's Cybersecurity solutions!
Apple only allow one MDM platform to use the protocol which manages devices. Historically, this caused issues with customers who wanted to use Endpoint Manager to manage device security, but use a different platform for general MAC management.
'Profile-less' enrollment lets you add MAC devices without installing the Endpoint Manager profile. This solves the use-case above by letting you use Endpoint Manager in conjunction with another management platform.
Please note, if you choose profile-less enrollment, you cannot use Endpoint Manager to manage the following items:
Certificates
Restrictions
VPN
Wi-Fi
Process in brief
Login to ITarian
Click 'Applications' > 'Endpoint Manager'
Click 'Users' > 'User List'
Select the users of the Mac endpoints that you want to enroll
Click the 'Enroll Device' button above the table
The 'Enroll Devices' dialog is pre-populated with the users you chose in the previous step
Click 'Email enrollment instructions' to send out device enrollment mails to these users
Click 'Show enrollment instructions' if you want to view the contents of the mail
The end-user should open the enrollment mail on the Mac endpoint itself
Click the link in the mail to open the device enrollment page
Scroll to the 'For MAC OS devices' section
Click the 'Enrollment without MDM profile' link
Follow the profile installation wizard to install
Process in detail
Step 1
Login to ITarian
Click 'Applications' > 'Endpoint Manager'
Click 'Users' > 'User List'
Select the users of the Mac endpoints that you want to enroll
Next:
Click the 'Enroll Device' button above the table
OR
Click the '+' button on the right and choose 'Enroll Device'
The 'Enroll Devices' dialog is pre-populated with the users you picked in the previous step
Click 'Email enrollment instructions' to send device enrollment mails to these users
Click 'Show enrollment instructions' if you want to view the contents of the mail
End-users should:
Open the mail on the Mac endpoint you want to enroll
Click the link in the mail to open the device enrollment page
Scroll to the 'For Mac OS devices' section
Click the link under 'Enrollment without MDM profile':
This will download the communication client setup file and start the setup wizard:
Click 'Continue'
Choose the location to install the client:
Choose the installation type and click 'Install' to start the setup process:
The end-user should enter their username and password to authorize the installation:
Once the installation is complete, the client will connect to the EM server:
That's it. The device is now enrolled and can be remotely managed from Endpoint Manager.
Click 'Devices' > 'Device List' to view the endpoint:
To implement security, the next step is to install Comodo Client Security for Mac (CCS) on the endpoint. See Remotely Install Packages on Mac OS Devices for help to do this.
Endpoint Manager will also apply a configuration profile to the device. A configuration profile lets you specify a device's antivirus policy, scan schedule and other general settings.
The profile may be one of two basic types – custom or default:
Custom profile - A profile created by an admin to implement specific settings on a device
Default Profile - Applied to newly added devices if no custom profile exists. Default profiles are operating system specific and are applied to all new devices that match their operating system (...if no custom profile exists)
If you remove all custom profiles from a device then the default profiles are implemented to take their place. This ensures you always have a working profile in place.
(973) 859 4000 ext 3025
