Subscribe to Help Center RSS FeedApple requires interactive end user approval of MDM enrollment profiles to unlock all of the capabilities and payloads available with MDM. User approved MDM is required for a number of key MDM management tasks. These include some of the most powerful features of the MDM protocol including configurations for privacy preferences, including screen recording, and kernel extension safelisting.Â
In supported macOS versions, user approved MDM payloads have the same management capabilities of Macs that have enrolled through Automated Device Enrollment (ADE) and are considered supervised. See Apple's About Apple device supervision to learn more.
Prerequisites:
- Your admin must perform the following before you are able to complete the steps outlined in this article:
- An MDM Enrollment Policy must be applied to your Mac. See Create a Mac MDM Enrollment Policy to learn more.
- Your user account must be managed by JumpCloud. See Bind Users to Devices to learn more.
- You must be granted administrator privileges. See Set Admin/Sudo Privileges to learn more.
Approving the MDM Enrollment Profile
For Macs running supported macOS versions, the JumpCloud Menu Bar App will trigger you to enroll in MDM.
To approve your MDM enrollment profile:
- A system notification appears to Complete your MDM enrollment - You are now eligible to enroll in MDM.
- Click the JumpCloud Menu Bar App icon, then click Enroll.
- In the Enroll in Mobile Device Management (MDM) window under Step 3, click Continue.
- System Settings opens. Go to the following location depending on your macOS version:
- macOS 15 Sequoia and later - Go to General > Device Management.
- macOS 14 Sonoma - Go to Privacy & Security > Profiles.
- Double-click the MDM Enrollment profile.
- Click Enroll, then enter the local administrator credentials when prompted.
- (Optional) To verify enrollment, the Device Management section displays the JumpCloud MDM configuration profiles and policy-based profiles.
Learn More