Apple requires interactive end user approval of MDM enrollment profiles to unlock all of the capabilities and payloads available with MDM. User approved MDM is required for a number of key MDM management tasks. These include some of the most powerful features of the MDM protocol including configurations for privacy preferences, including screen recording, and kernel extension safelisting.
User approved MDM payloads are only accepted by devices that have user approved MDM enrollment profiles. Learn more about user-approved MDM payloads.
In macOS 11+ devices that have user approved MDM payloads have the same management capabilities of devices that have enrolled through automated device enrollment and these devices are considered supervised.
The JumpCloud Mac App prompts end users to approve any non-approved MDM enrollment profile that may exist on a JumpCloud managed device.
Devices that are enrolled in JumpCloud MDM receive prompts to approve JumpCloud MDM Enrollment profiles.
Devices that are enrolled in other MDM vendors also receive prompts to approve non JumpCloud MDM Enrollment profiles.
For devices running macOS versions 11.0 and later, the JumpCloud Menu Bar App will trigger end users to enroll in MDM.