{"id":49592,"date":"2021-03-18T11:00:00","date_gmt":"2021-03-18T15:00:00","guid":{"rendered":"https:\/\/live-jc-marketing-site.pantheonsite.io\/?p=49592"},"modified":"2022-11-22T12:42:16","modified_gmt":"2022-11-22T17:42:16","slug":"the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","title":{"rendered":"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment"},"content":{"rendered":"\n<p><em>This article was also contributed by Jared Cantwell, Chief Architect at JumpCloud<\/em><\/p>\n\n\n\n<p>IT administrators know that procuring and deploying new devices for remote workforces takes additional time and resources, delaying onboarding of new employees and updating existing staff hardware. <\/p>\n\n\n\n<p>In addition, security vulnerabilities and configuration needs for organizations limit how much self-service set up and installation is allowed and feasible for end users.<\/p>\n\n\n\n<p>By integrating with <a href=\"https:\/\/jumpcloud.com\/blog\/apple-business-essentials\">Apple Business Manager<\/a> (formerly known as Apple DEP) in JumpCloud\u2019s Directory Platform, IT admins gain streamlined <a href=\"https:\/\/jumpcloud.com\/blog\/zero-touch-enrollment-macos\">Zero-Touch Enrollment for Macs<\/a> alongside powerful tools for enabling the configuration of the device, management of the user, and securing a new computer without ever having to touch the hardware themselves.<\/p>\n\n\n\n<p>In this article we\u2019ll dive deeper into the specifics of setting up your zero-touch enrollment processes, and give you a feel for what\u2019s happening behind the scenes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is Zero-Touch Enrollment?<\/h2>\n\n\n\n<p>IT admins can automate MDM enrollment and device deployment by leveraging Apple Business Manager with <a href=\"https:\/\/jumpcloud.com\/platform\/mdm\">JumpCloud MDM<\/a> for Mac computers and workstations. <\/p>\n\n\n\n<p>Using this process, Macs can be set up and configured automatically upon first bootup \u2014 eliminating the need for IT admins to handle each device individually prior to sending it to the employee who will eventually use it.<\/p>\n\n\n\n<p> IT admins are no longer required to image a computer, bind it to the directory, and then allow users to login. When an employee receives a new laptop, all of the provisioning that needs to happen for them occurs at the first system login.&nbsp;<\/p>\n\n\n\n<p>Simply put: <strong>zero-touch is a hands-off, scalable model that streamlines device and user onboarding for organizations.<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Configuring of Zero-Touch with JumpCloud<\/h2>\n\n\n\n<p>Using JumpCloud MDM with Apple Business Manager allows IT admins to selectively enable Zero-Touch Enrollment for an organization. The following steps detail the configuration process:<\/p>\n\n\n\n<ul><li>Link JumpCloud to Apple Business Manager.<ul><li>See <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/Setting-Up-MDM\" target=\"_blank\" rel=\"noreferrer noopener\">Setting Up MDM<\/a><\/li><\/ul><\/li><li>Enable Zero-Touch by selecting \u201cconfigure zero-touch experience\u201d under DEP Configuration from the MDM section of the JumpCloud portal.&nbsp;<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"767\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/11\/zero-touch-enrollment-1024x767.png\" alt=\"JumpCloud portal zero-touch enrollment screen\" class=\"wp-image-72050\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/11\/zero-touch-enrollment-1024x767.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/11\/zero-touch-enrollment-300x225.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/11\/zero-touch-enrollment-768x575.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/11\/zero-touch-enrollment.png 1440w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<ol><li>Select the Default Group Association: This group will automatically place devices that go through Zero-Touch Enrollment into this <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/getting-started-groups#Group%20of%20Systems\" target=\"_blank\" rel=\"noreferrer noopener\">device group<\/a>, enabling automatic application of <a href=\"https:\/\/support.jumpcloud.com\/support\/s\/article\/getting-started-policies-2019-08-21-10-36-47\" target=\"_blank\" rel=\"noreferrer noopener\">security policies<\/a>.<\/li><li>Welcome Screen: Add a custom welcome message and logo to display during the users first login.<\/li><li>Setup Assistant Settings: Select the screens, options, and guided setup information you want to include and exclude during the devices setup process.<\/li><li>User Authentication: Enable end user authentication to automatically bind the users account to the device during the enrollment process.<\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"512\" height=\"332\" src=\"\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-settings.png\" alt=\"zero touch mdm enrollment\" class=\"wp-image-49593\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-settings.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-settings-300x195.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Zero-Touch Enrollment From IT\u2019s Perspective<\/h2>\n\n\n\n<p>After completing a device purchase with Apple Business Manager, IT admins only need to complete the following steps to ensure enrollment success:<\/p>\n\n\n\n<ol><li>Confirm the new device is registered in Apple Business Manager<\/li><li>Check that JumpCloud is assigned as the MDM Server<\/li><li>Verify the device is present in the JumpCloud Admin Portal\u2019s DEP Devices list and synced with Apple<\/li><\/ol>\n\n\n\n<p>Though not required, it is recommended that admins activate \u201cForce Password Change\u201d on user login for increased security. This requires employees to select their own password directly in the device setup process and eliminates concerns about new employees missing that step.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Zero-Touch Enrollment From the End User\u2019s Perspective<\/h2>\n\n\n\n<p>When the user receives the new device, the process of setup and configuration is simple and straightforward. The steps include:<\/p>\n\n\n\n<ol><li>Unpacking the device and connecting it to a power source&nbsp;<\/li><li>Booting up the device and waiting for the initial setup prompt<\/li><\/ol>\n\n\n\n<p>A new user just needs to follow the (likely familiar) steps to configure the device based on the options selected in the <em>Setup Assistant Settings<\/em> of the Zero-Touch configuration above. The only prerequisite for the end user is an internet connection; this must be enabled and connected in order for the device to complete the Zero-Touch Enrollment.<\/p>\n\n\n\n<p>The following steps describe what the user will step through during the process:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Welcome Screen<\/h3>\n\n\n\n<p>Once the device is synced into JumpCloud MDM, the device opens a web browser on first boot during the <a href=\"https:\/\/support.apple.com\/guide\/mdm\/enrollment-types-mdmf85b71179\/web\">Aut<\/a><a href=\"https:\/\/support.apple.com\/guide\/mdm\/enrollment-types-mdmf85b71179\/web\" target=\"_blank\" rel=\"noreferrer noopener\">omated Device Enrollment<\/a>. This web browser will connect to JumpCloud\u2019s servers to fetch a Welcome Screen that is customizable by the administrator.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"639\" src=\"\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-1024x639.png\" alt=\"\" class=\"wp-image-49601\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-1024x639.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-300x187.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-768x479.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-1536x959.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-welcome2-2048x1278.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Authentication<\/h3>\n\n\n\n<p>Once the user clicks \u2018continue,\u2019 the browser redirects to JumpCloud\u2019s authentication page. The Zero-Touch Enrollment flow only supports password authentication, but combined with <em>forced password changes<\/em> the admin can ensure that a temporary password is changed before the device is even fully configured. <\/p>\n\n\n\n<p>All of this leverages the existing JumpCloud user authentication process so the experience will look familiar to end users.<\/p>\n\n\n\n<p>After successful authentication, the browser securely transfers the user\u2019s identity to JumpCloud\u2019s MDM servers to complete the enrollment process. A success screen is displayed letting the user know that authentication was successful and what to expect next.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"808\" src=\"\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred-1024x808.png\" alt=\"jumpcloud login screen\" class=\"wp-image-49595\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred-1024x808.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred-300x237.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred-768x606.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred-1536x1212.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-custom-device-config-no-cred.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Enrollment and Device Setup<\/h3>\n\n\n\n<p>Next, Apple\u2019s MDM enrollment process takes over. JumpCloud returns an Enrollment Profile with the user\u2019s identity securely embedded, so that when the device contacts our MDM servers we can associate this MDM device with the user that authenticated.<\/p>\n\n\n\n<p>During Zero-Touch Enrollment, JumpCloud leverages <a href=\"https:\/\/developer.apple.com\/documentation\/devicemanagement\/profile\" target=\"_blank\" rel=\"noreferrer noopener\">DEP Profile configurations<\/a> that allow us to pause the enrollment and securely configure the device before the enrollment completes:<\/p>\n\n\n\n<ul><li><strong>Create the user account:<\/strong> JumpCloud automatically creates an admin user account for the user that authenticated earlier in the process.<\/li><li><strong>Configure the hostname:<\/strong> To help the administrator identify whose machine is enrolling, we automatically <a href=\"https:\/\/developer.apple.com\/documentation\/devicemanagement\/settingscommand\/command\/settings\/hostname\" target=\"_blank\" rel=\"noreferrer noopener\">set the hostname<\/a> to uniquely identify the devices for each user.<\/li><li><strong>Notifications configuration:<\/strong> Receiving and responding to notifications from the JumpCloud Mac App (a native system tray app) is a critical part of maintaining a secure device. On enrollment, we install a <a href=\"https:\/\/support.apple.com\/guide\/mdm\/notifications-payload-settings-mdm46b6547ba\/web\" target=\"_blank\" rel=\"noreferrer noopener\">profile<\/a> that ensures your end users won\u2019t miss or ignore important password notifications.<\/li><li><strong>Installation of the JumpCloud agent:<\/strong> Finally, we <a href=\"https:\/\/developer.apple.com\/documentation\/devicemanagement\/install_an_enterprise_app\" target=\"_blank\" rel=\"noreferrer noopener\">install the JumpCloud agent<\/a> so that your device is securely configured and maintained for your organization from the very start, all before the user logs in for the first time.<\/li><\/ul>\n\n\n\n<p>Once the agent has been installed, it checks in with the JumpCloud servers and retrieves the list of users and policies that it should apply to the device. After completing this work, the agent <a href=\"https:\/\/developer.apple.com\/documentation\/devicemanagement\/install_an_enterprise_app\" target=\"_blank\" rel=\"noreferrer noopener\">signals<\/a> that the enrollment can continue now that the user is properly configured and the device is being monitored by the JumpCloud agent.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Login<\/h3>\n\n\n\n<p>Next, the user sees a login screen where they can use their JumpCloud credentials to login.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"639\" src=\"\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-1024x639.png\" alt=\"\" class=\"wp-image-49603\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-1024x639.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-300x187.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-768x479.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-1536x959.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/03\/zero-touch-auto-enrollment-login-screen-2048x1278.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>At this point, with no administrator intervention, the device is enrolled and securely configured, the user\u2019s password is secure, the JumpCloud agent is managing the user on that device, and the JumpCloud Mac App is installed for secure password management.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Try Zero-Touch Enrollment for Free&nbsp;<\/h2>\n\n\n\n<p>Zero-Touch Enrollment in the JumpCloud Directory Platform will help you remotely onboard and <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-mac-management\">manage Mac devices<\/a> and give the device user access to authorized resources without you ever physically touching the machine first.<\/p>\n\n\n\n<p> Unlike other solutions, JumpCloud gives you one place to control <a href=\"https:\/\/jumpcloud.com\/blog\/apple-mdm\">Apple MDM<\/a>, identity management, and any Windows or Linux devices in your fleet so you can reduce your vendor footprint. The choice is yours.<\/p>\n\n\n\n<p>If you aren&#8217;t already a current user of the platform, try it out for yourself: Set up a <a href=\"https:\/\/console.jumpcloud.com\/signup\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Free<\/a> account in minutes to evaluate the full platform with up to 10 users and 10 devices. You\u2019ll also have 24&#215;7 premium chat support for your first 10 days in action as a JumpCloud Admin.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>JumpCloud is adding support for Zero-Touch Enrollment for MacOS; this article details how this works and what&#8217;s happening behind the scenes.<\/p>\n","protected":false},"author":129,"featured_media":46886,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[],"collection":[2778],"platform":[],"funnel_stage":[3014],"coauthors":[2549],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How Our Zero Touch Enrollment for Mac Devices Works<\/title>\n<meta name=\"description\" content=\"JumpCloud&#039;s integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment\" \/>\n<meta property=\"og:description\" content=\"JumpCloud&#039;s integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-18T15:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-11-22T17:42:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"780\" \/>\n\t<meta property=\"og:image:height\" content=\"409\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Dale Dawson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dale Dawson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\"},\"author\":{\"name\":\"Dale Dawson\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/14bb9ea3f0965f7a49322fc863f21de6\"},\"headline\":\"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment\",\"datePublished\":\"2021-03-18T15:00:00+00:00\",\"dateModified\":\"2022-11-22T17:42:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\"},\"wordCount\":1227,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg\",\"articleSection\":[\"Best Practices\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\",\"url\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\",\"name\":\"How Our Zero Touch Enrollment for Mac Devices Works\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg\",\"datePublished\":\"2021-03-18T15:00:00+00:00\",\"dateModified\":\"2022-11-22T17:42:16+00:00\",\"description\":\"JumpCloud's integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg\",\"width\":780,\"height\":409,\"caption\":\"mac laptop\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/14bb9ea3f0965f7a49322fc863f21de6\",\"name\":\"Dale Dawson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/46f1a5d634662e300a51a5c5a976b22d\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2f2dc1d6831c041eb7c46aa0e1390beb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2f2dc1d6831c041eb7c46aa0e1390beb?s=96&d=mm&r=g\",\"caption\":\"Dale Dawson\"},\"description\":\"Dale is a leader in product management at JumpCloud focusing on actionable insights through data as well as improving the way JumpCloud provides device management. A former BBQ Cook-off champion on the Texas competition circuit, Dale is often found smoking or grilling new recipes for friends and family.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How Our Zero Touch Enrollment for Mac Devices Works","description":"JumpCloud's integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","og_locale":"en_US","og_type":"article","og_title":"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment","og_description":"JumpCloud's integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.","og_url":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","og_site_name":"JumpCloud","article_published_time":"2021-03-18T15:00:00+00:00","article_modified_time":"2022-11-22T17:42:16+00:00","og_image":[{"width":780,"height":409,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg","type":"image\/jpeg"}],"author":"Dale Dawson","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Dale Dawson","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment"},"author":{"name":"Dale Dawson","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/14bb9ea3f0965f7a49322fc863f21de6"},"headline":"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment","datePublished":"2021-03-18T15:00:00+00:00","dateModified":"2022-11-22T17:42:16+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment"},"wordCount":1227,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg","articleSection":["Best Practices"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","url":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment","name":"How Our Zero Touch Enrollment for Mac Devices Works","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg","datePublished":"2021-03-18T15:00:00+00:00","dateModified":"2022-11-22T17:42:16+00:00","description":"JumpCloud's integration with Apple Business Manager gives our cloud directory the power to enforce Zero Touch MDM for Macs.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/07\/mac-system-login-microsoft-365-password.jpg","width":780,"height":409,"caption":"mac laptop"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/the-directory-driven-magic-behind-jumpclouds-zero-touch-enrollment#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"The Directory-Driven Magic Behind JumpCloud\u2019s Zero-Touch Enrollment"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/14bb9ea3f0965f7a49322fc863f21de6","name":"Dale Dawson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/46f1a5d634662e300a51a5c5a976b22d","url":"https:\/\/secure.gravatar.com\/avatar\/2f2dc1d6831c041eb7c46aa0e1390beb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2f2dc1d6831c041eb7c46aa0e1390beb?s=96&d=mm&r=g","caption":"Dale Dawson"},"description":"Dale is a leader in product management at JumpCloud focusing on actionable insights through data as well as improving the way JumpCloud provides device management. A former BBQ Cook-off champion on the Texas competition circuit, Dale is often found smoking or grilling new recipes for friends and family."}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/49592"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/129"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=49592"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/49592\/revisions"}],"predecessor-version":[{"id":72550,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/49592\/revisions\/72550"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/46886"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=49592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=49592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=49592"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=49592"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=49592"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=49592"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=49592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}