Using the Tanium MDM enrollment portal

The Tanium MDM enrollment portal allows users to enroll their mobile devices with Mac Device Enrollment. This process is called user-assisted enrollment. Choose user-assisted enrollment if you do not use an Apple enrollment system or if devices were previously enrolled in another MDM, and you do not want to reset the devices. Each device that enrolls through the Tanium MDM enrollment portal receives a default profile to identify that the device is enrolled with Mac Device Enrollment. For more information, see User-assisted enrollment.

After enrollment, devices enrolled through user-assisted enrollment are managed in Enforce.

  • You can create a macOS device configuration profile in Enforce and designate it as the base policy. The base policy is applied to the device when it enrolls.

  • When a newly enrolled device is automatically added to a mobile device group, if that group is targeted by an enforcement, the device configuration profile that is associated with the enforcement is also applied to the device. For more information about mobile device groups, see Creating mobile device groups.

After a device is enrolled, you can manage it in Enforce with macOS device configuration policies and perform actions on the device such as wipe or lock. For information about managing devices in Enforce, including device configuration profiles and choosing a base policy, see Enforce User Guide: Managing devices with Mac Device Enrollment.

You cannot apply enrollment profiles or initial applications to devices that are enrolled through user-assisted enrollment. For more information, see User-assisted enrollment.

Before you begin

Make sure your security administrator has allowed the Tanium MDM enrollment portal URL: https://enroll.prd.mdm.cloud.tanium.com.

Enroll a mobile device

Use the following information as a guide for your users or as a starting point for your own user-facing Help Desk documentation.

  1. On the device you want to enroll, open the Tanium MDM enrollment portal. Go to https://enroll.prd.mdm.cloud.tanium.com.
  2. Enter your email address and click Authenticate.
  3. Authenticate with your identity provider (IdP).
  4. Click Download profile to download the enrollment profile to your macOS device.
  5. When the download finishes, on your macOS device, go to Apple menu > System Preferences > Profiles. Select the profile and click Install. For more information about installing profiles on a macOS device, see macOS User Guide: Use configuration profiles to standardize settings on Mac computers.

Mac and macOS are trademarks of Apple Inc., and registered in the U.S. and other countries and regions.