Our organization is beginning to use Sophos MDM to manage several Mac workstations. We have established an Apple Business account and linked our Sophos system to Apple DEP. Most processes are going well, but we're running into issues with deployment of new Mac workstations.
My goal is that when the user powers on their new computer for the first time, they are asked to log into their Active Directory account. A complicating factor is that most of our Mac users work remotely and won't ever be in our offices to directly connect to our LAN.
Have any of you successfully created a no-touch deployment configuration for MacOS to utilize Active Directory instead of a local user account? I have been searching for documentation but haven't found anything about this yet.
Hi Paul Spurling
You can try configuring the LDAP user group which should be able to access the Self Service Portal, For further information on the configuration of the LDAP configuration can be found in this article. We have zero-touch enrollment for Android devices, but not for macOS.
Thank you, Shweta. That is helpful information.
You're welcome. Happy to help, please reach out to us for any further concerns.