Looking to limit UIE to a specific group via SSO and/or Cloud Identity Provider (Azure).
Currently we have SSO configured via Okta and CIP setup with Azure. Anyone got ideas on how to do the restrictions? I've tried adding the group under Access, but it still allows all users.
Solved
Restricted User Initiated Enrollments to Specific Group
+24Best answer by DBrowning
You have to remove the all user access
set all to no
Think I found my issue. I had a setting incorrect under SSO.
+10You have to remove the all user access
set all to no
+24You have to remove the all user access
set all to no
Think I found my issue. I had a setting incorrect under SSO.
+7Think I found my issue. I had a setting incorrect under SSO.
Can you please elaborate on what you had to change in the SSO settings? I'm currently looking for a solution to the same issue you had. I see you can specify Enrollment Access under the SSO settings and apply to a certain group there, but it looks like this affects SSO Self Service logins on macOS too and we only want to limit iOS enrollments.
+24Can you please elaborate on what you had to change in the SSO settings? I'm currently looking for a solution to the same issue you had. I see you can specify Enrollment Access under the SSO settings and apply to a certain group there, but it looks like this affects SSO Self Service logins on macOS too and we only want to limit iOS enrollments.
I had incorrectly assigned a group under the enrollment access. I just tried an account that is not in our allowed enrollment group and Self Service on macOS worked fine.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.