Hmm... I'm not sure how you mean "allocate." If you have an LDAP-compatible directory such as AD or OD, you can add it to your JSS and require the user to log in with their directory account during the device set-up in your pre-stage enrollment. When they log in for the first time, their information will be associated with the iPad in the JSS and their user account will also be created in the JSS.
For the pre-stage enrollments, I'd suggest creating them based on your configuration profiles. In our building, I assign them by grade level for students so each grade has their own pre-stage enrollment with only their iPads (eg: student-2022 for our current 7th Grade). From there, I create a Smart Group who's criteria is "Enrollment method: PreStage enrollment is student-2022", then scope our configuration profile to that Smart Group. So the workflow looks like this:
- Student turns on device, joins W-Fi
- Device pulls the "student-2022" PreStage enrollment the device is assigned to
- PreStage enrollment prompts for AD credentials
- Student logs in, JSS assigns info from AD account to the iPad and creates JSS user if it doesn't already exist
- Device automatically populates in the "Student - 2022" Smart Group
- Configuration Profile "Student 2022" is automatically pushed to the iPad as it is scoped to the "Student - 2022" Smart Group.
The PreStage Enrollments allow you to customize the out-of-box experience for your users, but they also serve as "tags" for the devices themselves. They can be as broad as "student" and "staff" or as granular as "hs-science-cart-01", but they should generally match how you want to assign configuration profiles on the device level.
