First time caller, long time listener.
We are using Casper to manage our Mac Devices. From a data security, and legal liability perspective, we want to only allow systems purchased by the company to be enrolled. We push access Certificates, and do not want them on systems that are not purchased by the company, nor do we want the liability of loss of individual's data on a non corporate system. New systems are DEP, Old systems are being put into DEP by our vendor as we speak. That being said, we have a large population that will be self enrolling systems that are out there (existing systems) that we want to manage, but will not be completely rebuilt.
Is there a way to check a database (ideally DEP) to see if a system is 'authorized' and if it is not in the database, or list, or yellow stickie, that enrollment is denied?
I appreciate any thoughts.
I kinda thought that would be the case, and it would work perfectly if I could use an AD group to send the invitations to instead of listing each user individually... I tried to use a DL, but that was not successful.
thanks for the feedback.