Second URL Enrollment Like

New Contributor III

I would like to create a second enrollment and do the enrollment by URL like our first one

Can I create different enrollments ? with different settings ? and use the URL

Can anyone here help me?



New Contributor III

I don't think this is possible

Are you LDAP integrated? You could achieve this level of control by assigning configuration settings to LDAP groups and and when your devices enrol, then based on LDAP group they will receive the config assigned.

New Contributor III

Okay, that's not good, is there any other way I can do this? I want to move to a different department now, but with different privileges...

New Contributor III

Or can I maybe bind the existing to another prestage unrolled? Does anyone have any ideas?

New Contributor III

hello, i have another idea, how does it look like if i change the existing prestage enrollment the settings and roll out the new computers with it? do the existing old rolled out ones stay in place? or do settings change there?

Can I enroll the Prestage enrolment afterwards without any problems?


I don't think this is possible within Jamf, but you could just have an Alias set up so that it will redirect users to the correct URL.

Valued Contributor II

@S.Puschel Can you explain a little more what you are trying to accomplish? Maybe we can help give you some ideas on best practices to accomplish your goal.

In your OP, you mention using the /enroll URL to enroll computers. But, in subsequent post, you mention using a prestage enrollment (which is only applicable to Automated Enrollment, not web based enrollment.) If you are utilizing Automated Enrollment, why wouldn't create two (or more) prestage enrollments, each with their own settings, and assign computers to the correct enrollment?

New Contributor III

We have 2 different departments, I want to integrate the existing MacBooks uncomplicated to Jamf.
So far I have unrolled all Macbooks with the URL, with the created prestage enrollment.

The goal is:
- To migrate the rest of the employees MacBooks to Jamf without reinstalling them, because they should also have different permissions.

New Contributor III

@S.Puschel, I think you are still mixing terms - Prestage Enrollments assigns devices from Apple to use Automated enrollment (usually done new out of box, but not always), URL enrollments prompt the users to approve trust and install an MDM profile.

If you do have the option assign the machines in a separate Prestage (and create a Smart Group based on this Prestage for scoping your separate settings) you can enroll without rebuilding the machines by triggering MDM manually from terminal with:

sudo profiles renew -type enrollment

Otherwise, you could make a separate Site in Jamf with different settings for these machine and generate an Enrollment Invitation assigned to that site to a fake email address, once created view it and it will show an id #. This can be used an an enrollment URL like this:


That'll enroll and assign those machines to a new site with different settings.

Double otherwise, if you want to use just /enroll, create an Enrollment User called "OTHER ENROLLMENT" or something assigned to a site and then users will have to authenticate with that and a shared password.

Hopefully you can do the PreStage method.

New Contributor III

Thank you! Yes, it's my fault! Now I get it.

New Contributor III

I still have a little problem!

I would like to leave the existing devices as they are.
And just add the new ones to Jamf without the policies taking effect. What is the best way to do this?