Which is the best practice to enroll the users via User Invitation Enrollment ?
From Security Perspective it is not feasible to use share accounts amongst all users during enrollment process, would like to understand various approaches followed in other organisation
The best practice is to not use User Invitation Enrollments at all, and use Automated Device Enrollment instead.
As far as authenticating the enrollment. Setup LDAP in JAMF, and give LDAP user groups the ability to enroll Macs. Then they can just use their LAN credentials to enroll.