Hi, All...I just spoke with support and was told we can no longer assign a user to a DEP device until the device is fully enrolled in SM. You can't click on the device in the "DEP" view to modify its name or owner any longer. Am I the only one who finds this a full step backward?
Why not using MDM authentication and let SM assign the user automatically?
The whole point of DEP is to avoid the need for additional credentials for the user. I'm trying to get away from this model....
Letting users enter an MDM without authentication is considered as a security vulnerability.
If for example an employee looses his phone, everyone could enter the MDM by just wiping and activating the phone again.
And in your case, there would be already a user flagged and depending on your settings the finder could gain access to company data which is provided by user tags etc.
If you bind your Active Directory to SM, your users can use their known credentials. Maybe this could help you rethink your approach
Hmmm I've just checked and yes that appears to be the way it is now, I use to be able to click on the name and edit the devices information but it appears to no longer be clickable text now.
I get this error if I try and search for the serial number of a device thats not fully enrolled in SM
One of the biggest problems with these devices no longer "existing" is that if there is an activation lock you cannot clear it from the device through Meraki.