With SafeConsole 5.2 Device Registration can be restricted by requiring all users to enter a unique token along with the standard connection token. (Requires device client version 4.8.25+) To simplify registration "Disable machine ownership confirmation during registration", can be enabled to provide a smoother registration experience while still remaining secure.
The unique token will be sent to the user through email when using the deployment wizard. An excerpt from the quick connect guide which is emailed to the user is below:
Optionally the unique token can be shown by an admin by clicking the wrench next to the User’s name.
When devices are activated with the unique token the user’s policy will be used for device registration instead of the default policy. The user’s policy will need GeoFence and Trusted Network configured to allow access. If the user is outside the GeoFence or Trusted Network registration will be blocked.
Benefits of using Unique Token for registration.
- You want to manage your users from SafeConsole before registration.
- Users will be activating devices outside your Windows Domain.
- Restricting which users are allowed to connect to the server.
Connecting to SafeConsole with Unique Token enabled will give the user the following experience:
They will first need to enter the connection token for the server.
Then they will Confirm that they are connecting to the correct server.
Then they will need to enter their unique token.
Finally they will continue the activation process like normal by simply setting a valid password.