Device Enrollment Dilema

(imported topic written by riml)

Hi All,

I have a hard situation to solve here. I have configured successfully the integration with Active directory for enrollment. I am able to use custom questions to collect information during the enrollment and use this information. But the environment where I am working has some details:

All the corporate mobile devices received in the organization goes to the main office where a team configures it for the user and send the mobile to the user ready to run. Also, The User’s Active directory account are numeric digits login like for example 01234567 and attached to that account I have an exchange e-mail address like john.doe@domain.com.

For this configuration, using basic enrollment, I am able to enroll a device for a user just supplying the e-mail address. My problems started when I try to set up the Exchange Active sync to configure the e-mail access in the device using the enrollment information. As the Active directory login is different from the e-mail address, it was failing authentication. I then configured the enrollment to use custom questions. In the custom question I was able to get the user logon and send this information to my Exchange active sync task for automatic configuration. Worked Great. But now I got an Awful problem because the set up team in the main office does not have the password of the final user. So how can we enroll with the user credentials to start the process? I know I can call the user and reset his password for start the process but that is not an idea well accepted around here because of the number of devices. We could send the instructions to the user do that but some users does not have the skills to do it and after distributing the mobiles we are afraid to loose control trusting on the users. So please, any advice would be nice to solve this case.

P.S. The best way for us would be using basic enrollment with custom questions but that is not possible!:frowning:

best regards

riml