You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/protocol-handler.mdx
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,7 @@ Administrators can automate WARP registration on managed devices and minimize th
12
12
13
13
During the default WARP enrollment process, end users typically need to complete several steps in order to login:
14
14
15
-
1. Review and accept Cloudflare's privacy policy in the WARP client GUI.
15
+
1. Review Terms and Conditions in the WARP client GUI and acknowledge your company's use of Cloudflare WARP.
16
16
2. Select their identity provider from the Cloudflare Access login screen.
17
17
3. Complete the authentication steps required by the identity provider.
18
18
4. Interact with a browser popup requesting permission to launch the WARP client.
@@ -23,6 +23,8 @@ This guide covers how to eliminate steps 1, 2 and 4 from your WARP deployment.
23
23
If you are looking to eliminate all user interaction, you can [enroll devices using service tokens](/cloudflare-one/connections/connect-devices/warp/deployment/device-enrollment/#check-for-service-token). Because users are not required to log in to an identity provider, identity-based policies and logging will not be available on these devices.
24
24
:::
25
25
26
+
On iOS and Android / ChromeOS, end users will still be asked questions required by their platform such as accepting notifications or installing the VPN Profile.
27
+
26
28
## Turn off onboarding screens
27
29
28
30
To skip the Terms and Conditions screens that are usually presented to users, set the [`onboarding` parameter](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/) to `false` in your [MDM deployment file](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/). Here is an example `mdm.xml` file:
@@ -68,12 +70,12 @@ To add the registry key manually:
68
70
69
71
Be sure to replace `<your-team-name>` with your actual <GlossaryTooltipterm="team name">Zero Trust team name</GlossaryTooltip>.
70
72
71
-
Instead of using the Registry Editor, the registry key can also be created using a Group Policy Object (GPO), PowerShell script, or with an MDM tool such as [Intune](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/intune/#update-mdm-parameters).
73
+
Instead of using the Registry Editor, the registry key can also be created using a Group Policy Object (GPO), PowerShell script, or with an MDM such as [Intune](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/intune/#update-mdm-parameters).
72
74
73
75
</TabItem>
74
76
<TabItemlabel="macOS">
75
77
76
-
On macOS, you can configure `AutoLaunchProtocolsFromOrigins` by deploying a property list (plist) file for the browser. The exact instructions will vary depending on your [MDM tool](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/). The general procedure is as follows:
78
+
On macOS, you can configure `AutoLaunchProtocolsFromOrigins` by deploying a property list (plist) file for the browser. The exact instructions will vary depending on your [MDM](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/). The general procedure is as follows:
77
79
78
80
1. Create a new plist file with the following name (case sensitive):
79
81
- Google Chrome: `com.google.Chrome.plist`
@@ -97,7 +99,7 @@ On macOS, you can configure `AutoLaunchProtocolsFromOrigins` by deploying a prop
97
99
98
100
Be sure to replace `<your-team-name>` with your actual <GlossaryTooltipterm="team name">Zero Trust team name</GlossaryTooltip>.
99
101
100
-
3. Some MDM tools require converting the `.plist` to a `.mobileconfig` before pushing it to a device. You can use a [file converter](https://github.com/timsutton/mcxToProfile) or modify the following example `com.google.Chrome.mobileconfig`:
102
+
3. Some MDMs require converting the `.plist` to a `.mobileconfig` before pushing it to a device. You can use a [file converter](https://github.com/timsutton/mcxToProfile) or modify the following example `com.google.Chrome.mobileconfig`:
101
103
102
104
```xml
103
105
<?xml version="1.0" encoding="UTF-8"?>
@@ -165,7 +167,7 @@ On macOS, you can configure `AutoLaunchProtocolsFromOrigins` by deploying a prop
165
167
</dict>
166
168
</plist>
167
169
```
168
-
4. Upload the `.plist` or `.mobileconfig` file to your preferred MDM tool.
170
+
4. Upload the `.plist` or `.mobileconfig` file to your preferred MDM.
169
171
5. Deploy the configuration profile to your devices.
170
172
171
173
For more information on configuring browser policies on macOS, refer to the [Google Chrome](https://support.google.com/chrome/a/answer/9020077?hl=en&ref_topic=7650028&sjid=15337530832025656704-NA) or [Microsoft Edge](https://learn.microsoft.com/en-us/deployedge/configure-microsoft-edge-on-mac) documentation.
0 commit comments