Enrolling through enrollment URL - Windows

Read this section to understand how the users can enroll Windows 10 and Windows 11 devices to MDM when the admin shares the enrollment URL.

Before you begin

  • You must know the MDM Server enrollment URL, which the BigFix administrator shares through email or chat. The MDM Server enrollment URL must be the fully qualified domain name of the MDM server (For example, https://enroll-mdm.bigfix.com).
  • To log in to the enrollment URL, you need an email ID and password associated with a valid Active Directory (AD) credentials (If LDAP Authentication is enabled on the MDM server).
  • To enroll a device successfully, the user doing the enrollment on the Windows device must be an administrator of the Windows device.

About this task

To enroll a Windows device in MDM, complete the following steps:


  1. On a Windows device which needs to be enrolled, launch a web browser and go to the MDM server URL.
    • If a ppkg package is present on the MDM server and bulk enroll had been configured as TRUE, the following screen appears.If LDAP Authentication is on, enter an email address and Password that is associated with a valid AD set of credentials and click Enroll. If LDAP authentication is off, simply click enroll. A ppkg file gets downloaded and the enrollment process begins.
    • If the bulk enroll option had been configured as FALSE, the following screen appears.
      Enter an email address that is associated with a valid AD set of credentials and click Enroll. The enrollment process begins.
  2. A pop-up window appears requesting you to open the Microsoft account, click Open Microsoft account.
  3. On the next screen, enter an email address that is associated with a valid AD set of credentials. The MDM enrollment server URL should already be preconfigured and need not be altered.
  4. Click Next.
  5. On the next screen, enter the following information:
    • User name or email ID – This field is optional and can be empty.
    • Password – This field is mandatory.
      Note: If the LDAP is turned off in MDM environment, enter any value for the device to enroll.
  6. Click Next.


After successful authentication, the device gets enrolled. To verify MDM enrollment status, go to Settings > Access work or school. You can view that the device is connected to MDM.