Overview of Automatic Enrollment of Devices

New
  • Updated on May 7, 2025
  • Published on Mar 12, 2025
  • 4 minute(s) read
  • a
  • s
 Prev Next

Introduction

Automatic enrollment is a key feature of the HP Workforce Experience Platform (WXP) that simplifies and secures device onboarding at scale. It enables you (IT teams) to register, configure, and manage devices without manual intervention. This approach is ideal for seamless deployment across hybrid, remote, and enterprise environments.

Target Audience

Primary audience:

  • IT administrators and support personnel who set up and manage the platform (all roles)

  • HP Partners who manage customers using the platform

  • Internal and external developers who integrate with the platform

Secondary audience:

  • Decision-makers such as Product Managers, Sales teams, and C-suite executives

Prerequisites

  • You must have IT Administrator privileges.

  • Devices must be connected to the internet for automatic enrollment.

    Note: Use alternative methods for devices that cannot connect to the internet.

Key Features

Some of the key features are as follows:

  1. Hands-free onboarding: New devices are automatically registered in the platform without requiring manual intervention. Automatic enrollment is key for growing organizations, as it allows easy onboarding of new devices without increasing the administrative burden. It is well-suited for organizations with distributed and remote workforces.

  2. Consistent security and compliance: Automatically enrolled devices inherit policies, configurations, and compliance settings defined within the platform. This ensures that devices meet corporate IT standards from day one, minimizing compliance gaps.

  3. Reduces manual effort and human errors: Unlike manual enrollment, automatic enrollment reduces administrative overhead and supports scalability, in large or distributed organizations.

  4. Supports hybrid and remote workforces: Automatic enrollment ensures devices are covered even if they are shipped directly to users' homes. This is relevant for modern remote and hybrid work environments, where devices may not always pass through IT hands before being delivered to employees.

Popular Use Cases

Some of the popular use cases of automatic enrollment as are: 

  1. Rapid device deployment for new employees

    • Scenario: Your organization wants to quickly provision and set up new devices for incoming employees across multiple locations.

    • Solution: Automatic enrollment allows your IT to pre-configure devices so that when new employees receive their devices, they’re instantly enrolled, compliant with security policies, and ready to use with all necessary software and permissions. This minimizes setup time and provides a smooth onboarding experience.

  2. Enforcing Security Policies Across Devices

    • Scenario: You want to ensure that all devices meet compliance and security standards, such as data encryption and access restrictions.

    • Solution: With automatic enrollment, devices are automatically configured to align with security policies as soon as they connect to the network. This ensures that every device adheres to company standards, helping to protect sensitive data and reduce security risks without manual intervention.

  3. Remote Management for a Distributed Workforce

    • Scenario: Your organization with a distributed or remote workforce wants to remotely monitor, update, and secure devices without requiring in-person access.

    • Solution: Automatic enrollment via cloud-based tools, like Microsoft Intune, enables remote monitoring and management. Your IT admins can deploy updates, troubleshoot issues, and secure devices, regardless of where employees are located, keeping the workforce connected and secure.

  4. Simplifying BYOD (Bring Your Own Device) Management

    • Scenario: Your organization has a BYOD policy and needs a way to manage and secure employees' personal devices used for work purposes.

    • Solution: Automatic enrollment helps manage BYOD devices by setting security protocols, configuring work profiles, and restricting access to sensitive data. This allows employees to use their personal devices while ensuring company data remains secure.

Automatic Enrollment - Windows

For Windows devices, automatic enrollment involves enrolling devices to manage settings, enforce security policies, deploy applications, and provide updates across a fleet of devices. The automatic aspect removes the need for manual, device-by-device setup, which is cumbersome for large-scale deployments.

HP Workforce Experience Platform offers the following options to automatically enroll Windows devices.

Method

Description

Usage

Company PIN (setup.exe)

Uses a Company PIN and the setup.exe installer to register devices during installation. This lightweight method allows devices to be manually or programmatically enrolled during the initial software installation.

Ideal when you want a quick way to enroll devices during installation using a unique PIN, particularly in small deployments or when distributing devices outside of IT control.

Install.CMD Batch Script

Automates enrollment using a batch script (Install.CMD) that invokes setup.exe during system startup. The script checks if the agent is installed and initiates enrollment.

Suitable for managing devices via a local network and need to automate enrollment at boot through scripts. Ideal for GPO-managed environments with limited internet access.

Microsoft Active Directory Group Policy (GPO)

Leverages Group Policy Objects (GPO) in an on-premises Active Directory environment to push the Install.CMD script to all domain-joined devices for enrollment.

Ideal when you want a centralized control in a traditional enterprise environment and need to automatically deploy the agent to domain-joined Windows machines.

Microsoft Intune (MSI Installer)

Enables automatic enrollment through Microsoft Intune by packaging the MSI version of the agent and deploying it via endpoint configuration profiles.

Recommended for cloud-based environments, especially where remote device management is required. This approach is beneficial for organizations using Microsoft Intune for device management, as it facilitates deployment across diverse geographical locations.

Microsoft Intune (setup.exe Installer)

Deploys the setup.exe version of the installer via Microsoft Intune, providing greater flexibility during installation.

Suitable when you prefer using setup.exe for its additional options or silent install parameters, while still leveraging Intune's cloud-based deployment capabilities.

Microsoft System Center Configuration Manager (SCCM - MSI Installer)

Installs and enrolls the WXP agent using SCCM and the MSI installer. Offers silent deployment, package control, and status monitoring for IT administrators.

Best suited for environments with SCCM infrastructure for complex environments that need advanced deployment control and monitoring.

Microsoft System Center Configuration Manager (SCCM - setup.exe Installer)

Enables enrollment through SCCM using the setup.exe version of the installer, offering additional customization options.

Ideal when you need the configuration flexibility of setup.exe combined with the centralized deployment capabilities of SCCM.

Ivanti

Integrates WXP agent deployment with Ivanti endpoint management tools. Ivanti can be used to deploy the installation files and trigger enrollment silently across a managed fleet.

Ideal when already using Ivanti for software deployment or asset management and want to embed enrollment into your existing device management workflows.

Contact Us

For any assistance, create a support case or email [email protected]

 

 

Related articles