We got a new bunch of Linux devices in our company which we’re looking to enroll in Hexnode. I’ve heard that Linux devices can be enrolled into Hexnode pretty easily via CLI without any authentication. Can anyone confirm if this is possible?
11 Views
Replies (4)
Marked SolutionPending Review
Hexnode Expert
1 day ago
Marked SolutionPending Review
@carter , yes, it is. Linux devices can be enrolled into Hexnode UEM via CLI through the Open Enrollment method. This method does not require any user authentication, so enrollment can easily be done by executing a series of commands in the CLI terminal.
Marked SolutionPending Review
Participant
1 day ago
Marked SolutionPending Review
@kylian_parker , will there be any security implications in open enrollment as you mentioned that user authentication is not required? Is there any way to authenticate enrollment for Linux devices?
Marked SolutionPending Review
Hexnode Expert
1 day ago
Marked SolutionPending Review
@carter , your doubts are valid. The con of enrolling Linux devices via Open Enrollment is that anyone with portal access or even the enrollment URL will be able to enroll their devices directly into the portal. So, for preventing unauthorized enrollments and giving an added layer of security, I would suggest you switch to Authenticated Enrollment. With Authenticated Enrollment, you can send users enrollment requests with their unique enrollment credentials via email/SMS or share pre-assigned passwords. During the execution of the enrollment commands in CLI, the users will have to authenticate with these credentials to complete their enrollment.
To switch to Authenticated Enrollment,
-
Log in to your Hexnode portal.
-
Go to Admin > Enrollment > Authentication Modes and enable Enforce Authentication. Then, select the types of users to enroll.
-
Click Save.
Marked SolutionPending Review
Participant
1 day ago
Marked SolutionPending Review
Thanks for your help and clarification on the matter @kylian_parker .
Save
