Enrolling your new Mac remotely Print

Modified on: Tue, 17 Aug, 2021 at 1:01 PM

Use this enrollment guide for brand new Macs that have never been logged onto and have been added to Apple Business Manager.

Before you begin, make sure you have your AonNet ID (A079xxxx) and Password available. This one-time enrollment process will take between 60 – 90 minutes and you will be unable to use the Mac during this time.

After the enrollment process completes you will use your AonNet ID and Password to login. Please make sure you have your AonNet password available.

The enrollment process will perform the following on your Mac:

Rename the Mac to comply with Aon’s naming standards.
Install Palo Alto GlobalProtect VPN client for connectivity to Aon’s network.
Install Symantec Endpoint Protection to protect from threats and malicious software.
Install the following additional applications:
- Adobe Reader
- Google Chrome
- Microsoft Edge
- Microsoft Office
- WebEx Productivity Tools
- WebEx Teams

Note: Additional applications are available for installation in the Aon Self Service Portal.

Please follow these steps in sequence to register your Mac with Aon device management:

1. Logging onto your Mac for the first time

When you first start your Mac, you will be prompted to select your region. Please select your appropriate Region and click Continue.
If you see this window, just choose English and click next
Please select your home network on the next screen and type in your home network password. Click Continue.
Click Continue on the Remote Management screen.
In Full Name: Enter your First/Last name and Account Name enter your Aon ID. (Please be sure to double check for accuracy before proceeding here)
The Enrollment process will create your account and will setup your Mac.
Click the Register Your Mac button at the bottom of this screen	$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-10 at 1.33.42 PM.PNG$
Enter your AonNet ID and select your Country from the drop-down menu. Click the “Register Your Mac” button. The enrollment process will continue for 60-90 minutes depending on you network connection speed.	$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-10 at 1.34.04 PM.PNG$
Imaging will begin and should bring up a window like you see here. As stated, the imaging process duration is based on the speed of your connection so this could be anywhere from 30min to 2hrs or more. However, usually no more than 90 minutes.
During imaging, you should eventually get prompts asking for your credentials to allow access to Symantec or Global Protect - be sure to choose "Open Security Preferences", unlock using your credentials and choose "Allow". Once done, even though it prompts for a restart, do not restart until "Welcome To Aon" window has completed.
Note: you may see other prompts during the process to install available updates from Apple. After they are installed you will receive a message that the Mac will restart in 2 minutes. At this point the enrollment is complete, click OK to close this message.
Click Restart on the Welcome to Aon screen. After rebooting your Mac, login in with your same ID and password. You will not need to use your AonNet password until after completing Section 5 below.	$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-10 at 1.53.31 PM.PNG$
Depending on the version of macOS, you will be prompted to either type in your password to enable FileVault or click Enable Now to start disk encryption. Type your password or click Enable Now. This is necessary to comply with Aon’s security requirements.

2. Connecting to GlobalProtect VPN

Launch GlobalProtect by either using the globe icon in the top right-hand side of the screen or by searching for GlobalProtect using Spotlight.
Use your Okta credentials (enter email in the format aon.user@aon.com and your AonNet password). You will be sent an authentication code or Okta verify message.	$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-10 at 2.20.52 PM.PNG$
Once connected you will see Aon’s Privacy and Security message, close this screen.	$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-10 at 2.21.58 PM.PNG$
Allow Access to GlobalProtect when prompted by either clicking OK or Allow.

3. Installing the AD Bind application

This installation applies only if you enrolled the Mac over the internet while outside of an Aon office. Binding the Mac is necessary for you to connect to the Aon wireless network in Aon offices.

4.

While connected to GlobalProtect VPN, perform the following steps to launch Self Service;

Open Finder
Click Applications under Favorites
Search for Self Service

Search for and install the application called “AD Bind – Join the Aon Network” and close Self Service when complete.

4. Synchronize your AonNet and local passwords

After completing the synchronization of your passwords, you will use only your AonNet password to log into your Mac. Local passwords will no longer be necessary.

To synchronize your AonNet and local passwords, launch NoMAD while connected to VPN.

You can find NoMAD by searching with Spotlight or locating it in Finder – Applications.

$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-11 at 9.33.30 AM.PNG$

NoMAD will display in the top right-hand side of your Mac as a blue triangle.

Select Sign In and enter your AonNet ID and password.

If your domain and local passwords are not the same, you will be presented with a message informing you that your passwords are not the same.

Enter your local Mac password and select Sync.

This will synchronize your AonNet and local passwords. Going forward you will log onto the Mac using your AonNet password.

$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-11 at 9.34.41 AM.PNG$

5. Configure Aon United Wi-Fi

Connecting to the Aon United wireless network will require configuration. Please wait 1-2 hours after enrolling you Mac before you perform this step, it takes some time for the wireless certificate to be recognized on your Mac.

This is a one-time configuration that will need to be performed while you are in an Aon office.

While in an Aon office, click on Wi-Fi (located on the top right-hand side of the screen) and select Aon-United.

From the drop-down Mode menu, select EAP-TLS.

For Identity, select the certificate that ends with the last 10 digits of the Mac serial number (to see the serial number, click on the Apple icon and select About this Mac).

For Username, enter the text “host/” followed by the computer name (from Identity above) followed by the domain “.aonnet.aon.net”.

Example: host/nusla2zr49fmd6r.aonnet.aon.net

$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-24 at 1.12.23 PM.PNG$

If you receive a second prompt asking for Certificate for network AON-UNITED, please select the computer name from the drop-down menu and leave the Account Name field empty.

6. Aon Self Service

Colleagues with Macs use Aon Self Service to install applications.

To launch Self Service;

Open Finder
Click Applications under Favorites
Search for Self Service

Search for and select the application you wish to install and click the Install button.

When installing applications, the status will be displayed in the installation button or you can click on “Activity” at the top of Self Service to view further details.

$C:\Users\ah12252\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Screen Shot 2020-08-24 at 11.11.28 AM.PNG$

Did you find it helpful? Yes No

Help Desk Software by Freshdesk