Configure Self Service Portal user management

Note For Sophos Mobile on Premise, user management for the Self Service Portal is configured by the super administrator when a customer is created. See the Sophos Mobile super administrator guide.
  1. On the menu sidebar, under SETTINGS, click Setup > Sophos setup, and then click the User setup tab.
  2. Under Device assignment, select what happens when you delete a user that is assigned to a device:
    OptionDescription
    Unassign user from device The user assignment is removed. The device status is not changed.
    Unenroll and delete device The device is unenrolled from Sophos Mobile and deleted.
    Unenroll device The device is unenrolled from Sophos Mobile. The device status is changed to Unenrolled.
    This setting is not available when you use external user management.
  3. Under User management mode, select how Sophos Mobile manages user accounts:
    OptionDescription
    None. No SSP, user-specific policies, or LDAP administrators available. User management is turned off. You can’t assign users to devices and you can’t use the Self Service Portal.
    Internal directory You create user accounts and user groups in Sophos Mobile.
    External LDAP directory Sophos Mobile uses user accounts and user groups from an LDAP directory.
    Azure AD federated authentication You create user accounts and user groups in Azure Active Directory (Azure AD). When users sign in to the Self Service Portal, they authenticate with Azure AD.

    See Configure federated authentication.

  4. For external user management, click Configure external LDAP to configure the connection to your LDAP directory.
  5. Select Save.

After you’ve set the user management mode, you can’t switch directly to a different mode. Instead, select None. No SSP, user-specific policies, or LDAP administrators available. to make all options available again.

Note

You can’t change the user management mode in the following situations:

  • There are users assigned to devices.
  • There are Apple Volume Purchase Program (VPP) licenses assigned to users.