Configuring Shared Devices
This set of instructions may be used in environments where users do not have access to their Active Directory password but have other means of authentication like a Smartcard reader.
Note: These instructions are designed for active directory users only.
- [ADMIN] Configure two (or more) users to share a device by following these steps.
- Log into the AirWatch Admin Console and navigate to Accounts > Users > List View and locate the users who need to share devices. Select the pencil icon to edit each of these user accounts to enable device staging.
- On the Add / Edit User screen, select the Advanced tab, scroll down to the Staging section and select Enabled on the Enable Device Staging field.
- Select the staging settings that will apply to this staging user. Choose to enable Multi User Devices to stage devices for use by multiple users.
- Select Save to save changes to the user account or select the Save and Add Device button to save the settings and proceed directly to the Add Device page.
- On the device, download and install the AirWatch Agent by either:
Launch the AirWatch Agent and enroll the device by entering the proper Group ID and staging user credentials as required.
During enrollment, when prompted, select Multi-user to determine how the device is staged.
Complete enrollment as the staging user you created and install the MDM profile by following the prompts.
- Opening the device's internet browser and navigating to awagent.com or alternately, using your device to visit the store to download the AirWatch Agent or
- Point your browser to the enrollment URL (https://www.<environment_URL>.com/enroll).
[ADMIN] Configure a Shared Device Passcode by navigating to Groups & Settings > All Settings > Devices & Users > General > Shared Device and enable the field Require Shared Device Passcode together with any related options such as requiring special characters, expiration times, auto-logout, etc.
[USER] Using your assigned SmartCards to authenticate, log into the Self Service Portal (SSP) which is being run on a PC set up with a SmartCard reader. You will be prompted to select a shared device passcode, which is different than the single-sign-on passcode.
"Check out" the device by logging into the installed AirWatch Agent using the single sign-on passcode. Checking out the device causes all profiles to be pushed down to the device according to your User Group and Organization Group, as per your active directory account.
Conduct your daily activities using the device as necessary until checking it back in. This could be a matter of hours, days, or even multiple days, all configured by the admin in step 10.
If the session expires (per admin's specifications in step 10) or if you forget the shared device passcode, you must log back into the SSP and create a shared device passcode based on the policy.
[ADMIN] If a user has forgotten their shared passcode, you can request a new one on their behalf by navigating to Accounts > Users > List View, locate and select the user in need of a new passcode, select the Edit button and the Add/Edit User screen displays showing the Shared Device Passcode field. Select the Change button to initiate the creation of a new shared passcode.