Set Up An Enrollment Station

Enrollment Stations are central computers set up to be used solely for the function of enrolling new MFA users. The benefit of these station(s) is the enrolling user's information is not cached locally like a regular workstation and removes the need for the Enrollment Tile from your day-to-day workstations.

1. Log in to your MFA ONE portal.
2. Go to the Policies tab.
3. You'll automatically be brought to the "Look Up" page. Here you'll need to define a computer name (CN) specific Active Directory path using the AD Lookup Tool.
   

4. Use the AD Lookup Tool to find your intended enrollment station's location and click "OK".
   

5. The portal will bring you to the following page. Click "Add" to begin building out your enrollment station's MFA policy.
   

6. The MFA policy window will open up. In the Server/Sync tab, set the "Enrollment Station" setting to Enabled.
   

7. For additional, optional settings, you can copy the Logon settings below:
   

8. Click "Save" at the bottom of the page when you're done configuring the policy. You should be brought to the View format of your policy.
   

Your enrollment station policy is complete! As soon as the MFA software is installed or the target computer has re-synchronized with the server the settings will take effect.

Note: If you ever need to modify the policy, (while still in the Policies tab) you can click on "View All Policies" in the left-hand side. From this page, click "Edit" and the policy editing window will open back up.