Using enrollment codes

If you want to register a computer using an enrollment code instead of a user name and password, you should verify the following:

  • You must be a member of the System Administrator role.
  • You must have at least one role with the Linux System Registration administrative right.
  • You must generate one or more enrollment codes with the appropriate criteria—such as an expiration date, maximum number of computers that can be registered, or the IP address ranges allowed, if applicable—to be used for registration.

    If you specify IP address restrictions and are connecting to the Privileged Access Service instance through a web proxy server, be sure the IP address for the web proxy server is included in the range allowed.

If you satisfy these prerequisites, you can run the cenroll command using the --code option. To use an enrollment code, you can run a command similar to the following to register a computer in the Privileged Access Service:

sudo cenroll --tenant --code A1BC2345-D6E7-89F0-G123-HIJK4LM5N67P --features all