The Force Enrollment using Login Script feature of ADSelfService Plus allows you to forcefully enroll the un-enrolled users with a login script. You can schedule the execution of a login script to enable force enrollment. Only after the enrollment, users can access other resources in their machine. 

This feature also provides you with the ability to decide whether users of the entire domain or that of a selected organisational unit(s) and group(s) would be forced to enroll. This means, with this feature you can craft a strong deployment policy that fits your requirements to a T.

Steps involved:

• Login to ADSelfService Plus web console with admin credentials.
  
• Navigate to Configuration tab → Administrative Tools → Quick Enrollment → Force Enrollment using Logon Script.
• Enter the Scheduler Name and the Description.
• Enable this scheduler only for select organizational units (OUs) and groups by selecting a policy from the Select Policy drop-down list.
  Note: To create or edit a policy, navigate to the Configuration tab → Self-Service → Policy Configuration. You can either create a new self-service policy by clicking the +Add New Policy button, or edit the existing default policy. For detailed steps, click here.
• Enter the Window Title and Window Content.
• Enter the text you want to be displayed in the Enrollment Button. Example: Enroll Now.
• Select the Cancellation Button checkbox if you want one in the pop-up, and enter the text you want to be displayed in it. Example: Remind me later.
  

• Note: Click Access URL and enter the Server Name and the Port number in which ADSelfService Plus is running. This ensures that when a user tries to enroll, the right server is contacted for the operation.
• Schedule the frequency in which you want the script to run in the Schedule Frequency field (range: Hourly to Monthly).

  

• Click Save.
  

You have now successfully set up a scheduler which runs the login script and forces users to enroll if they have not already.