DETAILED ACTION
Status of Claims
Claims 1 – 20 are pending.
Claims 1, 8 and 15 are independent.
This office action is Non-Final.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 1 – 7 and 15 -20 are objected to because of the following informalities:  In claim 1 (and claim 15) , term “by the management agent” appears to be repeated in error.   Appropriate correction is required.
Double Patenting
Claims 1 - 20 of this application is patentably indistinct from claims  of Application No. 16/432,111. Pursuant to 37 CFR 1.78(f), when two or more applications filed by the same applicant or assignee contain patentably indistinct claims, elimination of such claims from all but one application may be required in the absence of good and sufficient reason for their retention during pendency in more than one application. Applicant is required to either cancel the patentably indistinct claims from all but one application or maintain a clear line of demarcation between the applications. See MPEP § 822.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1- 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims of U.S. Patent No. 11,093,260. Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed toward the same invention: a management agent can be executed from a manufacturer's boot environment and can install a management application that is executable in the main operating system to provision a client device for management.
The differences between the claims are provided in the table below.
Instant Application No. ‘417
Co-pending Application No. ‘260
1. A system comprising: a client device; and a memory comprising executable instructions, wherein the instructions, when executed by a processor, cause the client device to at least: execute a management agent from a manufacturer boot environment; install, by the management agent, a management application that is executable in the main operating system to provision the client device for management by a management service; set, by the management agent,a provisioning status BIOS variable to indicate that the client device is provisioned for management by a management service; and boot the client device to the main operating system, wherein the management application is executed from the main operating system.

4. The system of claim 1, wherein the instructions, when executed by a processor, cause the client device to at least: enroll, by the management application, the client device with the management service.
1. A system comprising: a client device; and a memory comprising executable instructions, wherein the instructions, when executed by a processor, cause the client device to at least: determine, by a manufacturer boot environment, that the client device is required to be provisioned for management by a management service, wherein the manufacturer boot environment determines that the client device is required to be provisioned based on a provisioning requirement BIOS variable of the client device; execute a management agent from the manufacturer boot environment; determine, by the management agent, that a main operating system of the client device is currently unprovisioned for management by the management service; install, by the management agent, a management application that is executable in the main operating system; boot the client device to the main operating system and execute the management application; and enroll, by the management application, the client device with the management service by installing an enrollment token received from the management service.
7. The system of claim 1, wherein the management application enrolls the client device with the management service during an out-of-box experience of the client device.

2. The system of claim 1, wherein the management application enrolls the client device with the management service during an out-of-box experience of the client device.
6. The system of claim 1, wherein the manufacturer boot environment downloads at least one of the management agent and the management application.
3. The system of claim 1, wherein the manufacturer boot environment downloads at least one of the management agent and the management component.
5. The system of claim 1, wherein the instructions, when executed by a processor, cause the client device to at least: read, by the management agent, the provisioning status BIOS variable of the client device to identify that the client device is unprovisioned, wherein the management agent installs the management application based on the client device being identified as unprovisioned.
4. The system of claim 1, wherein the management agent determines that the client device is currently unprovisioned based on a provisioning status BIOS variable of the client device.
2. The system of claim 1, wherein the instructions, when executed by a processor, cause the client device to at least: transmit, by the management agent, provisioning telemetry data to the management service.

3. The system of claim 2, wherein the provisioning telemetry data comprises at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.
5. The system of claim 1, wherein the instructions, when executed by the processor, further cause the client device to at least: transmit, by the management agent, provisioning telemetry to the management service, the provisioning telemetry comprising at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.
8. A method comprising: executing a management agent from a manufacturer boot environment of a client device; installing, by the management agent, a management application that is executable in the main operating system to provision the client device for management by a management service; setting, by the management agent, a provisioning status BIOS variable to indicate that the client device is provisioned for management by a management service; and booting the client device to the main operating system, wherein the management application is executed from the main operating system.

11. The method of claim 8, further comprising: enrolling, by the management application, the client device with the management service.
8. A method for web application security through containerization, the method comprising: determining, by a manufacturer boot environment, that a client device is required to be provisioned for management by a management service, wherein the manufacturer boot environment determines that the client device is required to be provisioned based on a provisioning requirement BIOS variable of the client device; executing a management agent from the manufacturer boot environment; determining, by the management agent, that a main operating system of the client device is currently unprovisioned for management by the management service; installing, by the management agent, a management application that is executable in the main operating system; booting the client device to the main operating system and execute the management application; and enrolling, by the management application, the client device with the management service by installing an enrollment token received from the management service.
14. The method of claim 8, wherein the management application enrolls the client device with the management service during an out-of-box experience of the client device.
9. The method of claim 8, wherein the management application enrolls the client device with the management service during an out-of-box experience of the client device.
13. The method of claim 8, wherein the manufacturer boot environment downloads at least one of the management agent and the management application.
10. The method of claim 8, wherein the manufacturer boot environment downloads at least one of the management agent and the management component.
12. The method of claim 8, further comprising: reading, by the management agent, the provisioning status BIOS variable of the client device to identify that the client device is unprovisioned, wherein the management agent installs the management application based on the client device being identified as unprovisioned.

19. The non-transitory computer-readable medium of claim 15, wherein the instructions, when executed by a processor, cause the client device to at least: read, by the management agent, the provisioning status BIOS variable of the client device to identify that the client device is unprovisioned, wherein the management agent installs the management application based on the client device being identified as unprovisioned.

11. The method of claim 8, wherein the management agent determines that the client device is currently unprovisioned based on a provisioning status BIOS variable of the client device.
9. The method of claim 8, further comprising: transmitting, by the management agent, provisioning telemetry data to the management service.

10. The method of claim 9, wherein the provisioning telemetry data comprises at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.
12. The method of claim 8, further comprising: transmitting, by the management agent, provisioning telemetry to the management service, the provisioning telemetry comprising at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.
15. A non-transitory computer-readable medium embodying executable instructions, wherein the instructions, when executed by a processor, cause a client device to at least: execute a management agent from a manufacturer boot environment; install, by the management agent, a management application that is executable in the main operating system to provision the client device for management by a management service; set, by the management agent, device is provisioned for management by a management service; and boot the client device to the main operating system, wherein the management application is executed from the main operating system.

18. The non-transitory computer-readable medium of claim 15, wherein the instructions, when executed by a processor, cause the client device to at least: enroll, by the management application, the client device with the management service.
15. A non-transitory computer-readable medium embodying executable instructions, wherein the instructions, when executed by a processor, cause a client device to at least: determine, by a manufacturer boot environment, that the client device is required to be provisioned for management by a management service; execute a management agent from the manufacturer boot environment; determine, by the management agent, that a main operating system of the client device is currently unprovisioned for management by the management service, wherein the management agent determines that the client device is currently unprovisioned based on a provisioning status BIOS variable of the client device; install, by the management agent, a management application that is executable in the main operating system; boot the client device to the main operating system and execute the management application; and enroll, by the management application, the client device with the management service by installing an enrollment token received from the management service.
20. The non-transitory computer-readable medium of claim 15, wherein the manufacturer boot environment downloads at least one of the management agent and the management application.
18. The non-transitory computer-readable medium of claim 15, wherein the manufacturer boot environment downloads at least one of the management agent and the management component.
16. The non-transitory computer-readable medium of claim 15, wherein the instructions, when executed by a processor, cause the client device to at least: transmit, by the management agent, provisioning telemetry data to the management service.

17. The non-transitory computer-readable medium of claim 16, wherein the provisioning telemetry data comprises at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.
19. The non-transitory computer-readable medium of claim 15, wherein the instructions, when executed by the processor, further cause the client device to at least: transmit, by the management agent, provisioning telemetry to the management service, the provisioning telemetry comprising at least one of: a client device model identification, a manufacturer boot environment identification, a main operating system identification, a management application identification, a total provisioning time, and a provisioning result identification.


Appropriate action is required.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Reagan; Spencer et al. (US Patent Application Publication No. 2016/0188307) “PERSISTENT MOBILE DEVICE ENROLLMENT”
Mistry; Shaunak et al. (US Patent Application Publication No. 2017/0094509) “Using Derived Credentials For Enrollment With Enterprise Mobile Device Management Services”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TERRELL S JOHNSON whose telephone number is (571)270-3485. The examiner can normally be reached 10AM-7PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached on 571-270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TERRELL S JOHNSON/Primary Examiner, Art Unit 2187