Managing Apple IDs can be Frustrating
Organizations coming from other MDMs or previous deployment setups often have Apple ID-related war stories. They may have a spreadsheet filled with hundreds or thousands of Apple IDs and passwords, one Apple ID per device. Even worse, they may be sharing one single Apple ID across all of their devices, a violation of Apple policy which can result in Apple ID suspension.
Deploying Without Apple IDs
The old limitations of Apple ID are gone. Apple now offers ways to manage many devices and apps without using Apple IDs at all. The table below highlights some common uses of Apple IDs and alternative approaches.
| Function | Apple ID Method | Alternative Method |
|---|---|---|
| Installing Apps | User forced to enter Apple ID & password during install. | SimpleMDM automates device-based licensing with the Apple Volume Purchase Program (VPP). |
| Recovering a Lost Device | Administrator must sign into icloud.com with end user's Apple ID. | SimpleMDM provides MDM Lost Mode for supervised devices. |
| Unlocking Activation Lock | Administrator must retrieve the end user's Apple ID. | Supervision disables activation lock, even if an Apple ID was entered by the end user. |
We strongly recommend avoiding any sort of Apple ID management, if possible. If the devices in your deployment are organizationally-owned, a combination of supervision and Apple VPP are generally acceptable in lieu of using Apple IDs. If devices are employee-owned, Apple VPP can be used to manage all company-specific apps and licenses. Employees can then use their personal Apple IDs for non-business related activities.
When Apple IDs Are Still Needed
There are a few exceptions where Apple IDs may still be needed:
- A company wishes to use Apple ID-based iMessage and/or FaceTime across company-owned devices.
- A company wishes to distribute apps and Apple VPP is not available in their country.
- A company wishes to use iCloud services on devices.
If your company is in this situation, it is best to create a unique Apple ID for each device. As previously mentioned, sharing an Apple ID across multiple devices in your organization is a violation of Apple policy and could result in the Apple ID being suspended.
