Apple @ Work is brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that fully integrates 5 different applications on a single Apple-only platform, allowing Businesses and Schools to easily and automatically deploy, manage & protect all their Apple devices . Over 32,000 organizations leverage Mosyle solutions to automate the deployment, management and security of millions of Apple devices daily. Request a FREE account today and discover how you can put your Apple fleet on auto-pilot at a price point that is hard to believe.
It’s nearly impossible to use an Apple device without an Apple ID (iCloud account) but Managed Apple IDs are unique to your company or school and separate from Apple IDs that you can create for yourself. Unlike with personal Apple IDs, IT administrators manage the services that your Managed Apple ID can access. Managed Apple IDs are similar to regular Apple IDs, but they are owned and managed by the organization and can be used to create an account for a student or employee.
About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise grade Wi-Fi, 100s of Macs, and 100s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.
How do you create a Managed Apple ID?
Apple School Manager and Apple Business Manager makes it easy to create unique Managed Apple IDs for each person in bulk. When you use these accounts with iWork collaboration, that collaboration is limited to other people within your organization who have their own Managed Apple IDs.
In Apple Business Manager, Apple IDs are owned and managed by the organization—including password resets and role-based administration. Creating a unique Managed Apple ID for each person is easy when you use this tool.
Over the years, Apple has built out a number of ways to create these special Apple IDs. Some methods are more automatic than others, so find the one that works best with your organization and your identity provider.
- Import your students’ accounts from your Student Information System (SIS) into Apple School Manager.
- Import .csv files using the Secure File Transfer Protocol (SFTP).
- Use federated authentication with Google Workspace or Microsoft Azure AD.
- Import Google Workspace users.
- Use SCIM to import users from Azure AD into your on-premises directory.
- Create accounts manually.
Most organizations will want to rely on some sort of automated process. For schools, it might make sense to use their Student Information System, but I recommend all schools and businesses look for some sort of method that works with directory hosts like Azure AD or Google Workspace. As a result, users can leverage their Google Workspace or Azure AD usernames and passwords as Apple ID. They can use their Apple ID to sign in to all of their iOS devices and other computers with iCloud, regardless of whether they’re using it on a Mac or PC. One thing to keep in mind – organizations can link only to Google Workspace or Azure AD, not both at the same time.
What are the benefits?
These special Apple Ids are used to access Apple’s iCloud service, just like regular ones. For example, they are used for Classroom, Schoolwork, and collaboration with iWork and Notes by students or teachers. Administrators and Staff can sign in to the Apple School Manager. Prior to Managed Apple IDs, individual users create Apple IDs for personal use. These are used to license apps and manage iCloud accounts, among other things. Simply put, they are dedicated Apple IDs for work or school that your IT staff controls.
Apple IDs controlled by the organization are much more beneficial in an education environment than they are for enterprise customers. There are many specific places where Managed Apple IDs will be beneficial for using Sign in With Apple. Apple has done a nice job of streamlining the process of not only making new Apple IDs but also keeping them in sync with Azure AD or Google Workspace. The most common use case for Managed Apple IDs is going to be in education. There are many benefits to using Sign in With Apple with Managed Apple IDs, including the ability to manage all of your students’ accounts from a single place with Azure AD or Google Workspace. This means that if a student leaves or graduates, their account can be deleted or simply disabled without much effort.
Where it gets tricky to recommend is for business customers. While there’s no cost to deploying a dedicated business Apple ID, it is yet another account for employees to manage. Where it makes sense to deploy is in combination with User Enrollment. Employees can be provisioned onto devices by enrolling with their work Apple IDs. These business Apple IDs don’t interfere with personal iCloud accounts. A work Apple ID that’s managed can be used alongside the personal account that a user has already signed in to; they will not interact with each other.
User Enrollment is for securing devices owned by the user to access company resources, and that’s the main benefit of deploying Apple IDs for business customers. Otherwise, an employee is likely not going to need one.