Jul 12 2023 04:02 AM - edited Jul 12 2023 04:32 AM
Short Introduction:
This introduction will touch on a definition from Microsoft realm and Apple realm
Microsoft Realm: Federated authentication is used to link Apple Business Manager to an instance of Microsoft Azure Active Directory (Azure AD). As a result, users can leverage their Azure AD usernames (User Principal Name) and passwords as Managed Apple IDs. They can then use their Azure AD credentials to sign into their assigned iPad or Mac and even to iCloud on the web.
Apple Realm: Managed Apple IDs were specifically created to enable IT administrators to manage employee accounts within their organization. These accounts empower IT Admins to establish password policies and efficiently manage app licensing. They serve as an ideal solution, striking a balance between providing valuable and productive tools for your team while ensuring compliance with your organization’s security standards. Fortunately, Apple has streamlined this process, eliminating the need for any additional applications. Account management is conveniently conducted through the Apple portal known as Apple Business Manager (ABM). This platform allows you to effortlessly monitor all the accounts within your organization, providing the capability to manage existing accounts or generate new ones directly from your web browser.
Pros of Managed Apple ID:
Cons of Managed Apple ID:
The following features are by default disabled:
How to set up a Managed Apple ID
Prerequisites:
With this it’s going to check that the usernames within the Tenant do not already have Apple-ID, because this step will manage all the usernames.
(This process might take long time, depending on how many accounts in tenant)
Incase of username Conflict:-
User has to go through the security questions
Jan 19 2024 08:46 AM
Jan 21 2024 11:27 PM
Hello @ravindersin650 ,
regarding 1st question, I would assume that your managed Apple ID is using the same Azure domain name, if that’s the case then once the federation established between ABM and AAD, your managed Apple ID will be required to change/create apple ID. (As shown in the blog)
2nd question: if you would like to manage supervised Apple devices and you have a specific use case for that, then federation is the answer. But no work will done from Azure.
if you found my answer helpful, please make it as best.
regards
Shady Khorshed