Our organization’s devices are primarily focused on the Apple ecosystem. We have Macs and iPhones distributed to our employees across the organization. To maintain consistency and data sync across devices in different teams, we have a common managed Apple ID logged in to these devices. Is there a way we could get a compliance alert if any user tries to modify the Apple ID on those devices? Alternatively, it would also be helpful if there was an option to restrict them from changing Apple IDs altogether. Any help is greatly appreciated.
It seems the suggested discussion might only work for iOS devices. While searching for the macOS case, I found a custom configuration profile to disallow account modification. Click here.
Thank you for reaching out to us. I’m sorry to inform you that Hexnode currently does not support showing a compliance alert for devices in which Apple IDs are modified. @edmund and @verbnigge, those are some valuable and helpful insights you have provided.
Let me help simplify this scenario and summarize the suggested solutions.
Hexnode provides an option to restrict users from modifying Apple IDs on both iOS and macOS devices. Please navigate through the following steps:
Login to Hexnode UEM.
Navigate to Policies > New Policy. Provide a Name and Description (optional) for the policy.
For iPhones:
Navigate to iOS > Advanced Restrictions > Allow Security and Privacy Settings > Modify an account. This option only works for Supervised iOS 7.0+ devices.
For Macs:
Navigate to macOS > Advanced Restrictions > Security and Privacy > Users can modify an account. This option only works on devices running on macOS 14 and above.
Alternatively, Apple provides the “allowAccountModification” payload common for devices running supervised iOS 7 and later, macOS 10.14 and later. The following sample configuration profile can also help you to resolve your problem:
235 Views
