Restrict Apple IDs on iPhones and MacsSolved

Participant
Discussion
7 months ago

Hello people

Our organization’s devices are primarily focused on the Apple ecosystem. We have Macs and iPhones distributed to our employees across the organization. To maintain consistency and data sync across devices in different teams, we have a common managed Apple ID logged in to these devices. Is there a way we could get a compliance alert if any user tries to modify the Apple ID on those devices? Alternatively, it would also be helpful if there was an option to restrict them from changing Apple IDs altogether. Any help is greatly appreciated.

Replies (3)

Marked SolutionPending Review
Participant
7 months ago
Marked SolutionPending Review

Hello

I found a discussion that might help you in this case, you can check it out:

https://www.hexnode.com/forums/topic/prevent-users-from-adding-apple-id-on-iphone/

Hope this helps, Happy testing.

Prevent users from adding Apple ID on iPhone

Marked SolutionPending Review
Participant
7 months ago
Marked SolutionPending Review

Hey @edmund

It seems the suggested discussion might only work for iOS devices. While searching for the macOS case, I found a custom configuration profile to disallow account modification. Click here.

Marked SolutionPending Review
Hexnode Expert
7 months ago
Marked SolutionPending Review

Hello @desmond

Thank you for reaching out to us. I’m sorry to inform you that Hexnode currently does not support showing a compliance alert for devices in which Apple IDs are modified. @edmund and @verbnigge, those are some valuable and helpful insights you have provided.

Let me help simplify this scenario and summarize the suggested solutions.

Hexnode provides an option to restrict users from modifying Apple IDs on both iOS and macOS devices. Please navigate through the following steps:

  • Login to Hexnode UEM.
  • Navigate to Policies > New Policy. Provide a Name and Description (optional) for the policy.
  • For iPhones:
    • Navigate to iOS > Advanced Restrictions > Allow Security and Privacy Settings > Modify an account. This option only works for Supervised iOS 7.0+ devices.
  • For Macs:
    • Navigate to macOS > Advanced Restrictions > Security and Privacy > Users can modify an account. This option only works on devices running on macOS 14 and above.

Alternatively, Apple provides the “allowAccountModification” payload common for devices running supervised iOS 7 and later, macOS 10.14 and later. The following sample configuration profile can also help you to resolve your problem:

You can use Hexnode’s Deploy Configuration Profile feature to associate the above policy with the respective iOS and macOS devices.

For detailed documentation on using the Deploy Configuration Profile feature, please refer to the following links:

Hope this information helps. Please feel free to contact us for any further clarifications.
Regards,
George
Hexnode UEM

Save