NOTE: Review the iTunes Store Terms and Conditions, which discusses Apple IDs and associated devices. You may find that a different Apple ID strategy is more appropriate.
Using this strategy, the Apple ID is distributed through a restore of a common device backup. The device will retain the Apple ID, but not the password. Users will prompted to verify the password whenever the Apple ID is used (e.g. during an app install). This change was implemented by Apple in April of 2016, previously a restore would retain the password (even after a device was erased).
NOTE: Unlike Apple Configurator, the Mac or Windows hosting the Launchpad does not need to be authorized for this Apple ID. So you may use this technique on more than five Launchpads.
Select the master device
To create your original, use the same model device as your eventual destinations. So if you will be deploying to a bunch of iPhone 16e’s, use an iPhone 16e as your original.
Create the backup
To create the initial backup:
- Start with an erased device, and tap through the setup screens.
- When prompted for Apple ID, choose to skip this step.
- When done, download at least one app, and at that point enter the Apple ID credentials. This process keeps your Apple ID in the App Store only, and not in Messages, iCloud, FaceTime, etc.
- Then create your backup.
NOTE: Make sure the device model you are using to create the backup is the same device model that you will be deploying to.
Deploy to devices
- In the Restore from Backup options dialog, upload the backup to MAM.
- For the Backup Scrubbing option, select Preserve the Apple ID.
The device will always prompt for the Apple ID password. Password settings can be modified in General > Restrictions > Password Settings to either always require, or to only require after 15 minutes. This authentication associates the device UDID with that Apple ID in Apple’s iTunes cloud.
Certain newer iOS devices may interrupt automatic deployment with one to three setup screens (“Hello,” “Update Completed,” “Get Started”). These setup screens will prevent MDM from installing apps. Imprivata is working to improve this experience.