NOTE: Review the iTunes Store Terms and Conditions, which discusses Apple IDs and associated devices. You may find that a different Apple ID strategy is more appropriate.
Using this strategy, the Apple ID is distributed through a restore of a common device backup. The device will retain the Apple ID, but not the password. Users will prompted to verify the password whenever the Apple ID is used (e.g. during an app install). This change was implemented by Apple in April of 2016, previously a restore would retain the password (even after a device was erased).
Note that unlike Apple Configurator, the Mac or Windows hosting the Launchpad does not need to be authorized for this Apple ID. So you may use this technique on more than five Launchpads.
Select the master device
To create your original, use the same model device as your eventual destinations. So if you will be deploying to a bunch of iPhone 6+’s, use an iPhone 6+ as your original.
Create the backup
To create the initial backup, start with an erased device, and tap through the setup screens. When prompted for Apple ID, choose to skip this step. When done, download at least one app, and at that point enter the Apple ID credentials. (This process keeps your Apple ID in the App Store only, and not in Messages, iCloud, FaceTime, etc.). Then create your backup. Note: make sure the device model you are using to create the backup is the same device model that you will be deploying to.
Deploy to devices
In the “Restore from Backup” options dialog, upload the backup to GroundControl. For the Backup Scrubbing option be sure to choose “Preserve the Apple ID.”
The device will always prompt for the Apple ID password. Password settings can be modified in General>Restrictions>Password Settings to either always require, or to only require after 15m. This authentication associates the device UDID with that Apple ID in Apple’s iTunes cloud.
Certain newer iOS devices may interrupt automatic deployment with 1-3 setup screens (“Hello,” “Update Completed,” “Get Started”). These setup screens will prevent MDM from installing apps. We are working to improve this experience.