Help

Log out of iCloud on all managed iOS devices

Go to solution
howie_isaacks
Valued Contributor II

Posted on ‎04-20-2017 06:38 AM

I have a customer who wants all of their managed iPads to be logged out of iCloud so that the users can setup their own iCloud account. I was hoping to find a way to do this through Jamf Pro, but I can't find one. Does anyone know if this is even possible? There are options for restricting iCloud features, but I do not see that there is a way to log them all out of iCloud. I'm either missing something, or it's just not possible. Suggestions?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
blackholemac
Valued Contributor III

Posted on ‎04-20-2017 08:50 AM

That makes sense and that's a tough one... A lot of the iOS devices management settings don't even work if you aren't using DEP, not all of them but a lot. I don't think Jamf could implement this without Apple changing the MDM spec. On iOS, they are really constrained by what Apple will and won't allow.

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
blackholemac
Valued Contributor III

Posted on ‎04-20-2017 06:52 AM

By default making them managed on a DEP enrollment should not log anyone into iCloud...when you make them managed, withdraw the Apple ID screen from your prestage to be totally sure...that way the end user can do just what you say...login as they see fit.

Source: Our new teaching staff members do this every year...we offer them 3 options for an Apple ID...use an existing one, create their own (off of either their personal or work email) or we do it for them in the worst of cases, but we make them sit with us on new teacher day to do that in the few cases we need to do that.

0 Kudos

Go to solution
howie_isaacks
Valued Contributor II

Posted on ‎04-20-2017 08:45 AM

These were not setup using DEP. They were brought to us already purchased, so I used Configurator to do the setup, and enroll them into our JSS. It's good to know there are options for DEP enrolled iPads, but I have several iPads that we will need to touch to log them out. Our customer does not want the users to have the iCloud password, so we cannot have them do the sign out by themselves. We're a managed IT service provider, not an onsite IT staff.

0 Kudos

Go to solution
blackholemac
Valued Contributor III

Posted on ‎04-20-2017 08:50 AM

That makes sense and that's a tough one... A lot of the iOS devices management settings don't even work if you aren't using DEP, not all of them but a lot. I don't think Jamf could implement this without Apple changing the MDM spec. On iOS, they are really constrained by what Apple will and won't allow.

0 Kudos

Go to solution
howie_isaacks
Valued Contributor II

Posted on ‎04-20-2017 09:02 AM

Thanks for your insights on this. I figured that this would likely be the case. I will make arrangements to get hands-on contact with the iPads, and just log them out. Our customer plans to purchase a lot more iPads soon, so I have already told them that they really need to do this via DEP from now on. It would not require us to touch the iPads at all. They could be sent directly to the users.

0 Kudos