This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 2%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
Dear folks,
I am managing some iPAD devices with MS Intune.
This devices are "corporate" devices, not "personal" device.
How can I "deny" the usage of Apple ID?
I would "greyed out" option that permit to end user to login/create account on Apple ID.
Thanks!
Hello Federico
If you want to restrict or prevent users from signing in or creating an Apple ID on corporate-managed iPads using Microsoft Intune, you can achieve this by configuring restrictions on the device using Intune policies. Here's how you can prevent users from signing in or creating an Apple ID:
Create and Assign a Device Restrictions Policy:
In the Microsoft Endpoint Manager admin center, navigate to "Devices" > "Configuration profiles" > "Create Profile".
Select the device platform as "iOS/iPadOS".
Under the "Settings" section, look for the option related to iCloud or Apple ID. The exact name may vary, but it typically falls under the "Restrictions" or "Device restrictions" category.
Configure the setting to restrict iCloud or Apple ID sign-ins. This may involve disabling the option to Sign in with an Apple ID, Preventing iCloud Keychain, Disabling iCloud Photo Library, etc.
Save the policy and assign it to the group containing the corporate iPad devices.
**Deploy the Policy to Devices**:
Once the policy is created and configured, assign it to the group that includes the corporate iPad devices. The policy will be pushed to the devices, enforcing the restrictions set in the policy.
Device Compliance Check:
Ensure that the devices are compliant with the policy and that the settings are applied correctly. You can check the compliance status of the devices in the Microsoft Endpoint Manager admin center.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@Federico Coppola, Thanks for posting in Q&A.
From your description, I know you want to block permit to end user to login/create account on Apple ID.
After researching, there's a setting under Device Restriction policy may help. Device Restrictions > General > Block modification of account settings, it appears to grey out the option and not allow the user to create new account.
Hope above information will help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Federico Coppola, Hope things going well.
I am kindly following up to see if you have any remaining questions or concerns for this issue. Please note that we are always standby to support. Please feel free to reach us if any questions or concerns you may have.