We have iPads enrolled in MDM with Jamf Pro and also configured for ADE via Apple School Manager (supervised devices).
I want to allow sign-in with Managed Apple IDs issued in Apple School Manager only on these supervised devices.
According to the following document:
https://learn.jamf.com/en-US/bundle/technical-articles/page/Configuring_Access_Management_for_Managed_Apple_Accounts_in_the_Jamf_Pro_API.html
My understanding is that this can be achieved by using the API to set the server UUID on the Jamf Pro side in the field,
and then changing the setting in Apple School Manager from “Allow Managed Apple Accounts on all devices” to “Allow only on supervised devices”."automatedDeviceEnrollmentServerUuid"
Is this really feasible in practice?
Has anyone actually implemented this in a production environment?
If so, I would appreciate any advice or points to be aware of.