Posted on 06-09-2022 02:13 AM
While enabling federation in ABM, the process identified 500+ conflict accounts. the federation is not getting enabled because of this unless we revive the accounts
1) what happens if user refuse to update the change from their end? pls help with a support link explaining this if available
2) can i get a list of these 500+ users from ABM and where they may be using their work email for configurations from the ABM portal or should i get in touch with apple for this?
3) can we not enable federation without reviving these account?
4) what is the user impact if apple assigns a temporary id in place of the account in use now.
06-09-2022 06:44 AM - edited 06-09-2022 06:46 AM
You can get most answers from these documents:
https://www.apple.com/education/docs/get-ready-for-federated-authentication.pdf
https://support.apple.com/en-gb/HT209349
You might also find some more information in this thread. This is directed to Apple School Manager but should be the same/similar process for Apple Business Managers: https://www.reddit.com/r/k12sysadmin/comments/usfxhl/intro_to_google_workspace_with_apple_school/i97...
In short, there is a 60 (?) day period in which users are given the chance to update their personal apple ids with a new email address. You can't do much more until this grace period is over. Apple does not allow you to view which email accounts these are for security reasons.