Restriction Hack, Apple ID

Contributor II

Our school does not allow Apple IDs on student iPads. I have disabled signing in with the Apple ID during initial setup and then push a Configuration Profile to lock the accounts in Settings and hide the Apple App Store. This prevents students from using their personal Apple ID to install apps since we are using device based management and Self Service to provide apps.
Today we discovered that you can search for any app and select install. You can see that the Configuration Profile is blocking the "Sign in with your Apple ID" prompt. However, if you continue to tap on the Get and then Install button the iPad eventually presents the "Sign in with your Apple ID" prompt allowing you to sign in and the app will install. The JSS now reports Logged in to iTunes Store as Active and they are free to install any app that you can search for completely bypassing Apple's App Store.
Has anyone else seen this and if so, do you know how to stop this?



maybe block apple services at a network level...

Contributor II

We've not found a way to stop it. We've also had similar issues with kids installing soft jailbreaks and getting apps on the devices that way. Instead of trying to stop them, we've changed our focus to catching them. We have smart groups set up using the "Apps Not In the App Catalog Are Installed" criteria that are scoped to restrictions that completely lock down the device until the apps are removed.