Our school division uses Active Directory and managed Apple IDs.  I currently allow personal Apple IDs to be set up on a computer.  Some users have been granted administrative access on the computer they use because of the remote work they do.  I have observed that when personal Apple IDs are used with an account when a software update is available it will prompt for authentication but the username section is greyed out with just their username, but even when using their current password it says try again.  This also happens with some other things like require lock screen password.

The lock screen issue just came to my attention today but the Software Update I've been getting around that by either remoting into the computer, logging into our local account and authenticating there or pushing out a Software Update policy in Jamf Pro to that computer.

Does anyone know why this happens with personal Apple ID and how I can get around this?  This seems to happen at least with macOS Sonoma and Ventura.  Can't say I have tested beyond that.