Change user’s domain information using Apple School Manager
In Apple School Manager, changes to a user’s domain information account require the user to sign out and sign in again with their new password.
Important: If a user’s password is changed in Azure AD, Apple School Manager invalidates the current session with that user. The user must sign in again with their new password to continue using federated authentication for access.
Change a federated user’s role
When you successfully complete your federated authentication, all users from your domain have the role of Student. You may want to change roles for Content Managers and Device Enrollment Managers. If you change the role to Administrator, Site Manager, or People Manager, that user’s authentication changes from Federated (they use their Azure AD password) to Apple. They still retain the Managed Apple ID and email address they had when federated authentication was completed.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for an account in the Search field. See How to search.
Click Edit, change the role, then click Save.
Change a user’s email to a federated domain
If you’ve successfully linked Apple School Manager to your Azure AD domain, you can change an existing account so that its email address and Managed Apple ID are identical. An exception is that an account with a role of Administrator, Site Manager, or People Manager can’t use the same address for both.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for an account in the Search field. See How to search.
Select the user from the list.
Click Edit, change the email address, click OK to also change the Managed Apple ID to match the email address, then click Save.
That user can now sign in with their Managed Apple ID and their domain password.
Edit the Managed Apple ID to a federated domain for a user
If you have successfully linked Apple School Manager to your Azure AD domain, you can change a nonfederated account so that its Managed Apple ID and email address are identical. An exception is that an account with a role of Administrator, Site Manager, or People Manager can’t use the same account for both.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for an account in the Search field. See How to search.
Select the user from the list.
Click Edit, change the Managed Apple ID, click OK to also change the email address to match the Managed Apple ID, then click Save.
Edit the Managed Apple ID to a federated domain for multiple users
Important: Users aren’t notified when their Managed Apple ID is changed, so you must notify them as soon as you make the change.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for accounts in the Search field. See How to search.
Select the users from the list.
Click Edit in the Accounts
row, then do one of the following:Change the Managed Apple ID’s unique user name structure.
Change the domain name structure.
Change both.
Change the Managed Apple ID, click OK to also change the email address to match the Managed Apple ID, then click Save.
Click Close, or wait until the activity has finished, then click Done.
Change a user’s email to an unfederated domain
If you want users to use an email address different from the one in their Azure AD domain account, you can change it. You must make their email address and Managed Apple ID identical. An exception is that an account with a role of Administrator, Site Manager, or People Manager can’t use the same address for both.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for an account in the Search field. See How to search.
Select the user from the list.
Click Edit, change the email address, click OK to match the Managed Apple ID, then click Save.
Notify the user that they have a new Managed Apple ID.
Edit the Managed Apple ID to an unfederated domain for a user
If you don’t want users to use the Managed Apple ID in their Azure AD domain account, you can change it. You must make their Managed Apple ID and email address identical. An exception is that an account with a role of Administrator, Site Manager, or People Manager can’t use the same address for both.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for an account in the Search field. See How to search.
Select the user from the list.
Click Edit, change the Managed Apple ID, click OK to also change the email address to match the Managed Apple ID, then click Save.
Notify the user that they have a new Managed Apple ID.
Edit the Managed Apple ID to an unfederated domain for multiple users
Important: Users aren’t notified when their Managed Apple ID is changed, so you must notify them as soon as you make the change.
In Apple School Manager
, sign in with an account that has the role of Administrator, Site Manager, or People Manager.Click Accounts in the sidebar, then search for accounts in the Search field. See How to search.
Select the users from the list.
Click Edit in the Accounts
row, then do one of the following:Change the Managed Apple ID’s unique user name structure.
Change the domain name structure.
Change both.
Change the Managed Apple ID, click OK to also change the email address to match the Managed Apple ID, then click Save.
Click Close, or wait until the activity has finished, then click Done.