Apple Settings

From this section you can configure additional settings for better management of iOS and macOS devices. This article describes settings offered under Scalefusion Dashboard and how IT Admins can configure them.

How to Access

These settings can be configured by navigating to Utilities > Global Settings > Apple Settings on Scalefusion Dashboard.

User Account Management Settings

Capture and sync Apple ID of user accounts

For Scalefusion managed macOS devices, you can capture the Apple IDs of user accounts. The ID captured and synced is shown at following places: 

1. Device Info (Full Device Information > Device info), under iTunes Account Id.
   
2. Device User Accounts Report
3. User account information on clicking Info icon in User Accounts section

To capture Apple ID,

1. Navigate to Utilities > Global Settings > Apple Settings
2. Under User Account management settings, select one of the options from the drop-down:
   1. Not Configured: If you select this option, the Apple ID is not captured and shown as N/A
   2. Only Enrolled User: The Apple ID of only the enrolled user gets captured
   3. All User Accounts: Captures Apple IDs of all user accounts existing on the device
3. Click on Save Settings
   
   

Create Admin Account

On enabling this, you can configure the Global Admin settings where a new admin account will be created using the specified details. 

Pre-requisite: Scalefusion MDM Client (agent app for macOS) should be installed.

1. Skip Account creation if DEP Admin account already exists: If this is enabled, a new global admin account will not get created if ADE Admin account already exists on the device.  Provide the following details to create global admin account:
   1. Account Full Name
   2. Account Username
   3. Password: The configured password will be visible in the User Info section on the Device Details page. Select one of the options from below:
      1. Automatically generate a unique password per device
      2. Configure a static password: Enter a password for logging in with admin account. Password should be 8 characters or more and should adhere to Organization's password policy
2. Mark as Hidden Account: With this enabled, the admin account will be created but won't be visible on the device.
3. Admin Account Name conflict handling: Configure how to handle local account name conflicts for Global Admin Account by choosing one of the following options:
   1. Skip Creation: This will skip the creation of Global Admin Account.
   2. Delete Existing Account: This will delete the existing account and create a new one with the specified Username. Use this option with caution as this may cause Data Loss
   3. Mark as Global Admin: If you have configured Global Admin with a username that already exists on device as a local user, then the account will be converted to Global admin.
      

Enable Service Account Maintenance

If enabled, user will be prompted to enter the credentials in order to perform the maintenance activities for Service Admin accounts. 

1. Password Sync: User credentials will be used to reset password of Global and ADE Admin accounts if it was changed locally.
2. Grant Secure Token Access: User credentials will be used to grant Secure Token to Global and ADE Admin  accounts.
3. Prompt frequency: Configure the frequency at which users will be prompted to enter credentials, from the following options:
   1. 12 hours
   2. 24 hours
   3. On Every Login
4. Prompt Message: Configure the message that will appear when the user will be prompted
5. Click on Save Settings