Skip to main content
Skip table of contents

Electric IT Hub | Creating & Managing Your Apple ID for Device Management

To manage Apple devices (macOS, iOS, iPadOS) using a Mobile Device Management (MDM) platform like the one Electric uses, every company must create, maintain, and renew an Apple Push Notification Service (APNS) certificate. This certificate is a required Apple dependency and is not optional for any MDM solution.

To begin, companies must first create an Apple ID that they then use to log into the Apple Push Certificate Portal—the secure, web-based portal where administrators create, manage, and renew Apple Push Notification service (APNs) certificates. During device management configuration with Electric, this certificate will be used to establish a trusted connection between the Electric device management server and Apple's services.

Important: this certificate requires annual renewal for continued device management.

Creating & Managing your Apple ID:

If your company uses Apple products, you will need a company Apple ID in order to set up device management with Electric.

To avoid issues, we recommend:

  • Using an IT-owned Apple ID (not a personal email) with credentials shared amongst your Electric Admins

  • Documenting which Apple ID owns the certificate

  • Setting calendar reminders to renew the certificate well before expiration

  • Renewing the certificate before it expires (not after)

Renewal does not impact devices as long as it’s done on time.

Note: Your general employees will not need this Apple ID to enroll their devices onto their devices.

How Do I Create This Apple ID?

  • To create this Apple ID, visit appleid.apple.com/account and click "Create Your Apple ID".

  • To avoid utilizing additional Google/Microsoft licenses, we recommend that you create an email group or alias, and configure the group/alias to be eligible to receive external emails.

  • A generic company email address should be identified or created and used as the Apple ID

    • Examples of an email to use:

      • admin@domain.com

      • hr@domain.com

      • operations@domain.com

  • You will need to enable 2-factor authentication during set up. If you don’t use a shared email and device, it will be impossible to access your account if the owner of the associated authentication email and device leaves your organization

Once the Apple ID is created, navigate to your Settings in Electric here and follow the instructions to configure device management!

FAQs:

  1. I only have Windows devices at my organization. Do I still need to set up an Apple ID to configure my MDM instance?

    1. No. You will only need an Apple ID if you plan on using MDM on Apple devices.

  2. What is the difference between an Apple ID & an Apple Business Manager (ABM) account?

    1. Anyone can create an Apple ID, but an ABM account can only be set up by a business that has signed up for Apple Business Manager (ABM).

  3. If I already have an Apple Business Manager account should I use the email associated with the administrator of that account?

    1. If the email you used to create your ABM account meets the criteria outlined above, you can use it to configure your MDM. The key is to make sure it is not tied to one person or likely to be deleted during offboarding.

  4. Do I need to create an Apple Business Manager (ABM) account to configure my MDM?

    1. No, we only recommend creating an ABM account if you plan on purchasing Apple products through the Electric Hardware Store and take advantage of Apple zero-touch provisioning.

  5. Can I use any Apple ID to configure my MDM instance?

    1. Technically, yes. However, it is recommended you use one with an email and MFA device that multiple users at your organization can access to ensure you maintain access through staffing changes.

  6. Where should I go if I have questions about setting up an Apple ID to use while configuring my MDM?

    1. Electric’s Support team (support@electric.ai) can help answer your questions and point you toward the best resources.

Receive external mail for Google Workspace Groups

Step 1: For Google Workspace Administrators (Organization-Wide Setting)

  1. Sign in to your Google Admin console.

  2. Navigate to Menu > Apps > Google Workspace > Groups for Business.

  3. Click on Sharing settings.

  4. Check the box for "Group owners can allow incoming email from outside the organization".

  5. Click Save

Step 2: For the Group Owner (Specific Group Setting)

  1. Sign in to Google Groups.

  2. Click the name of the group you want to configure.

  3. Go to the General settings.

  4. Under "Who can post," select "Anyone on the web" or "Anyone in my organization" (depending on your needs).

  5. Click Save changes

Note: If users still don't receive notifications after these steps, ensure there aren't other restrictive settings in the Admin Console (like Restrict delivery) blocking external messages or that the notification source isn't being blocked by spam filters. 

Receive external mail for Microsoft 365 Groups & Distribution Lists

Only a Microsoft Admin can take this action.

  1. Sign in to the Microsoft 365 Admin Center or the Exchange Admin Center (EAC).

  2. Navigate to Groups > Active groups (in Admin Center) or Recipients > Groups (in EAC) and select the group you want to modify.

  3. Open the group's details pane and go to the Settings tab.

  4. Find and check the box for "Allow external senders to email this group" or similar wording like "Let people outside the organization send email to this group".

  5. Save your changes.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close