Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945

Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!

Apple ID Error


I'm stumbling my way through getting our MDM all up and running, but I've made good process so far. Android is easy, Apple is a pain. Anyways, I've had mixed results with iOS. The issue I'm having now is whenever I try to push an app out, I will get a message on the iPhone saying the Apple ID cannot be used to make purchases. This is strange, as I have used this Apple ID before to download apps. I did reset the device and re-enrolled it before this message started appearing. I also noticed that I cannot remove the pre-installed apps when I hold onto them, which I could before I reset the device.

Does anyone have any ideas? We are enrolled in Apple Business, and I have created a couple of accounts in there to test out. I have other things I want to get working (Like home screen configurations and some other things), but this is more important. Any help is appreciated!


  • Oh, here's a screenshot of the message:

  • In reply to Andrew Kapsch:

    Hi Andrew,

    is the Apple ID in question maybe a Managed Apple ID?

    Or is there maybe something wrong with the configured payment methods?

    This error message does not come from Sophos Mobile and is completely triggered by iOS.

    Best regards

  • In reply to SDU:

    The Apple ID is a Managed Apple ID. That notification pops up after signing into the iPhone for the first time. In the App Store, the Get button for every app (Paid and Unpaid) is grayed out.

  • In reply to Andrew Kapsch:

    Hi Andrew,

    according to this Apple website Managed Apple IDs App Store purchasing seems to be disabled.

    To maintain a focus on education, these services are disabled for Managed Apple IDs: 

    • App Store purchasing
    • iTunes Store purchasing
    • HomeKit connected devices
    • Apple Pay
    • Find My iPhone
    • Find My Mac
    • Find My Friends
    • iCloud Mail
    • iCloud Keychain
    • FaceTime (this is off by default, but your institution can turn it on)
    • iMessage (this is off by default, but your institution can turn it on)

    Maybe this is the root cause of the issue?

    Best regards


  • In reply to SDU:

    Good morning Stefan,

    That might have something to do with it, but we aren't using Apple Education, we are using Apple Business. It seems like some of those features are on by default, but I turned them off in our Sophos MDM / DEP enrollment. I didn't see an option though for restricting app installations, so I'm not sure why it isn't allowing it.

  • In reply to Andrew Kapsch:

    Hi, is there anymore information on this?

  • In reply to Andrew Kapsch:

    Hello Andrew Kapsch,


    you can find a document here:


    But it looks like, you cant "buy" any Apps (free or paid) with a managed AppleID. You can use Apple VPP and buy apps.

    After this you need to configure the option "assign apps to device". 


    Now the user can go into the Sophos Mobile Control App -> Apps. If he press install, the server assign the app to the device.


    Best regards