A while back I posted some issues we were having with distributing apps to our Bring Your Own iPad students. The tl;dr is our school would purchase a few apps using our volume discount and then distribute the redemption codes to families. They would redeem the code in the app store and the app would download and they could retain ownership and responsibility to keep it updated.
The migration to Apple School Manager has sunsetted the use of redemption codes and relies entirely on ASM and MDMs to manage devices and users. This presented a logistical problem for us since we want a no-touch policy on BYOD to enforce an air gap from any of our internal networks.
Apple has started up a new online education community that includes teacher education, the Apple Teacher and Coach programs, and also a new forum. This form is interesting because it's education-focussed which hopefully reduces the amount of useless help or rhetoric posted on more public or generic technical forums.
I posted my issue to the Deployment forum and was suggested to look at User Enrollment. The use of federated authentication would play well with our current sync of AD and Google. We do not provide students with their login until Grade 4 though which would make for interesting management in the younger years. I suppose we could provide a simple password for first login then reset all passwords, but this may interrupt app updates down the road.
The siloing of personal data away from corporate data is a great feature and is a hallmark of Apple's push for privacy. Having separate volumes emphasizes the separation of data and how ti cannot be accessed.
I've started testing it with a few user accounts and am hoping for good news for next September!
