alt Hacker NewsThe domain lock process was an absolute fiasco at our company. I think this could work if you did this at the time your company launched, but the moment you have employees who have Apple IDs tied to their work email that aren't from the Business Essentials system you are stuck in an impossible-to-mange place.
There are several cheap MDM solutions for Apple devices that I would rather pay for than be dependent on this. (We've used SimpleMDM and love them.)
I'm currently in that hellish process too... I don't know how to get out of it. Did you know that your employees will be forbidden from downloading from the App store once you launched that migration? It's a nightmare