Announcement

Collapse
No announcement yet.

M1 MBA has MDM mgmt but is not locked - should I still try removing?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    M1 MBA has MDM mgmt but is not locked - should I still try removing?

    So, people like Stephen and others are working on IC and MDM on the M1 ...

    There's a recipe posted for dealing with MDM ...

    ------------Mazoot's RECIPE------------

    1. Hold ⌘-R to boot into Recovery --> Utilities --> Terminal, type:
    $ csrutil disable
    $ reboot

    2. Hold ⌘-R to boot into Recovery again:
    3. Enter Disk Utility, mount: Macintosh HD volume (if its not already)
    4. Exit Disk Utility & open Utilities --> Terminal and type:
    $ cd "/Volumes/Macintosh HD/System/Library"
    $ cd ../../etc
    $ echo "0.0.0.0 iprofiles.apple.com" >> hosts
    $ echo "0.0.0.0 mdmenrollment.apple.com" >> hosts
    $ echo "0.0.0.0 deviceenrollment.apple.com" >> hosts
    $ echo "0.0.0.0 gdmf.apple.com" >> hosts
    $ csrutil enable
    $ reboot

    Ensure you're not connected to the network (continue without internet).

    After booting normally, verify the status of DEP via Terminal:
    $ profiles status -type enrollment
    Enrolled via DEP: No
    MDM enrollment: No

    ------------end------------


    BUT, this computer was goofy for a while after I reinstalled the OS

    I'd enter the password and it'd turn translucent after accepting it without giving access to the OS ... then, after letting it sit for a week or so it logged in. Maybe it just needed to download the MDM software and as it's not locked, it didn't lock me out – but (I'm thinking) it CAN whenever it wants...?


    $ profiles status -type enrollment
    Enrolled via DEP: Yes
    MDM enrollment: Yes - (User Approved)
    MSM server: https://a.simplemdm.com/mdm




    Would you be trying to remove the MDM even if you had access..?
    What would your approach be?

    Thank you!
    Last edited by TrumanHW; 04-09-2022, 10:12 PM.

    #2
    Re: M1 MBA has MDM mgmt but is not locked - should I still try removing?

    Originally posted by TrumanHW View Post


    BUT, this computer was goofy for a while after I reinstalled the OS

    I'd enter the password and it'd turn translucent after accepting it without giving access to the OS ... then, after letting it sit for a week or so it logged in. Maybe it just needed to download the MDM software and as it's not locked, it didn't lock me out – but (I'm thinking) it CAN whenever it wants...?


    $ profiles status -type enrollment
    Enrolled via DEP: Yes
    MDM enrollment: Yes - (User Approved)
    MSM server: https://a.simplemdm.com/mdm




    Would you be trying to remove the MDM even if you had access..?
    What would your approach be?

    Thank you!
    Let me get you clearly; did you reinstall MacOS after modifying the hosts file or the enrollment status just changed on it's own?

    Comment


      #3
      Re: M1 MBA has MDM mgmt but is not locked - should I still try removing?

      Originally posted by curiositymaster View Post
      Let me get you clearly; did you reinstall MacOS after modifying the hosts file or the enrollment status just changed on it's own?

      I'm going to have access (physical) to the unit again shortly and I can look again to see what I did.

      I can't recall if this was necessary, but, my friend whom I sold it to was just uncomfortable with it having MDM in the System Preferences ultimately.

      I think I was asking (showing that recipe) as a general confirmation.
      I can't recall if I even did that for this one, as it's not locked or anything

      I'll reply far sooner this time. (deaths in the fam, etc over intervening months)

      Comment

      Working...
      X