So I just received a report that one of our managed iPads has been stolen, it was last seen online by my JSS and Prey on 18th April which doesn't bode terribly well, it may already have been discarded once they realised they couldn't use or reset it.

The device is managed/supervised with passcode and activation lock enabled to an icloud account I manage so it's no use to anyone else but we'd like gather enough evidence to recover it if possible. I've flagged it in FMI to notify when found and marked in Prey as missing but unless it connects to the internet that won't do much.

I'm contemplating pushing a heavy restriction profile to it stripping access to apps and user data, clearing the passcode then requiring a new one to be set in the hope that whoever's got it will then connect to a network so Prey can start reporting. I've tested this before and it seems quite effective but am a bit tentative about doing it to an actual stolen device. There's a current restriction profile which prevents uninstallation of apps or device reset so even if the new restriction profile didn't take they can't remove Prey, I guess I run the risk that they may use the time between passcode clear and new passcode requirement to reset it in iTunes (if they were to do this would the activation lock still show location in FMI if they attempted to activate it?).

Has anyone had any success getting an iPad back online like this or have any other suggestions which may help?