Question

Broken MDM Profile - howto remove a prestage mdm enrollment?

Forum|Forum|1 year ago
April 21, 2024
5 replies
390 views

N

+1

N4pst3r

Hello, community

I have a faulty MDM configuration on one of our MacBooks.

The enrollment was performed via the following command: sudo profiles renew -type enrollment

The profiles have been created, but a message comes with:

Registration with the management server failed.

The update to an MDM profile contains different server URL.

We have never received this message so far, nothing had changed.

In the dashboard of Jamf pro, however, no management is possible for this device.

the profile seems to be broken. In the administration, the points MDM remove or similar are not available.

How can we remove MDM management via CLI and run the management again?

We have already tried the following without success, the message remains the same and no administration is possible:

Sudo jamf removeMDMProfile.

—

The profiles remained in place, a new enrollment resulted in the same error.

A reset of the MacBook is out of the question.

Greets

+12

rastogisagar123
Jamf Heroes
Forum|Forum|1 year ago
April 21, 2024

Looks like Mac Wipe. Have you tried this sudo jamf enroll -prompt -noPolicy

Sagar Rastogi

Like

+26

AJPinto
Legendary Contributor
Forum|Forum|1 year ago
April 22, 2024

MDM Profiles are protected by SIP. You cannot remove them in normal situations. It is possible to disable SIP and use some terminal magic to force remove MDM profiles, but you stand a very high chance of breaking macOS in doing this. Your only correct option is to reinstall macOS and ideally enrolling with Automated Device Enrollment.

MacOS can be reinstalled from Recovery, or by using DFU mode (if it's an Intel Mac it cannot have an EFI password as that cannot be removed by Apple Configurator).