Skip to main content

Has anyone been this stuck with a locked computer?



I locked a computer remotely using JSS and creating the 6 digit code. The computer successfully locked, the student then tried to guess what the code is and got it wrong. He then brought it to me with the screen displaying "Your computer is disabled. Try again in 60 minutes" Once that time runs out it just shows "Wrong passcode. Try Again" without ever giving me the option to enter a code. I have tried booting into recovery mode and doing an internet recovery. Both times it just boots to the same screen. I took it to the Apple store and they claimed they have never seen this screen before and could not help. I then spoke with my Casper rep. They had me do a PRAM reset and a SMC reset, both times it booted to the same screen. She then told me to call Apple Support and they had me try everything listed above again. Apple Care sent this issue to the engineers and I am waiting for a response.



I am looking for any suggestions to get this fixed.

The lock screen is implemented in the EFI firmware of the Mac. Wiping the drive is not going to unlock it from what I understand... it needs to be unlocked by Apple, if it can't be done through the JSS.

Just heard back from Apple:



They said that their is no coming back from this lock. It is a security feature that is made so if a thief enters the wrong code multiple times it turns into a paper weight. Since the computer can not tell if it has been returned to the rightful owner it just stays in this loop. Thanks for all of your input and help.



On a personal note I can't believe that Apple can't reset this lock screen when person can show proof that they rightfully own the computer.

I suspected it was something along those lines, although I agree with you that there really should be some way to get out of it if the device is wiped. I can understand them not being able to bypass it when in the normal lock mode, but once its been reformatted, it would be sensible to allow it to be used again by the rightful owner.
Although, given some of the stuff in the news recently about locked iPhones and such, it doesn't really surprise me they designed it this way. In fact, I think this will only get more impossible to bypass as time goes on.

That's horrible news. I can understand the reasoning in deterring thieves, but if you can prove you purchased the device, what's the problem with wiping it and returning it into a useful state? The data is gone at that point anyways. Imagine the repercussions if say an automobile company did something like that? Sorry, you attempted to turn the car on incorrectly too many times. That wouldn't fly in that situation so why would it be OK for a computer? If they can't unlock it then at least provide a replacement device of the same model.

@lpadmin so is Apple saying once it's been locked like this they are unable to remove the lock and return the computer to working order if the person in possession of the computer can prove they are the owner? If they are saying the computer is permanently bricked that would be a horrible. I've had a user forget a EFI firmware password before and I was able to get Apple to unlock the computer once we proved we owned it. I'm not sure why Apple wouldn't be able to do something similar in this case.

@lpadmin I would suggest taking it back to the Apple Store and talking to a different employee. If they stick to the same story then try a different Apple Store. I've had more than a dozen devices with this issue and it's never been a problem getting them unlocked.

@lpadmin I have good news for you. You absolutely can get this resolved by contacting GSX. We had a similar issue, after calling AppleCare Education, I got a rep that used to work in GSX. He instructed me to open GSX chat and ask for assistance unlocking an unknown firmware password. Don't say anything about a code from Casper. Just say you have a laptop with an unknown firmware password.



Once they have confirmed you own the device (you simply say, Yes, I own the device) they will walk you through the steps to obtain the computer specific code. Once you get this code, you send it to GSX. They then will configure a binary boot file and send it along with instructions on how to copy it to a bootable flash drive.



The flash drive erases the firmware password, which enables you to reset the PRAM. Once you do that, the code should be gone.

Still worth trying again, but the key combination to generate the unlock code (Cmd, Alt, Ctrl, Shift + S) didn't work earlier which is needed to generate the unlock file.

Just wanted to give an update to this as we just had it happen. You can get ahold of GSX support and they will be able to unlock it while retaining the users data as @jgrubbs stated.

I believe Apple Stores have resources to reverse these issues but Apple Care over the phone do not. At least years ago when I worked as a Genius, we could unlock EFI and iCloud locks if we needed to, but it was a lengthy process to do so.



Apple Care over the phone is really Tier 1.5 in most cases from my experience, where the stores are hit and miss with a larger wealth of resources at their disposal.

Yesterday I had the issue of picking up a MacBook that our Asset Management team locked. It's now to be re-imaged and deployed to a new hire. When I got the machine to my desk I plugged it in and started it up only to find I couldn't enter the 6 digit code our AM team set. Also when trying to boot to my Casper drive it was asking for a firmware password (set to the same thing as the lock code). The lock code screen would not let me enter anything using the built in laptop keyboard or either of the two external Mac keyboards I tried to plug in. No numbers/letters would enter and the cursor wouldn't advance. Nothing I tried worked BUT I found that the six digit code WOULD work on the firmware lock screen. So I booted to my Casper drive and unlocked the internal SSD when prompted. I then did the following:



1) Imaged the machine but chose not to boot into the target drive after imaging.
2) Shut the machine down and started it up holding OPTION. Choose the newly laid down recovery partition (which it ignored).
3) Instead of booting into the recovery partition it came up with jamfhelpers Casper Imaging screen, you all know the one.



After that I have been able to boot, shut down, start up and login then reboot many times and it seems to the lock screen is gone.



Hope this may help someone that finds this post in the future and doesn't have a GSX account.

https://orvtech.com/atacar-efi-pin-macbook-pro-en.html



It doesn't surprise me that Apple chose to do this, and yeah, I agree that's nuts.

This worked for me! Your results may vary...




  1. I waited until the disabled device countdown timer expired and I got the screen saying "wrong passcode try again" (no way to enter the code still)


  2. I sent the "Lock Computer" command using the same original 6 digit lockdown code that was previously used.


  3. When the computer restarted, the 6 boxes were back!. I put in the code and the computer restarted...


  4. The lock screen returned upon reboot with the 6 boxes. I put in the code again and the computer rebooted normally.




The reason for the 2 unlock screens was to satisfy each of the "Lock Computer" commands.



Del

@lpadmin I used to deal with a few thousand laptops and found this happening every time we locked a student. From what I was able to deduce is that it is indeed a firmware loop. If you have a firmware passcode on the EFI it will essentially brick the laptop/device. If you do a GSX chat and break the firmware with the provided BIN file from support you can recover the machine. Hope this helps anyone out there as I know the thread is a little old.

I used to work at the Apple Store as a genius and I can confirm it's definitely possible for them to unlock it for you. Just like @jgrubbs mentioned earlier, the will create a binary boot file that can be used to clear the firmware password.

I'm 3/3 on this issue...let the time run out. Re-send the lock code, eventually it will get the code. use the same code.

@Pacers31Colts18



Do you have a firmware passcode on there as well? I'm not having any luck with resending the code and getting the 6 boxes to reappear. I had to take one to the Apple Store last week for this same issue and am faced with a second one today.

@rusty.adams



Mixed bag...some of our deployments have a firmware password, some do not.

I am having the same issue here and I am totally a newbie to codes and commands May I know what is the advise of solving this issue? Need help desperately.

Here's how I got out of it:



1) Hold option and when you get the black screen with the lock, enter your 6-digit code.



2) Boot to a known good OS. You can either use netboot (If you have a server) or target disk another computer.



3) Open terminal and enter the following
- sudo /usr/sbin/firmwarepasswd -delete
- (type in the local admin password)



4) Restart the computer and hold down cmd, opt, p, r. Wait for 2 chimes.



This did the trick for me, let me know if you have any questions.

@eissey



This looks to have done the trick for me (don't want to run a test because its a 20 minute drive to the Apple Store if it doesn't work....). One of my netboot images wouldn't let me run the full finder to get to terminal, but fortunately, I had an older one that still worked.



Instead of the local admin password, I actually had to enter the known firmware passcode in terminal after entering that command, but I was then finally able to reset the pram and log in as normal.



Thanks!

Having tried a few of the options above to no avail I did manage to get it to work by doing the following:




  • We have a "MacBook return" image set up which is a basic MacOS install with the .AppleSetupDone file removed so I re-imaged from Casper Netboot using this option.

  • As it wouldn't boot from a recovery partition or External/Target disk, I again used our Casper Netboot option.

  • I opened a terminal session and ran /usr/sbin/firmwarepasswd -delete option.

  • Rebooted and performed a pRAM reset.

  • Ran the set-up assistant with simplified information.

  • Re-imaged in the usual way using our SOE image.

We were just able to boot to internet recovery (must be internet recovery, cmd-opt-R) and put in the code when it prompted.

Thanks for the tip @agetz! I was also able to solve this by booting into Internet Recovery.



Here are the steps I took:
- Restarted and held cmd - opt - R to boot into Internet Recovery (as @agetz stated, regular Recovery wouldn't work; it had to be Internet Recovery)
- This computer had a firmware password enabled, so I entered that
- I was prompted for the unlock code, and I entered that
- The computer restarted and asked for the unlock code again, which I entered
- The computer restarted again and booted normally



I'm really glad this worked because it was a lot easier than trying to get it resolved with Apple Support.

I have 2 macbooks in the same situation and have tried both regular and internet recovery. Both were not successful for returning control of the devices. Internet recovery would run through the steps but after the world loading screen, it would reboot back to the locked screen.



Anyone else have any luck with this? I am going to try to give apple a call to confirm if these devices are bricked. This is a terrible situation since these are returned to our school in this manner which we lose out on recovery. Why even have this feature if apple is just going to brick the device.

Terms & ConditionsCookie settings