We recently laid off 14 people and were going to gift them their M1 Laptops after they were off-boarded. I issued Lock Computer commands from JAMF Pro to each machine and, to my surprise, found that only 3 of the 14 had actually locked out the user. Luckily, these folks were all friends of the company (sad) and they did not do anything malicious, but I was able to use my TeamViewer link to the machine to go in and ‘removeFramework’ and re-enroll. After that, I was able to wipe the machines normally.
Is there a way to get the rest of my machines back into compliance without removing the framework and re-enrolling them, one by one? Will a ‘renewDeviceCert’ work? Thanks.