As long as the device is assigned to Jamf from Apple Business (or School) Manager, and assigned to a PreStage enrollment, it will re-enroll when the end user completes setup assistant after it has been erased. Mac computers with macOS 12.0.1 or later and either an Apple T2 Security chip or an Apple Silicon processor, support Erase all Content and Settings.
If the computer has escrowed a bootstrap token with Jamf Pro, the Wipe Computer command will attempt to do an Erase all Content and Settings. If your re-enrollment settings are set to clear commands and policy history, everything should re-run when the device re-enrolls, as if it were a new computer.
Thank you for your previous response. I want to clarify my understanding of the re-enrollment process after removing the MDM profile from a device. If I understand correctly, I should not click "Wipe Computer" but instead choose "Remove MDM Profile." However, I'm unsure about the next steps. If I understand correctly, even after removing the MDM profile, the old account with data will still be present on the computer, so I need to wipe it afterward. Is this correct?
If I do need to wipe the computer, I don't think I need to remove it from the Jamf Pro computer list because I could just enable "Clear policy logs on computers" in the re-enrollment settings. Is this correct?
I appreciate your guidance on this matter. Thank you.
If the device is new enough to support Erase all Contents and Settings, that's the best way to redeploy it to a new user. The Wipe Computer command should do the trick.
Thanx, will test it and report back here.
There is nothing that can be done on the device to remove it from Apple Business Manager. So long as the device is assigned to your MDM instance the proper way to reprovision is simply to reinstall macOS however you deem fit. When macOS goes to activate Apple will redirect activation to your MDM, and the device will enroll in to management before the user can do anything.
Hi, as promised, I tested "Wipe Computer" and nothing else. The MacBook (M1) was erased and I was able to set it up again. It is still managed by Jamf Pro, and all profiles (if still in scope) were reapplied. So, it works as expected. Thank you very much, everybody!
As @jcarr mentioned, be sure to adjust the "re-enrollment setting" since it is disabled by default.
@AJPinto: Thank you for the additional information. This is good to know!
There is nothing that can be done on the device to remove it from Apple Business Manager. So long as the device is assigned to your MDM instance the proper way to reprovision is simply to reinstall macOS however you deem fit. When macOS goes to activate Apple will redirect activation to your MDM, and the device will enroll in to management before the user can do anything.
@AJPinto
I am curious about the process. I already erased the disk. Mac asks me to connect to the Internet to activate it. I assume Mac doesn’t have any Jamf or MDM data after I erased the disk. How could this Mac know it needs to re-install Jamf or MPM back?
@AJPinto
I am curious about the process. I already erased the disk. Mac asks me to connect to the Internet to activate it. I assume Mac doesn’t have any Jamf or MDM data after I erased the disk. How could this Mac know it needs to re-install Jamf or MPM back?
@joejoe if the device is configured for Automated Device Enrollment,it will re-enroll with your MDM during Setup Assistant after being erased.
