Deleted Mac re-enrolls into jamf

paulsmithbud
New Contributor

I've deleted a mac 3 times and it re-enroll after a new installation every time. 

From the GUI I've removed MDM and deleted it. 

 

What could cause it to re-join and can I stop this from happening?

 

Thanks, 

 

7 REPLIES 7

Jaykrishna1
Contributor II

Re-enrollment of a Mac after deletion could be caused by several factors, including:

  1. Automated device management: If your Mac is enrolled in an MDM solution, it could be re-enrolling automatically upon activation.

  2. Configuration profile: A configuration profile installed on your Mac may be triggering the re-enrollment.

  3. Directory services: If your Mac is bound to a directory service such as Active Directory, the re-enrollment could be triggered by the settings stored in the directory.

To prevent re-enrollment, you can try the following:

  1. Disconnect from the network: Disconnect your Mac from the network to prevent it from re-enrolling automatically.

  2. Remove the configuration profile: Use the Configuration Profile Editor to remove the profile that could be causing the re-enrollment.

  3. Unbind from the directory service: If your Mac is bound to a directory service, unbind it to prevent the settings stored in the directory from triggering re-enrollment.

  4. Reinstall macOS: Reinstalling macOS can also help clear any settings or configurations that could be causing the re-enrollment.

jamf-42
Valued Contributor II

2. Configuration profile: A configuration profile installed on your Mac may be triggering the re-enrollment.

how would this work? if the Mac is deleted from Jamf it would need re-enrollment of some kind? By deleting the device it can no longer communicate with the jamf instance.. confused.. 🤔  

Not sure about 3 and 4 won't help if its in ABM / Pre-stage.. 

AJPinto
Honored Contributor III

This wouldn't work. Your hunch is right, the device is caught up in Automated Device Enrollment. To be honest Jays steps to attempt to prevent reenrollment are not "wrong", they just wont work with Automated Device Enrollment in place. As far as the Configuration Profiles and Directory Services stuff, that is unrelated or incorrect depending on which item he is mentioning. 

 

 

I have a gut feeling OP bought a Mac from a reseller that was not removed from DEP, or its a Stolen Mac based on the information provided. 

AJPinto
Honored Contributor III

If you are a Mac Admin the Mac needs to be released in Apple Business or School Manager.

If you are someone who bought a used Mac:

  • If you bought it from an individual, it was likely stolen and you need to try to get your money back. 
  • If you bought it from a reseller/recycler the company that disposed of the Mac did not release it, and this is something the reseller should check before selling the device. Return it and get your money back as this is the equivalent of activation lock and you will never get Automated Device Enrollment.

junjishimazaki
Valued Contributor

You indicated you deleted the Mac record in Jamf. How about the profiles that exist on the mac? Also, you stated that "after a new installation" it re-enrolls. Can you please expand what you mean by that? Are you factory resetting the mac and go through the setup process?

MrChris
New Contributor III

It would seem that the unit wasn't removed from ABM/ASM and is thusly auto populating back into your JSS - where your pre-stage enrollment policies are taking over.  

If you visit your prestage enrollment groups and 'uncheck' the unit and save - then complete an erase/install to it - it shouldn't 're-enroll', so to speak.  It'll still be listed in the JSS and MDM - but it won't pull updates/changes/policy/etc.

piotrr
Contributor III

Sign in to Apple Business Manager with your management AppleID. 

Click Devices. 

Search for the serial number of this device. 

Click Release from Organization. 

piotrr_0-1675858917091.png