Help

MacBook Devices Not recycled properly checking in via Pakistan

jmahabeer
New Contributor

Thursday

Hello All, 

 

We have a few devices that were recycled that are popping up in Pakistan as they were not removed from pre-stage they are checking back in. I am looking for the best solution as to what to do about this. My thought process is to keep the record and try to send lock/wipe commands while removing the device from pre-stage. If the device ever checks back in then it should be locked/wiped and removing it from pre-stage should stop it from checking back in. 

0 Kudos
Reply
6 REPLIES 6

MatthewGV
Contributor

Thursday

Yes, you could do that, but also you need to release the old devices in ABM.

0 Kudos
Reply

jmahabeer
New Contributor
In response to MatthewGV

Thursday

Will not releasing them from ABM cause the device record to generate in Jamf Pro again? I do want to release from ABM but I was thinking to wait for a little while to watch these machines to see if they ever do check in again/get wiped/locked.

0 Kudos
Reply

talkingmoose
Moderator
Moderator

Thursday

Did you yourself or someone in your organization wipe these devices prior to recycling them? If so, you're in no danger of anyone compromising your data. If you didn't wipe them, I suggest sending a wipe command immediately.

More importantly, contact your recycling company and discuss this issue with them. They may not be aboveboard with their practices.

There's really nothing else you can do about them. Wiping a computer doesn't prevent someone from configuring it for their own use later. Locking it will turn it into a brick, which buys you nothing more than satisfaction someone can't use it.

0 Kudos
Reply

jmahabeer
New Contributor
In response to talkingmoose

Thursday

Someone else in the organization wiped them a long time ago and did not uncheck them. The only problem is some of our configurations redeployed so licenses of services we use are back on the device for example our security softwares that should no longer be on the device. I will probably keep them and wait for awhile to see if they ever check in so that the wipe command runs. I removed them from pre-stage to stop our policies/configs from redeploying. Would it make sense to remove from ABM now? Or should I wait until we decided they are never going to check in again?

0 Kudos
Reply

talkingmoose
Moderator
Moderator

Thursday

You can send a wipe command to remove your apps and settings, but you'll never really know if it worked except if the computer re-enrolls itself.

Remove them from whatever PreStage enrollment has them scoped, and they can't re-enroll into Jamf Pro. Then send a wipe command. Wait a few minutes for things to go through and then you can delete them from Apple Business Manager.

I think that should take care of it.

0 Kudos
Reply

jtrant
Valued Contributor

yesterday

Enable authentication in your PreStage. It won't resolve the issue if your devices not being unassigned/released as part of your e-waste process, but it will stop random devices being enrolled.

You also need to look at your ABM unassign/release practices and the agreements in place with your e-waste provider.

0 Kudos
Reply