Help

This Mac is supervised and managed by ...

ukmercenary
New Contributor III

Posted on ‎01-20-2022 06:12 AM

So the first time around the MDM profiles didn't install correctly. Now when I try to manually delete the old profiles it won't let me because of the above error.  Even if I logon with local admin rights ...

 

I even tried to logon with local admin rights and run sudo /usr/bin/profiles remove -all

But it errors and says profiles: There are profiles installed that marked non-removable

I need to get this laptop built today can anyone help?

 

0 Kudos
Reply
3 REPLIES 3

ljcacioppo
Contributor III

Posted on ‎01-20-2022 07:28 AM

You are running into non-removable MDM. This article explains more of the challenges with non removable-MDM profiles: http://rachelviniar.com/non-removable-mdm/

If there is not really anything on the computer, it might be the best approach just to erase the computer and re-enroll it and making sure that your prestage enrollment does not have the MDM profile set to be non-removable if you want it to be able to be removed in the future

Reply

ukmercenary
New Contributor III

Posted on ‎01-20-2022 08:46 AM

I was able to fix it from the other threat on this board by doing this:

 

You can try this first:

sudo /usr/bin/profiles -D

If that does not work, try this:

  1. In Recovery mode, select Utilities-> Terminal from the menu bar.
  2. Type csrutil disable and reboot the Mac. This will disable System Integrity Protection (SIP).
  3. Once you have logged in to the Mac, open Terminal and run the following command:
    sudo /bin/rm -rf /var/db/ConfigurationProfiles/Store/*
    (This will remove all profiles)
  4. Exit Terminal & reboot the Mac.
  5. Once the Mac has rebooted open System Preferences-> Profiles.
    You should now be able to remove all of the profiles in the profiles utility. If the Profiles utility is missing, there are no profiles.
  6. Go back in to Recovery mode -> Terminal & type csrutil enable.  This will enable SIP again.

This is what worked for me on a few machines that had locked profiles from a previous MDM. After this I was able to enroll the machine in to JAMF without the need to wipe the machine.

Reply

JamesDiller
New Contributor
In response to ukmercenary

Posted on ‎04-26-2023 12:20 AM

Thank you for sharing the solution as well. I am also facing the same issue and I got irritated solving this issue. You made my day :)

Now, I will visit this website here to read an article on how to defrag a Mac and can keep my filesystem clean. I am using my Mac book for my office work and nowadays, it is working really slowly. That is why my friend recommends me to defrag it but I don't know how can I do it. That is why I want to know how to defrag the file and I found my answer over there.
0 Kudos
Reply
Back to Top