Description
We have discovered that after the latest update, some macOS devices were removed from the MDM system management. The issue is related to the introduction of the new Bootstrap Token feature that requires a new certification for macOS devices. Some of the devices couldn’t receive the certificate, and according to Apple's protocol, the MDM profile was removed, causing the management of these devices to lose.
This issue concerns only a limited amount of managed macOS devices. If your Macs are inactive on your MDM site and haven't been syncing after the 21st of March, it might be that it is not under the management anymore. To find out if this is the case, go to Mac's settings and check the status of the MDM profile.
If the profile is missing, follow the instruction in the next paragraph.
Solution
There are a few solutions to manage these Macs again with MDM.
- Factory reset the device (Erase all Content and Settings -action for the DEP, a.k.a ADE - Automated Device Enrollment, devices)
- Re-enroll the non-DEP device
- For both types of devices you can also download and install the MDM profile manually, which doesn't require the wipe for the device. Note that device users with admin privileges can remove the profile from the device.
To download the profile, go to your MDM site's Infrastructure diagram and hover over the iOS/macOS devices.
We apologize for any inconvenience caused. If you have questions about the issue, please reach out to our support team.