Sometimes device users might try to unenroll their device from mobile device management by removing the device management profile or the Miradore Online Client from their device.
There is no consistent way to prevent the unenrollment on all device platforms, but below it is explained what measures can be taken on different device platforms to prevent users from removing their devices from mobile device management.
Android
The Miradore Online Client can only be removed from an Android device after disabling it’s Device administrator rights. Therefore, the removal of the Miradore Online Client can be effectively prevented by denying the users from removing the device administrator rights from the Miradore Online Client.
You can do this for Samsung SAFE/KNOX enabled Android devices by using a configuration profile (Android > Restrictions > Administration > Device administration removal = Denied).
For more information, see Restrictions for Android.
Unfortunately, standard Android devices don’t support this particular configuration profile.
iOS
The only way to prevent device users from unenrolling Apple iOS devices is to enroll the devices the devices to Miradore Online through Apple DEP (Device Enrollment Program). On the DEP enrollment profile settings, there is a setting Allow MDM profile removal, which determines whether the device users are allowed to unenroll their devices or not. Make sure that this option is unchecked if you want to prevent the unenrollment of devices.
Windows Phone
You can prevent the unenrollment of Windows Phone devices with a configuration profile that denies the manual unenrollment. Create a configuration profile like this and deploy it to the Windows Phone devices. After that, device users cannot remove the management profile from their devices. If needed, administrators can perform the unenrollment by sending the unenrollment command to the device with Miradore Online, or by running a factory reset for the device.
Get notified when user unenrolls a device
You can configure Miradore Online to notify you if a device user removes his or her device from the mobile device management. You can enable the notifications from Notification settings under My settings in Miradore Online. For more information, see About notifications and alerts.
