this post was submitted on 13 Oct 2024
18 points (90.9% liked)

Apple

17481 readers
139 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
 

I have two MacBooks that I acquired through two different startups. Both companies no longer exist and I was basically given the laptops. (They have just been sitting in my closet for a few years collecting dust, and it seems like a waste.)

Unfortunately, now that I want to use the laptops as part of a local k8s cluster (or even dedicated music production hardware), I am locked out of wiping the things because they want to connect to MDM servers that no longer exist or have admin passwords that have long since been forgotten.

Since these laptops are essentially "bricked" I have no problems opening them up and attempting hardware hacks to get around this stuff.

Both laptops are in various states of reset or wipe due to previous attempts to reset. (Funny thing, actually. I was personally responsible for locking down one of these laptops at the time they were in corporate use...)

Trash or treasure? I dunno. I am apple-dumb.

top 10 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 1 month ago

You need to contact whoever used to maintain the ABM and tell them they haven’t properly shut it down yet. Or if they can provide you the invoice for that serial number. Otherwise they are just bricks

[–] [email protected] 4 points 1 month ago

If you have an invoice or some sort of ownership document from the original company (or if the MDM is actually no longer active), you can try calling Apple Support. They have the ability to unlock the Macs. But don’t get your hopes up if you don’t have solid proof that you are the rightful owner.

[–] [email protected] 5 points 1 month ago (1 children)

I mostly fool around with older macs but if they're Intel, can't you just boot from a USB and then turn off system integrity protection and wipe the drive?

[–] [email protected] 4 points 1 month ago* (last edited 1 month ago)

If they’re properly locked down the option to boot another from another device or even the recovery drive will be locked behind a password. It’s like it’s been bios locked on a PC but rather than being stored with a battery it’s saved into the physical chip which would need to be removed and either replaced or reflashed.

[–] [email protected] 7 points 1 month ago (1 children)

....maybe?

It depends on Intel/Mx and what version of OS X was installed.

If you google 'mdm profile removal' you'll land on a LOT of options that may or may not work depending on how old these laptops are and what exactly was configured, how, and what options you have re. version of OS X installed.

[–] [email protected] 1 points 1 month ago (1 children)

One is a model "A1989" and another is "A2159", both of which are at least from 2018.

I believe I got them to a state where the recovery OS was re-installed? I am charging them now to get more information.

[–] [email protected] 8 points 1 month ago (1 children)

Cool, cool. I know there's some issues with Apple Silicon being somewhat uncooperative with removing MDM in a way that Intel ones aren't, so you don't need to deal with that at least?

I've used https://github.com/assafdori/bypass-mdm before and it DID work, but it's been a while.

Might be worth trying since it's stupidly straightforward and you're wiping and reinstalling stuff anyways.

[–] [email protected] 3 points 1 month ago (1 children)

Rock on, I'll give it a shot. Thanks!

From personal experience, these kinds of things are usually based on "security by obscurity" and is just a matter of pushing the right buttons in a specific order.

Unless hardware fuses are physically blown, there is usually a chance. While possible, I don't think any laptop manufacturer would implement that functionality without an expensive, special order contract.

[–] [email protected] 4 points 1 month ago (1 children)

Yeah, this feels more like keeping Debby from accounting from stealing her work laptop and thus making it useless for MOST people, while not making it a total unrecoverable brick, since they very much could if they wanted to.

[–] [email protected] 3 points 1 month ago

Eyyy! One mac down, one to go.

It was just a shame to have this spare compute just sitting around and am glad it has avoided the recycling bin for at least another 4-5 years. (I don't like throwing electronics away. I'll even harvest components off of old stuff before it gets tossed, usually.)