Remove MDM from an iPhone 13
April 2, 2023 7:03 PM Subscribe
I am the (legal) owner of an iPhone 13. It was wiped before I obtained it. When I go to set it up, I get to a screen that asks for the Remote Management login from the company that owned it originally. I do not have access to the password although I do know the user name. I want to remove (not bypass) this MDM software. What is the best, (free?) way to do so without contacting the company whose MDM it is? (While contacting the company would be possible, trust me when I say that is the last resort.)
First, this would be the first iPhone I have owned and used. I am a long-time Android user. I have extensive Android experience including unlocking the bootloader, getting root access, flashing new ROMs, etc. So, I know nothing about an iPhone, but I am comfortable with addressing device software.
I have searched online for removing this MDM software. There are lots of "solutions". Most seem kind of shady and an effort to get you to pay them $39 (or some amount) to use their software that is one click supposedly. I don't trust the software to work nor do I trust to download it to my PC.
I have also found this thread on Reddit. This seems like the most promising method for me. Although I do not have an Apple computer, there is a method for a Windows 10 machine. The method requires downloading iBackupBot app for Windows. iBackupBot is made by VOWsoft. The latest version for download (at CNET) is 5.6.1 from February of 2019. The readme gives simple step by step instructions for an iPad.
My question(s) are:
-Has anyone used this method and has it worked?
-Is the iBackupBot software (from VOWsoft) safe?
-Can I assume that the instructions for an iPad will work for an iPhone?
-Will this delete/erase the MDM from the phone or will it just bypass it? Will I have to do this every time I erase or wipe the phone?
-Are there any other methods you know of and can recommend (Windows 10 or 11)?
- There are literally hundreds of YouTube videos on this. After watching about 10, I realized that most say free, but you need to pay to unlock the software. One I did find that seems almost on the up and up, was "Dr. Fone" software. Is this legit?
First, this would be the first iPhone I have owned and used. I am a long-time Android user. I have extensive Android experience including unlocking the bootloader, getting root access, flashing new ROMs, etc. So, I know nothing about an iPhone, but I am comfortable with addressing device software.
I have searched online for removing this MDM software. There are lots of "solutions". Most seem kind of shady and an effort to get you to pay them $39 (or some amount) to use their software that is one click supposedly. I don't trust the software to work nor do I trust to download it to my PC.
I have also found this thread on Reddit. This seems like the most promising method for me. Although I do not have an Apple computer, there is a method for a Windows 10 machine. The method requires downloading iBackupBot app for Windows. iBackupBot is made by VOWsoft. The latest version for download (at CNET) is 5.6.1 from February of 2019. The readme gives simple step by step instructions for an iPad.
My question(s) are:
-Has anyone used this method and has it worked?
-Is the iBackupBot software (from VOWsoft) safe?
-Can I assume that the instructions for an iPad will work for an iPhone?
-Will this delete/erase the MDM from the phone or will it just bypass it? Will I have to do this every time I erase or wipe the phone?
-Are there any other methods you know of and can recommend (Windows 10 or 11)?
- There are literally hundreds of YouTube videos on this. After watching about 10, I realized that most say free, but you need to pay to unlock the software. One I did find that seems almost on the up and up, was "Dr. Fone" software. Is this legit?
It's not exactly clear how it is that you're the "legal owner" of a phone that has been assigned to a company's MDM. Did you buy this phone used?
That notwithstanding, if the phone was assigned to a company's MDM via their Apple Business Manager account (and not simply via User Approved enrollment), you will not be able to remove the MDM from the device without having the company release that device from their Apple Business Manager account, as well as the MDM server that the device was assigned to.
This is the whole point of "supervised" automated device enrollment (ADE, also previously known as DEP). If the company purchased the device for business use, nobody can claim that device as their own, without that company releasing the ABM/MDM lock on that device. The device reaches out to Apple's servers at boot time to see if it's owned by an Apple Business Manager account, and as such, it's inextricably locked to that company's ABM account.
Sorry to say that if your device is actually an ABM enrolled device, there's not much you can do besides contact the company that owns it and request that they release it from their ABM account and remove the MDM supervision/profiles from the device.
posted by melorama at 7:45 PM on April 2, 2023 [6 favorites]
That notwithstanding, if the phone was assigned to a company's MDM via their Apple Business Manager account (and not simply via User Approved enrollment), you will not be able to remove the MDM from the device without having the company release that device from their Apple Business Manager account, as well as the MDM server that the device was assigned to.
This is the whole point of "supervised" automated device enrollment (ADE, also previously known as DEP). If the company purchased the device for business use, nobody can claim that device as their own, without that company releasing the ABM/MDM lock on that device. The device reaches out to Apple's servers at boot time to see if it's owned by an Apple Business Manager account, and as such, it's inextricably locked to that company's ABM account.
Sorry to say that if your device is actually an ABM enrolled device, there's not much you can do besides contact the company that owns it and request that they release it from their ABM account and remove the MDM supervision/profiles from the device.
posted by melorama at 7:45 PM on April 2, 2023 [6 favorites]
but just contact the company
I concur with the above comments. The entire Apple ethos about device reuse is “drive the value of presumably-stolen devices to zero as fast as possible” and you will not win that fight.
posted by mhoye at 8:20 PM on April 2, 2023 [3 favorites]
I concur with the above comments. The entire Apple ethos about device reuse is “drive the value of presumably-stolen devices to zero as fast as possible” and you will not win that fight.
posted by mhoye at 8:20 PM on April 2, 2023 [3 favorites]
Best answer: I do appreciate the answers so far. It is not what I asked, but I will take the unsolicited advice under strong consideration. Fwiw, I do own the phone. The company whose MDM is on there IS aware that I am in possession of the phone and they have accepted it. The circumstances under which I came to possess the phone are somewhat tragic, contentious, and private and I do not want to go into detail here. Hence, I simply stated that I am the owner. If I can do this without contacting the company, that is what I prefer as it will save me a lot of anguish and time. If I never accomplish this or I brick it, so be it. I am not that worried about it. If I end up contacting the company, I will deal with that too.
Also, this will not be my primary phone. I am not sure if I will ever use beyond restoring a specific backup that I want/need to see some of the data on that backup. I have the Apple ID and the password for that backup. I suppose I could borrow someone else's iPhone for a few days and restore the backup to that phone and then wipe it again and the owner can restore their own backup or I could buy one. I am not optimistic about finding someone to lend me their iPhone for a few days and them being ok with it being wiped. Maybe someone has an iPhone lying around they could lend me, but that is all about finding the right person and time. My point is that I am sure there are other solutions rather than the one I am asking about. For reasons, the one I am asking about is the best one for me right now.
As I stated, I am an Android user. This is not the place to debate Android v iOS, but if I legally possess an Android phone, it is relatively easy to do whatever I want with the software including flashing new software/OS. Having said that, I very much appreciate Apple taking steps to thwart thieves and/or malicious actors. It is my (mis?)understanding that the MDM software is to protect the company's data and data integrity. That I also appreciate.
My specific questions stand. If anyone can or is willing to answer, I would appreciate it. It is clear to me that there are solutions out there. Whether they work in the long run or even short run, I do not know.
posted by JohnnyGunn at 9:54 PM on April 2, 2023
Also, this will not be my primary phone. I am not sure if I will ever use beyond restoring a specific backup that I want/need to see some of the data on that backup. I have the Apple ID and the password for that backup. I suppose I could borrow someone else's iPhone for a few days and restore the backup to that phone and then wipe it again and the owner can restore their own backup or I could buy one. I am not optimistic about finding someone to lend me their iPhone for a few days and them being ok with it being wiped. Maybe someone has an iPhone lying around they could lend me, but that is all about finding the right person and time. My point is that I am sure there are other solutions rather than the one I am asking about. For reasons, the one I am asking about is the best one for me right now.
As I stated, I am an Android user. This is not the place to debate Android v iOS, but if I legally possess an Android phone, it is relatively easy to do whatever I want with the software including flashing new software/OS. Having said that, I very much appreciate Apple taking steps to thwart thieves and/or malicious actors. It is my (mis?)understanding that the MDM software is to protect the company's data and data integrity. That I also appreciate.
My specific questions stand. If anyone can or is willing to answer, I would appreciate it. It is clear to me that there are solutions out there. Whether they work in the long run or even short run, I do not know.
posted by JohnnyGunn at 9:54 PM on April 2, 2023
If what you really want is something from the backup - then you could buy a 2nd-hand phone of roughly the right model, restore it to that backup, get what you need, wipe it again & then re-sell. This specific MDMed device seems like it’s not essential to the process.
My apologies for answering a question other than the one that you asked.
posted by rd45 at 11:35 PM on April 2, 2023 [2 favorites]
My apologies for answering a question other than the one that you asked.
posted by rd45 at 11:35 PM on April 2, 2023 [2 favorites]
If you have actual paperwork that can prove that the ownership of the phone has been transferred to you, you might be able to make a case to Apple support to have them remove the ABM lock on the device.
But in all likelihood, unless the company or its IT staff no longer exists, they are almost certainly going to advise you to contact the company and just ask them to release the device from their ABM account, as it’s the easiest course of action. If they know and have accepted that you own the phone, it will literally take 15 seconds for one of their authorized IT staff to release the device from ABM.
I know this is not the “unsolicited” answer you’re looking for, but unfortunately it’s the actual truth. Apple has these measures in place for this very reason, and as someone who manages a remote Mac based workforce, and sometimes has to terminate a remote worker’s access to my company’s resources , I’m very glad that they do.
posted by melorama at 4:41 AM on April 3, 2023
But in all likelihood, unless the company or its IT staff no longer exists, they are almost certainly going to advise you to contact the company and just ask them to release the device from their ABM account, as it’s the easiest course of action. If they know and have accepted that you own the phone, it will literally take 15 seconds for one of their authorized IT staff to release the device from ABM.
I know this is not the “unsolicited” answer you’re looking for, but unfortunately it’s the actual truth. Apple has these measures in place for this very reason, and as someone who manages a remote Mac based workforce, and sometimes has to terminate a remote worker’s access to my company’s resources , I’m very glad that they do.
posted by melorama at 4:41 AM on April 3, 2023
If the important thing is using this particular iPhone, I’d suggest getting help from the jailbreak community. Jail breaking is less common and more complicated than it used to be, but that’s the general approach you may need to take to use this phone without involving the company.
If the goal is to recover something from a backup, that’s a different question. The solution will depend on where the backup is stored (in an iCloud account or on a local computer), and what kind of data you are looking to recover. For example, you may be able to recover photos or movies directly from the backup without actually restoring to an iPhone. On the other hand, if it is some application specific data, you may need to restore onto a device to run that app and get the data.
Good luck with this!
posted by Winnie the Proust at 6:00 AM on April 3, 2023
If the goal is to recover something from a backup, that’s a different question. The solution will depend on where the backup is stored (in an iCloud account or on a local computer), and what kind of data you are looking to recover. For example, you may be able to recover photos or movies directly from the backup without actually restoring to an iPhone. On the other hand, if it is some application specific data, you may need to restore onto a device to run that app and get the data.
Good luck with this!
posted by Winnie the Proust at 6:00 AM on April 3, 2023
It's not exactly clear how it is that you're the "legal owner" of a phone that has been assigned to a company's MDM.
The entity this is the most "not exactly clear how" to is the phone itself. The phone doesn't know you didn't steal it. And many hours of work over the last 15 years have gone into ensuring that a stolen phone (or "stolen" in your case) is as worthless as possible.
Not sure if AppleCare will go through with (or is even able to) removing the MDM profile if you can show proof of ownership via whatever paperwork you might have. I'd start here: https://getsupport.apple.com
but if I legally possess an Android phone, it is relatively easy to do whatever I want with the software including flashing new software/OS
Which is why you've heard/seen a lot of people in Congress and the general police community gnash their teeth over the fact it's not possible to get into the secrets of a potential "terrorists" iOS device, and with Android...not so much.
posted by Back At It Again At Krispy Kreme at 9:22 AM on April 3, 2023 [1 favorite]
The entity this is the most "not exactly clear how" to is the phone itself. The phone doesn't know you didn't steal it. And many hours of work over the last 15 years have gone into ensuring that a stolen phone (or "stolen" in your case) is as worthless as possible.
Not sure if AppleCare will go through with (or is even able to) removing the MDM profile if you can show proof of ownership via whatever paperwork you might have. I'd start here: https://getsupport.apple.com
but if I legally possess an Android phone, it is relatively easy to do whatever I want with the software including flashing new software/OS
Which is why you've heard/seen a lot of people in Congress and the general police community gnash their teeth over the fact it's not possible to get into the secrets of a potential "terrorists" iOS device, and with Android...not so much.
posted by Back At It Again At Krispy Kreme at 9:22 AM on April 3, 2023 [1 favorite]
This thread is closed to new comments.
Trust me when I say this, you do not want to use an Apple device without going the only proper way Apple will think the device is functioning and the ownership is proven — and that is de-listing the device by the company that listed it for their MDM.
Anything else and you might have a brick in your hands.
I am sure you know that’s not an easy path to take but most probably that’s the only path. Unless you want to try the “alternatives” and never wish to update the iOS on your phone or use any of the Apple services. I mean even without that it might become a problem if the phone connects to the Internet.
I know you were not looking for this answer — but just contact the company.
(There’s a reason thieves are not very happy to steal locked iPhones in my country now. The owner can just brick it remotely.)
posted by amar at 7:39 PM on April 2, 2023 [9 favorites]