Disable Device Enrollment Notification on Mac.md

Disable Device Enrollment Notification on Mac.md

Restart the Mac in Recovery Mode by holding Comment-R during restart

Open Terminal in the recovery screen and type

csrutil disable

Restart computer

Edit com.apple.ManagedClient.enroll.plist

In the terminal, type

sudo open /Applications/TextEdit.app /System/Library/LaunchDaemons/com.apple.ManagedClient.enroll.plist

change

<key>com.apple.ManagedClient.enroll</key>
        <true/>

to

<key>com.apple.ManagedClient.enroll</key>
        <false/>

Restart Computer again

So that the changes take effect

@luckydzp I read your script from your link https://github.com/luckydzp/skip-mdm/blob/main/README.md

A question - Does this script only work for Mac OS 12? It won't work for Mac os 13 Ventura? Thanks.

Disable annoying Remote Management Pop-Up after upgrading to macOS Sonoma (14)

Apple further added a new gate preventing people from using their DEP-enabled Macs without installing the profiles in macOS Sonoma. After upgrading from a fully-working Ventura copy (with MDM servers blocked in hosts) to macOS Sonoma DP 1, your Mac will want to give you a pop-up window every 10 mins reminding you to install a DEP profile. Did some experiments and I think Apple is secretly pinging their MDM servers no matter you have an active profile associated w/ SN or not. As long as the servers are not reachable they will annoy you with their new pop-up system.

The Workaround

(1) Disable SIP in 1 True Recovery

(2) sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord

sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound

sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled

sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

(3) you're all set. enjoy this boring upgrade

i already removed the whole mdm framework from Mac OS Ventura i have a MacBook pro m1 pro and i have no profiles or notifications. if i upgrade to Sonoma i will get the notifications back?

Is there any way I can install apps on my MacBook air m2? Can you teach me a workaround on this? If there's one. I'd appreciate it. I can't even install google chrome. Sent from my iPhoneOn Sep 27, 2023, at 4:09 PM, piterangel2022 ***@***.***> wrote:Re: sghiassy/Disable Device Enrollment Notification on ***@***.*** commented on this gist.Disable annoying Remote Management Pop-Up after upgrading to macOS Sonoma (14)Apple further added a new gate preventing people from using their DEP-enabled Macs without installing the profiles in macOS Sonoma. After upgrading from a fully-working Ventura copy (with MDM servers blocked in hosts) to macOS Sonoma DP 1, your Mac will want to give you a pop-up window every 10 mins reminding you to install a DEP profile. Did some experiments and I think Apple is secretly pinging their MDM servers no matter you have an active profile associated w/ SN or not. As long as the servers are not reachable they will annoy you with their new pop-up system.The Workaround(1) Disable SIP in 1 True Recovery(2) sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecordsudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFoundsudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalledsudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound(3) you're all set. enjoy this boring upgradei already removed the whore mdm framework from mac os Ventura i have a MacBook pro m1 pro. can i upgrade to Sonoma without getting any mdm notification , thanx in advance—Reply to this email directly, view it on GitHub or unsubscribe.You are receiving this email because you commented on the thread.Triage notifications on the go with GitHub Mobile for iOS or Android.                                                           

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade..
I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked
my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

I grabbed the sh script from the command "https://raw.githubusercontent.com/maclifevn/bypasmdm/main/mdm.sh"

This is the file

#!/bin/bash
RED='\033[0;31m'
GRN='\033[0;32m'
BLU='\033[0;34m'
NC='\033[0m'
echo ""
echo -e "Auto Tools for MacOS"
echo ""
PS3='Please enter your choice: '
options=("Bypass on Recovery" "Disable Notification (SIP)" "Disable Notification (Recovery)" "Check MDM Enrollment" "Thoát")
select opt in "${options[@]}"; do
	case $opt in
	"Bypass on Recovery")
		echo -e "${GRN}Bypass on Recovery"
		if [ -d "/Volumes/Macintosh HD - Data" ]; then
   			diskutil rename "Macintosh HD - Data" "Data"
		fi
		echo -e "${GRN}Tạo người dùng mới"
        echo -e "${BLU}Press Enter to move to the next step, if not filled in, it will automatically receive the default value" 
  		echo -e "Enter user name (Default: MAC)" 
		read realName 
  		realName="$ {realName:=MAC}" 
    	echo -e "${BLUE}Get username ${RED}WRITTEN UNACCLOSED ${GRN} (Default: MAC)" read 
      	username 
		username="${username:=MAC}" 
  		echo -e "${BLUE}Enter password (default: 1234)" 
    	read passw 
      	passw="${passw:=1234}"
		dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default' 
        echo -e "${GREEN}Đang tạo user"
  		# Create user
    	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
      	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	 	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
		mkdir "/Volumes/Data/Users/$username"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
	    dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
	    dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
		echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
        echo -e "${GREEN}Chặn host thành công${NC}"
		# echo "Remove config profile"
  	touch /Volumes/Data/private/var/db/.AppleSetupDone
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
		echo "----------------------"
		break
		;;
    "Disable Notification (SIP)")
    	echo -e "${RED}Please Insert Your Password To Proceed${NC}"
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
        break
        ;;
    "Disable Notification (Recovery)")
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

        break
        ;;
	"Check MDM Enrollment")
		echo ""
		echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
		echo ""
		echo -e "${RED}Please Insert Your Password To Proceed${NC}"
		echo ""
		sudo profiles show -type enrollment
		break
		;;
	"Quit")
		break
		;;
	*) echo "Invalid option $REPLY" ;;
	esac
done

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

I grabbed the sh script from the command "https://raw.githubusercontent.com/maclifevn/bypasmdm/main/mdm.sh"

This is the file

#!/bin/bash
RED='\033[0;31m'
GRN='\033[0;32m'
BLU='\033[0;34m'
NC='\033[0m'
echo ""
echo -e "Auto Tools for MacOS"
echo ""
PS3='Please enter your choice: '
options=("Bypass on Recovery" "Disable Notification (SIP)" "Disable Notification (Recovery)" "Check MDM Enrollment" "Thoát")
select opt in "${options[@]}"; do
	case $opt in
	"Bypass on Recovery")
		echo -e "${GRN}Bypass on Recovery"
		if [ -d "/Volumes/Macintosh HD - Data" ]; then
   			diskutil rename "Macintosh HD - Data" "Data"
		fi
		echo -e "${GRN}Tạo người dùng mới"
        echo -e "${BLU}Press Enter to move to the next step, if not filled in, it will automatically receive the default value" 
  		echo -e "Enter user name (Default: MAC)" 
		read realName 
  		realName="$ {realName:=MAC}" 
    	echo -e "${BLUE}Get username ${RED}WRITTEN UNACCLOSED ${GRN} (Default: MAC)" read 
      	username 
		username="${username:=MAC}" 
  		echo -e "${BLUE}Enter password (default: 1234)" 
    	read passw 
      	passw="${passw:=1234}"
		dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default' 
        echo -e "${GREEN}Đang tạo user"
  		# Create user
    	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
      	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	 	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
		mkdir "/Volumes/Data/Users/$username"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
	    dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
	    dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
		echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
        echo -e "${GREEN}Chặn host thành công${NC}"
		# echo "Remove config profile"
  	touch /Volumes/Data/private/var/db/.AppleSetupDone
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
		echo "----------------------"
		break
		;;
    "Disable Notification (SIP)")
    	echo -e "${RED}Please Insert Your Password To Proceed${NC}"
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
        break
        ;;
    "Disable Notification (Recovery)")
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

        break
        ;;
	"Check MDM Enrollment")
		echo ""
		echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
		echo ""
		echo -e "${RED}Please Insert Your Password To Proceed${NC}"
		echo ""
		sudo profiles show -type enrollment
		break
		;;
	"Quit")
		break
		;;
	*) echo "Invalid option $REPLY" ;;
	esac
done

I updated a Ventura machine to Sonoma and I'm getting the full screen enrollment message. I'm going to try this method (skipmdm.com) this evening and will post my results.

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away.
so i was wondering what exactly did the script do.

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

I grabbed the sh script from the command "https://raw.githubusercontent.com/maclifevn/bypasmdm/main/mdm.sh"

This is the file

#!/bin/bash
RED='\033[0;31m'
GRN='\033[0;32m'
BLU='\033[0;34m'
NC='\033[0m'
echo ""
echo -e "Auto Tools for MacOS"
echo ""
PS3='Please enter your choice: '
options=("Bypass on Recovery" "Disable Notification (SIP)" "Disable Notification (Recovery)" "Check MDM Enrollment" "Thoát")
select opt in "${options[@]}"; do
	case $opt in
	"Bypass on Recovery")
		echo -e "${GRN}Bypass on Recovery"
		if [ -d "/Volumes/Macintosh HD - Data" ]; then
   			diskutil rename "Macintosh HD - Data" "Data"
		fi
		echo -e "${GRN}Tạo người dùng mới"
        echo -e "${BLU}Press Enter to move to the next step, if not filled in, it will automatically receive the default value" 
  		echo -e "Enter user name (Default: MAC)" 
		read realName 
  		realName="$ {realName:=MAC}" 
    	echo -e "${BLUE}Get username ${RED}WRITTEN UNACCLOSED ${GRN} (Default: MAC)" read 
      	username 
		username="${username:=MAC}" 
  		echo -e "${BLUE}Enter password (default: 1234)" 
    	read passw 
      	passw="${passw:=1234}"
		dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default' 
        echo -e "${GREEN}Đang tạo user"
  		# Create user
    	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
      	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	 	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
		mkdir "/Volumes/Data/Users/$username"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
	    dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
	    dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
		echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
        echo -e "${GREEN}Chặn host thành công${NC}"
		# echo "Remove config profile"
  	touch /Volumes/Data/private/var/db/.AppleSetupDone
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
		echo "----------------------"
		break
		;;
    "Disable Notification (SIP)")
    	echo -e "${RED}Please Insert Your Password To Proceed${NC}"
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
        break
        ;;
    "Disable Notification (Recovery)")
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

        break
        ;;
	"Check MDM Enrollment")
		echo ""
		echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
		echo ""
		echo -e "${RED}Please Insert Your Password To Proceed${NC}"
		echo ""
		sudo profiles show -type enrollment
		break
		;;
	"Quit")
		break
		;;
	*) echo "Invalid option $REPLY" ;;
	esac
done

how to use this script .?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter.
there's no other username on my login screen.
but yea it created a default username; "Apple"

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter

So it created a 2nd account? Or after bypassing and logging in you still have only 1 admin account?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

I grabbed the sh script from the command "https://raw.githubusercontent.com/maclifevn/bypasmdm/main/mdm.sh"
This is the file

#!/bin/bash
RED='\033[0;31m'
GRN='\033[0;32m'
BLU='\033[0;34m'
NC='\033[0m'
echo ""
echo -e "Auto Tools for MacOS"
echo ""
PS3='Please enter your choice: '
options=("Bypass on Recovery" "Disable Notification (SIP)" "Disable Notification (Recovery)" "Check MDM Enrollment" "Thoát")
select opt in "${options[@]}"; do
	case $opt in
	"Bypass on Recovery")
		echo -e "${GRN}Bypass on Recovery"
		if [ -d "/Volumes/Macintosh HD - Data" ]; then
   			diskutil rename "Macintosh HD - Data" "Data"
		fi
		echo -e "${GRN}Tạo người dùng mới"
        echo -e "${BLU}Press Enter to move to the next step, if not filled in, it will automatically receive the default value" 
  		echo -e "Enter user name (Default: MAC)" 
		read realName 
  		realName="$ {realName:=MAC}" 
    	echo -e "${BLUE}Get username ${RED}WRITTEN UNACCLOSED ${GRN} (Default: MAC)" read 
      	username 
		username="${username:=MAC}" 
  		echo -e "${BLUE}Enter password (default: 1234)" 
    	read passw 
      	passw="${passw:=1234}"
		dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default' 
        echo -e "${GREEN}Đang tạo user"
  		# Create user
    	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
      	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	 	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
		mkdir "/Volumes/Data/Users/$username"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
	    dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
	    dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
		echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
        echo -e "${GREEN}Chặn host thành công${NC}"
		# echo "Remove config profile"
  	touch /Volumes/Data/private/var/db/.AppleSetupDone
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
		echo "----------------------"
		break
		;;
    "Disable Notification (SIP)")
    	echo -e "${RED}Please Insert Your Password To Proceed${NC}"
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
        sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
        sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
        break
        ;;
    "Disable Notification (Recovery)")
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

        break
        ;;
	"Check MDM Enrollment")
		echo ""
		echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
		echo ""
		echo -e "${RED}Please Insert Your Password To Proceed${NC}"
		echo ""
		sudo profiles show -type enrollment
		break
		;;
	"Quit")
		break
		;;
	*) echo "Invalid option $REPLY" ;;
	esac
done

how to use this script .?

https://github.com/maclifevn/bypasmdm

This is the actual GitHub link I got it from

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter. there's no other username on my login screen. but yea it created a default username; "Apple"

how about who already have an admin user?> > > > > >

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter. there's no other username on my login screen. but yea it created a default username; "Apple"

how about who already have an admin user?

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter

So it created a 2nd account? Or after bypassing and logging in you still have only 1 admin account?

Yes, it created a 2nd account (a standard user account called "Apple"). I still have my admin account i created

I upgraded to Sonoma (i had used the bypass on ventura, with the pop ups on the side) and got the full screen popup after the upgrade.. I used the skipmdm.com from this youtube linkhttps://youtu.be/khlALitW0zI?si=ZGz2gk356IhFjmM3 and it worked my question is what did this do exactly and is it safe? did i just give someone backdoor access to my macbook?

your upgrade from ventura to sonoma or you install a clean version, and you still got the full screen pop up or not ?

I upgraded from Ventura to Sonoma

and still have the popup full screen now or not?

I had the popup after the upgrade. then i ran the script from skipmdm.com and it went away. so i was wondering what exactly did the script do.

Did it create a new log in account?

I left it blank when it asked to enter username, i just hit enter

So it created a 2nd account? Or after bypassing and logging in you still have only 1 admin account?

Yes, it created a 2nd account (a standard user account called "Apple"). I still have my admin account i created

If you delete the standard Apple account it created, the enrollment window does not reappear? I’m curious because I have a machine at home I would like to try this on.

# Create user
    	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
      	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	 	dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
		mkdir "/Volumes/Data/Users/$username"
	    dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
	    dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
	    dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
		echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
		echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
        echo -e "${GREEN}Chặn host thành công${NC}"
		# echo "Remove config profile"
  	touch /Volumes/Data/private/var/db/.AppleSetupDone
        rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
	rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
	touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
		echo "----------------------"
		break
		;;

It looks like 1 of 2 things:

1. They had to create an admin account in order to edit the hosts file
2. They had to create an admin account automatically so the script can run the commands to edit the hosts file and modify the config files.

I don't think the enrollment window will reappear because the modifications are on the system files, not a specific user file.

If you already have an admin user, you can choose to modify the script to change the file and have it point towards your admin user (I don't recommend)
Or leave it alone because I don't think having another admin user will affect it.

Disclaimer: I'm just someone reading the script. I have not tested it (planning on it) nor am I the owner or contributor.

So after you disable SIP and make the changes, can you re-enable it again?

Additionally, do you know if we need to keep disabling it on every update? E.g. if i disable it on Monterey, do I need to re-disable it on Sonoma?

Hi everyone,

I'm new here and having this problem after updating to sonoma. I can do the csrutil disable, that works.
But after rebooting in safe mode (m2 macbook) commands as 'sudo' and 'open' do not work, 'command not found'.
Terminal starts with '-bash-3.2#', so I guess I'm already root?
I'm probably doing something wrong, do you have any suggestions for me?
Thanks a lot!!

one of my users had to disable sip. his volume was encrypted, so we rebooted normally, and killed his internet right after it checked for internet. and he was able to run
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
and add the block addressses.

hello, i also got the same issue w/ an mdm locked mac os sonoma unit, i want to request links/steps to fix the said issue. I also fresh reinstalled the unit w/ mac os sonoma from ventura but mdm locked popped and cannot go forward with it. Thank you

hello, i also got the same issue w/ an mdm locked mac os sonoma unit, i want to request links/steps to fix the said issue. I also fresh reinstalled the unit w/ mac os sonoma from ventura but mdm locked popped and cannot go forward with it. Thank you

Watch the video.
https://www.youtube.com/watch?v=khlALitW0zI

Use skipmdm.com. There are instructions on the site. It will create an account and run a script to block the appropriate IP addresses and bypass the enrollment page. At the desktop delete the Apple user account created by the script.

Hello everyone,

I hope this message finds, I bought a MacBook i9 few months ago via Facebook market, all seems working well during the last couple of months. Yesterday I did update from Ventura to Sonoma and suddenly MDM appears I tried to restart by recovery mode there’s password which I don’t know. Please can anyone might help

Hello everyone,

I hope this message finds, I bought a MacBook i9 few months ago via Facebook market, all seems working well during the last couple of months. Yesterday I did update from Ventura to Sonoma and suddenly MDM appears I tried to restart by recovery mode there’s password which I don’t know. Please can anyone might help

Looks like the person who sold it to you had an asset from Meta that they never returned. This is a corporate asset. You should probably reach out back to them if they didn't inform you of that tidbit.

When you see the enrollment prompt did you connect to wifi try without but like @dawonderboy said this is a compromised likely stolen laptop.

…

On Thu, Sep 28, 2023 at 18:18 dawonderboy ***@***.***> wrote: ***@***.**** commented on this gist. ------------------------------ Hello everyone, I hope this message finds, I bought a MacBook i9 few months ago via Facebook market, all seems working well during the last couple of months. Yesterday I did update from Ventura to Sonoma and suddenly MDM appears I tried to restart by recovery mode there’s password which I don’t know. Please can anyone might help [image: IMG_7923] <https://user-images.githubusercontent.com/2879912/271434012-dca9ea0c-a3f4-4f7d-ae38-bfa20aec7700.jpeg> [image: IMG_7906] <https://user-images.githubusercontent.com/2879912/271434022-d30b847a-0502-4eee-a454-ec9a2c7e37c5.jpeg> Looks like the person who sold it to you had an asset from Meta that they never returned. This is a corporate asset. You should probably reach out back to them if they didn't inform you of that tidbit. — Reply to this email directly, view it on GitHub <https://gist.github.com/sghiassy/a3927405cf4ffe81242f4ecb01c382ac#gistcomment-4707804> or unsubscribe <https://github.com/notifications/unsubscribe-auth/AE2UCCSRMIEZG3FH4LANLUDX4YAVNBFKMF2HI4TJMJ2XIZLTSKBKK5TBNR2WLJDHNFZXJJDOMFWWLK3UNBZGKYLEL52HS4DFQKSXMYLMOVS2I5DSOVS2I3TBNVS3W5DIOJSWCZC7OBQXE5DJMNUXAYLOORPWCY3UNF3GS5DZVRZXKYTKMVRXIX3UPFYGLK2HNFZXIQ3PNVWWK3TUUZ2G64DJMNZZDAVEOR4XAZNEM5UXG5FFOZQWY5LFVA4DCMZXGMYTQMVHORZGSZ3HMVZKMY3SMVQXIZI> . You are receiving this email because you commented on the thread. Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub> .

hello, i also got the same issue w/ an mdm locked mac os sonoma unit, i want to request links/steps to fix the said issue. I also fresh reinstalled the unit w/ mac os sonoma from ventura but mdm locked popped and cannot go forward with it. Thank you

Watch the video. https://www.youtube.com/watch?v=khlALitW0zI

Use skipmdm.com. There are instructions on the site. It will create an account and run a script to block the appropriate IP addresses and bypass the enrollment page. At the desktop delete the Apple user account created by the script.

Thank you so much, that worked!!!

Hello everyone,
I hope this message finds, I bought a MacBook i9 few months ago via Facebook market, all seems working well during the last couple of months. Yesterday I did update from Ventura to Sonoma and suddenly MDM appears I tried to restart by recovery mode there’s password which I don’t know. Please can anyone might help

Looks like the person who sold it to you had an asset from Meta that they never returned. This is a corporate asset. You should probably reach out back to them if they didn't inform you of that tidbit.

Do you have iCloud logged in on that machine? Log into iCloud and iCloud lock that device. It will generate an unlock code number. I was told the iCloud lock unlock code will overwrite an existing firmware password.