Help

Moving computers to unmanaged state

mconners
Valued Contributor

Posted on ‎08-09-2017 12:55 PM

Hi Folks,

I have seen a multitude of ways to get a Mac to an unmanaged state. I am looking for the best practice.

When we refresh a Mac, I still want to keep a record that the computer was managed but is now unmanaged until it has been shipped out of the college for recycling.

While I can “uncheck” the manage checkbox in the computer inventory record, is there a way to do this en masse? I am attempting to create a process where we change the name of a computer(s) and when a smart group sees the name (Retired), the computer’s firmware password is removed, the computer is taken out of AD and ultimately, the computer is moved to unmanaged.

Is there an easy way to do this via policy or via a command/script?

Thank you...

Labels:
0 Kudos
4 REPLIES 4

Sichas
Contributor

Posted on ‎08-09-2017 01:03 PM

If you can pull all of your devices into an Advanced Search somehow, you can do a mass action by clicking the blue Action -> button at the bottom. There you can edit the management account information. Just remove all of the details and the machines will flip to an unmanaged state in the JSS.

0 Kudos

mconners
Valued Contributor

Posted on ‎08-09-2017 01:07 PM

Thank you @iMatthewCM I appreciate the quick reply. I was hoping we could issue a command, kind of like sudo jamf manage would enforce the management framework, but the opposite direction. The goal for me would be to trigger this off of the name.

For instance, once the computer is backed up, then we can rename it to Retired and the other stuff would automatically happen. Thanks again...

0 Kudos

Asnyder
Contributor III

Posted on ‎08-09-2017 02:27 PM

@mconners sudo jamf removemdmprofile will remove management but leave the jamf binary. sudo jamd removeframework will remove everything

0 Kudos

mconners
Valued Contributor

Posted on ‎08-09-2017 02:33 PM

Thanks @Asnyder I also found another way...while it isn't automated, it will work. When we get a batch of refresh done, we rename the computers either using the MUT tool or manually in the JSS. Once the computers have been re-named to let's say, Retired, we can take action as @iMatthewCM mentioned and edit management account information and leaving everything blank. This essentially changes the computer to an unmanaged state as @iMatthewCM mentioned.

This will work well for us. We at least have more control over the process and at the same time, we can keep the records of the systems being retired.