Hi all, I am not extremely well versed in the Apple ecosystem, but recently I was able to acquire a 2018 MacBook Pro from my company’s surplus and wanted to play around with it. However, when I go to do a recovery on it, it forces me to connect to the company’s device management and installs a bunch of junk I don’t want. I spoke to our IT, and they said they won’t remove it from the device management pool until it is out of their warranty period which evidently is still a year or so.
My question is, if I were to be able to install from USB instead of from the internet, would it allow me to bypass the device management, or will it still prompt once I’ve got everything installed and connected?
If I CAN install from USB, how would I go about getting a Ventura install image without another Mac to download from? I currently only have Windows systems otherwise.
Essentially I am trying to see if it is possible to use it without the device management stuff, because if not I am just going to return it to our surplus.
Thanks!
Installing from USB is trivial. Apple provides a bunch of reliable tools to do that. It’s rarely done, because USB install is pretty slow compared to other install options, but the option is there. Essentially the regular MacOS installer from Apple comes with a bundled script to create a USB install disk.
Bypassing MDM, however, is another matter entirely.
MDM is a firmware feature, not a software feature, and exactly how it works has changed significantly in the last several years. Honestly I don’t remember how it works on the 2018 model years - but I would expect it’s either impossible to bypass or there are going to be very strict restrictions.
You’re probably better off just accepting whatever “junk” they install. Or alternatively, offer to buy it off them. If it’s surplus, then surely they’re willing to sell it cheap? I doubt they’re going to find anyone else willing to buy it. Once you own it, you won’t have to deal with the MDM at all.
Sadly they only have two things they do with surplus here, either let you take it for free (but still keep track of it in inventory and you have to return it if you ever leave the company), or send them out for destruction. They don’t sell anything as far as I know.
I plan on trying a few more things but I have a feeling in the end it’s just not going to be useful and I’ll end up taking it back to surplus. Maybe I can find an older model that is usable that does not have the MDM.
If it’s running macOS Ventura and was previously enrolled into their MDM, every time you install the operating system (OSX Ventura), you will be prompted to connect to the internet which evidently means it will be enrolled into their MDM once again.
You can burn a MacOS Monterey image to a thumb drive, install it on the Mac, and when it asks you to select a network, you skip it, which bypasses the enrollment into the company’s MDM.
Burning MacOS on a thumb drive from Windows: Since Windows doesn’t have native APFS support, I assume you will need to first set up a MacOS virtual machine (others feel free to correct me, I never had done this due to access to a plethora of Macs I have) , passthrough a USB thumb drive to it, burn MacOS Monterey to it from within the virtual machine and then use it on your 2018 MBP.
This will require some trickery, and the solution itself is a bit hacky, but it’s managable.
