Ventura docs for M2 Macs in this comment: https://gist.github.com/henrik242/65d26a7deca30bdb9828e183809690bd?permalink_comment_id=4555340#gistcomment-4555340
Old Monterey docs in this old revision: https://gist.github.com/henrik242/65d26a7deca30bdb9828e183809690bd/32c410e3a1de73539c76fa13ea5486569c4e0c5d
Solution for Sonoma: https://gist.github.com/sghiassy/a3927405cf4ffe81242f4ecb01c382ac
In the spirit of helping others get through all of the great information provided here, I have consolidated the information that I can confirm will allow you to upgrade from Big Sur to Monterey from a machine that already went through the process of disabling DEP and MDM. That is this was an install over Big Sur to Monterey. I did this on a MacBook Pro 16 (2019) with T2 and so I used the steps outlined by mikecanvas (Nov 20, 2020) to change the setting in the Startup Security Utility settings.
Ok, you've successfully removed DEP and MDM from your Big Sur machine using the information in these threads and now want to install a MacOS update to Monterey. No one has posted a one-stop shop on how to do this, so here it is:
Re-edit your hosts file to remove the block on gdmf.apple.com (usually just need to put a # sign at the beginning of the line)
Go to Software update and begin the installation of Monterey. When the countdown begins for the first restart, turn off all wifi access. I just powered down my router.
When the machine reboots for the second time, boot into recovery mode.
Follow the steps 5-21 outlined by mikecanvas on Nov 20, 2020:
a. Click on Utilities (top menu bar) then select Terminal
b. type in: mount then click enter/return
A list of things will show up once you enter in (mount) in Terminal
Write down the disk associated with /Volumes/Macintosh HD
(mine was /dev/disk2s5)
Note: it's not "/", and it's not /Volumes/Macintosh HD - Data
c. Next, in Terminal, write: umount /Volumes/Macintosh\ HD
d. then: mkdir /Volumes/Macintosh\ HD
e. then: mount -t apfs -rw /dev/disk2s5 /Volumes/Macintosh\ HD
f. then: cd /Volumes/Macintosh\ HD/System/Library/LaunchAgents
g. then: rm com.apple.ManagedClientAgent.*
h. then: rm com.apple.mdmclient.*
i. then: cd ../LaunchDaemons
j. then: rm com.apple.ManagedClient.*
k. then: rm com.apple.mdmclient.*
l. then: csrutil authenticated-root disable (this will Turn off Signed System Volume SSV)
m. then edit the hosts file:
cd "/Volumes/Macintosh HD"
cd etc
echo "0.0.0.0 iprofiles.apple.com" >> hosts
echo "0.0.0.0 mdmenrollment.apple.com" >> hosts
echo "0.0.0.0 deviceenrollment.apple.com" >> hosts
echo "0.0.0.0 gdmf.apple.com" >> hosts
m. then lastly: bless --folder /Volumes/Macintosh\ HD/System/Library/CoreServices/ --bootefi --create-snapshot
(this will Save the current disk status in the boot snapshot. This is an important step otherwise on reboot your machine will discard these changes and load the original blessed snapshot which will reenable DEP and MDM)
n. Now you can restart your Mac: type reboot
DEP/MDM notification is now disabled. You can check with the command in terminal:
profiles status -type enrollment
which should return something like:
Enrolled via DEP: No
MDM enrollment: No
One last step, which may not be necessary from a recent post by brunerd on May 12, 2022:
Boot into recovery mode one last time and use terminal to execute the command
rm -r /Volumes/Macintosh\ HD\ -\ Data/private/var/db/ConfigurationProfiles/Settings
reboot
I believe you'll need to do this anytime there is a MacOS update you want to install, even a minor one like 12.5 -> 12.5.1, etc.