Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save lucasmenares/e3dfe5d76a0ad24663d88102cb4dde3d to your computer and use it in GitHub Desktop.
Save lucasmenares/e3dfe5d76a0ad24663d88102cb4dde3d to your computer and use it in GitHub Desktop.
Disable Device Enrollment Program (DEP) notification on macOS Sonoma/Ventura (Apple Silicon Chips)

This worked for me on M1 Pro 2021 with MacOS Ventura, original method was for Big Sur but I changed it using a different type of domain block since the old method doesn't work anymore:

First of all, if you want to trigger the notification you can use this command: sudo profiles show -type enrollment

Now we will start. First block your Mac from reaching the domain iprofiles.apple.com. For this you can use your hosts file like:

echo "0.0.0.0 iprofiles.apple.com" | sudo tee -a /etc/hosts

or blocking them from your firewall.

Then, I checked the current enrollment profile:

sudo profiles show -type enrollment

This will show you the current enrollment configuration your Mac has, you can even block the domain mentioned in ConfigurationURL just to be safe, example:

echo "0.0.0.0 yourDomainMentionedInConfigurationURL" | sudo tee -a /etc/hosts

After that, I proceed to delete the profile, in my regular session, not recovery, although it would probably also work in recovery:

sudo profiles remove -all

Keep in mind that this command will delete all other profiles you may have, in my case, I didn't have any more.

Finally, you can check for the enrollment profile again. I would get an error saying that it could not retrieved given that I blocked the domain from where it's retrieved:

sudo profiles show -type enrollment
Error fetching Device Enrollment configuration: (34000) Error Domain=MCCloudConfigurationErrorDomain Code=34000 "The device failed to request configuration from the cloud." UserInfo={NSLocalizedDescription=The device failed to request configuration from the cloud., CloudConfigurationErrorType=CloudConfigurationFatalError}

And the notification is gone for good, hope it helps!

@Pedro147
Copy link

Pedro147 commented Aug 7, 2023

Hi not sure if you guys can help but here is my story of woe. (thanks Apple) I buy, sell and fix Macbooks and in April I bought an A2337 Macbook Air M1. From memory it had an OS on it but I wiped the drive and did a clean install. Pretty sure I would have changed the security setting to allow booting from external drive too as I normally do. I hate the restrictions that Apple imposes in the name of security. No hint of any iCloud lock or any MDM nonsense. Sold it to a guy and the other day, after having used it for three months, his touchID stopped working so he did an OS update. Out of the blue it locked showing this screen https://i.imgur.com/fFzxkow.jpg To me it looks more like an EFI lock but it mentions organisation which to me seems like a MDM? I used a Sickw paid service and it shows no iCloud lock but indeed it has an MDM lock https://i.imgur.com/utcflpv.jpg How can this be after three months of having no sign of an MDM? Can anyone offer any suggestions please? Thanks

@mbitamuziya
Copy link

DAMMMMMMNNN!!!!!! Worked like a charm. Well, I hope it's gone for good.
This worked on MacBook M1 2020 MacOS Ventura with the first 3 commands.............

@cameronwilson99
Copy link

I’ve been working on this and restarting and erasing everything over and over, and I’m stuck on my terminal saying that the profiles command isn’t found?

@Kaus1kC0des
Copy link

Hi thanks for sharing, this works like a charm! Could yoy please let me know if this would work for macOS Sonama?

@lucasmenares
Copy link
Author

Hi thanks for sharing, this works like a charm! Could yoy please let me know if this would work for macOS Sonama?

It does work on macOS Sonama

@godkat
Copy link

godkat commented Jan 24, 2024

It generally works.
But I found one problem: if the Mac is connected to the internet via iPhone tethering over cable, it does not work.
/etc/hosts seems to be ignored in this case.
If I disconnect my iPhone and connect the Mac to WiFi, it works as expected.
Just be aware of this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment