i_dont_know t1_j6mwuwy wrote
This is more a problem with companies not properly managing their Macs with an MDM than an issue with Activation lock.
Jamf, Mosyle, Addigy, Intune, Meraki, etc all have the ability to release an activation lock when wiping a Mac.
And I find it hard do believe that a company managing 3000 Macs doesn’t use an MDM.
panteragstk t1_j6ow37y wrote
Dude. You have no idea how many companies don't properly manage things. It's astonishing how backward so many company IT departments are.
DasDunXel t1_j6p1yor wrote
Bingo. It doesn't take much time to release a Mac from your DEP & MDM. There are several used Mac buyback companies and if you are doing 2-4 year rotation. You can easily get $50-500 depending on a lot of things.
Easiest option? Set a flat price on a make/model and offer the employees a buy back of their own device as is. You be surprised how many people will buy a 3+ year old MacBook pro for $400-600 USD. And how many people take better care of their work laptop during those 3+ years of service knowing they could eventually own it personally.
LethalMindNinja t1_j6pguz3 wrote
The idea of letting an employee know there will be a buyback option and a pre decided price on their work laptop is actually a genius way to encourage them to take care of it better.
Shavethatmonkey t1_j6naks1 wrote
Boeing wasn't using one a couple years ago.
redvelvetcake42 t1_j6pav99 wrote
Just left a company with over 9000 devices total and they had JUST implemented an MDM per my recommendation on 2022. It's a multi billion dollar company. Execs still don't get it.
pm_me_your_buttbulge t1_j6pdo71 wrote
> And I find it hard do believe that a company managing 3000 Macs doesn’t use an MDM.
Oh my sweet summer child. Companies still rely on some Windows machines that are older than some people who can fucking vote.
Companies can be cheap and unless they absolutely need to manage 3k Macs with MDM then there's no need to invest the money in that effort.
You may be fooled into thinking "it doesn't take much to manage.." - until it's about 30 minutes worth of effort to go from beginning to push out to all devices and have it installed - it does take "much". Installing profiles alone takes a fair amount of work.
I've had IT managers keep excel fucking spreadsheets of users passwords in plain text.
If you find it "hard to believe a company managing 3k Macs doesn't use MDM" then you have not worked in the tech field long enough to see just how lazy or cheap companies can be.
I've worked from extremely intelligent and efficient companies to those I wouldn't feel comfortable with HR having any personal information from me.
Power_Stone t1_j6npa9f wrote
A lot of these PCs are normal consumer computers that were improperly wiped when sold or stolen devices with activation lock. Either way its still e-waste and a huge issue.
Mission_Banana6187 t1_j6mym2g wrote
But they are all terrible and don’t work half the time.
igooverland t1_j6n8s3u wrote
We manage almost one thousand Macs and haven’t had any issues with Jamf on managing activation lock.
Mission_Banana6187 t1_j6n9mjm wrote
My experience is exclusively with iPads. I've found that it's much easier to include erasing in our offboarding process, or to send proof of purchase to Apple for remote unlock.
igooverland t1_j6n9zxn wrote
We manage iPads and iPhones as well and it also works quite well for us.
Mission_Banana6187 t1_j6ne9s7 wrote
Have you seen any improvement with Jamf over the last couple years? I stopped using any MDM two or three years ago. I just found that I had about a 50% success rate pushing an unlock command to a supervised iPad. Supervision itself wouldn't take sometimes, but that might've been me not keeping my Apple accounts straight. Also things like apps not installing, or the device wigging out when installing apps right after installing the profile. I'd love it if I could go back to using something like Jamf, but with the cost and managing certificates and such it seemed like far more trouble than it was worth.
igooverland t1_j6njmfz wrote
In my two and a half years at this job I recall sending a device back to Apple for unlocking only once, and it was due to human error. They accidentally deleted the device from Jamf before unlocking it.
Our devices come from our vendor already pre-enrolled with Apple DEP. So we just have to boot them and run the new account set-up and after that Jamf takes over and enables all the settings and installs all the apps.
LowJolly7311 t1_j6na2x6 wrote
As an Apple MDM expert, this is a ridiculous statement.
i_dont_know t1_j6n9f6a wrote
I primarily use Mosyle, and I find it works very well. And I work with other companies as an IT consultant that have no major problems with Jamf.
Youvebeeneloned t1_j6olki5 wrote
Bullshit.
Have used Intune, JAMF, Apples own MDM server, and MUNKI... if they "dont work" you are 100000% doing it wrong, which over the last 25 years of IT work with a good 16 years of that being endpoint management with a particular focus on MacOS to AD integration and management... without a doubt it is almost always people who dont know the tools and not the tools not working.
Which is hilarious given how much Apple stupid proofs things like enrollment, offboarding, MDM management etc.
Hell its not like its "new tech" the features that eventually morphed into Activation Lock have existed within the MacOS and iOS since 2012... targeted explicitly towards Enterprise management.
Viewing a single comment thread. View all comments