Table of contents

1. Remove a nonremovable MDM profile from macos, without a wipe
2. System Preferences
   1. CLI
      1. Open Pane In System Preferences
         1. most effective:
         2. but this works as well:

---

Remove a nonremovable MDM profile from macos, without a wipe

Non-removable MDM profiles cannot officially removed without doing a full system wipe.
This is a problem when you restore a system from Time Machine after you enrolled it into the MDM, as the MDM
will break, leaving you unable to re-enroll the machine.

1. Boot the Mac into Recovery Mode (hold down command+R during startup).
2. Go to the Utilities menu and open Terminal and type: csrutil disable. This will disable SIP (System Integrity Protection).
3. Reboot into the OS.
4. Open the integrated terminal and type:

      cd /var/db/ConfigurationProfiles
      rm -rf *
      mkdir Settings
      touch Settings/.profilesAreInstalled
   

5. Reboot.
6. Boot the Mac into Recovery Mode (hold down command+R during startup).
7. Go to the Utilities menu and open Terminal and type: csrutil enable. This will re-enable SIP.
8. Reboot into the OS.

The profile will be now removed and you will be able to re-enroll the Mac to your MDM.

System Preferences

CLI

Open Pane In System Preferences

• most effective:

      open "x-apple.systempreferences:com.apple.preference.security"
  

• but this works as well:

     open -b com.apple.systempreferences /System/Library/PreferencePanes/Security.prefPane
    (to find more preference panes, look at /System/Library/PreferencePanes)
  

The first one, though, offers the ability to open a specific tab on given pane as well.
This, for example, opens "System Preferences" -> Security & Privacy and then activates the Privacy tab:

   open "x-apple.systempreferences:com.apple.preference.security?Privacy"

---

Table of contents

• AppleScripts
• HomeBrew
• JavaOnMac
• QuickScripts
• ShortCuts
• UsersAndGroups
• Utilities
• ZSH