cancel
Showing results for 
Search instead for 
Did you mean: 

Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

Conversationalist

Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

This is more of a FYI.

 

We're deploying a large amount of iphones soon and they will be replacing the users current iphone.  Come to find out that apple released iOS 12.4 and has a new function to transfer your data to a new phone without using iTunes.  It'll do a direct phone to phone transfer.  It works pretty seamless, but there's one problem, it doesn't keep Meraki MDM profile during the process.  It does show the Meraki Profile being loaded during startup of the new phone, but once it starts transferring all of the data, the profile isn't in the phone.  Then I have to manually load SM on and enroll the device.  The Meraki dashboard will say its DEP and supervised after the enrollment.  But, doing this method, I'm able to remove the management profile from settings.  

 

https://9to5mac.com/2019/07/23/transfer-data-from-iphone/

 

Before iOS 12.4 was released, backup and restore via iTunes, the Meraki MDM profile couldn't be removed by the end user.  

 

 

5 REPLIES 5
Kind of a big deal

Re: Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

@Paul_CELP How is your DEP enrollment setup in Systems Manager? Are the devices added to that enrollment. I haven't done a direct phone transfer, but if your DEP enrollment is properly setup and allocated to the correct devices it should force them at the end of the transfer to enroll. You need to make sure that you are making enrollment mandatory and the MDM profile non-removable.

 

While I have never directly done so... I have worked with iCloud backups...

My recommendation to you is to get your folks in the habit of using iCloud backup and having it configured. Are phones are heavily restricted so they use little data and only the apps I push out so the 5gb isn't and issue for us. I know when I take a backup of phone "A" and restore it on phone "B" during setup phone "B" goes through DEP after that backup is restored.

Find this helpful? Click the kudos button. Thanks!
Conversationalist

Re: Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

My system manager is connected to my apple DEP.  

 

The enrollment is mandatory and non-removable, if you restore the phone from an itunes backup.  But have you tried the new iOS 12.4 with the wireless transfer method?  Try it and you'll see.  The phone can be DEP endrolled and supervised, and when using the 12.4 method, you can remove the profile.  Then when the user remove the profile, you'll see it in system manager that it has been removed.  

 

iCloud backup isn't an option now because most of our users have well over 5GB of data to transfer.

New here

Re: Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

I just did this last night and ran into same issue. Although, when i try to manually enroll (ie- use the QR code) i get "waiting for enrollment" spinning forever and it never enrolls. I have the app downloaded, but it isn't enrolling. It's an iPhone XR coming from an iPhone 8 using the phone to phone transfer. 

New here

Re: Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

To add on to this, i did a "reset all settings" on the phone, then tried again. This time i noticed there is a pop up that says "review profile downloaded in settings". I went to settings and found the profile. From there i hit "install". That has seemed to work. My phone now shows compliant, it shows up in the portal with proper settings. Note this is an iPhone Xr, not sure if that makes a difference. 

Conversationalist

Re: Transferring to a new iPhone with iOS 12.4, users are able to remove MDM profile.

The new phone-to-phone restore method did not work but restoring from iCloud does still work. At least from our initial findings.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels