Meraki

Community

Info: Using the profiles command on a Mac

PaulF
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎May 26 2022 2:56 AM
‎May 26 2022 2:56 AM

Info: Using the profiles command on a Mac

Hi All.

 

At the command line on a Mac is a command, which can fix two different issues

 

1. If you get an error like this

ERROR] MDM_Connect: Unable to create MDM identity from persistent reference: -25304 (The specified item is no longer valid. It may have been deleted from the keychain.) for profile: MDM Profile.....

 

2. If you've assigned the wrong DEP profile to a Mac and want to change it, or if you want to make an non removable MDM profile removable, or vice versa

 

NOTE: This is quite a powerful command, so be careful

 

This command will essentially re-enroll a DEP Mac, refreshing management profiles (can be useful for expired certificates, especially SCEP certs). If you've made an changes to your DEP profiles, and assigned a new one to this Mac, it will get whatever new capabilities you've enabled.

 

Open the Terminal App

 

Type:

 

sudo profiles renew -type enrollment

 

You'll be prompted for your Mac password

 

You'll notice a notification in the top right of the screen:

 

Screen Shot 2022-05-26 at 09.42.24.jpeg

 

Click Update

 

Systems Preferences should now open:

 

Screen Shot 2022-05-26 at 09.42.33.jpeg

 

Clicking Update will now re-enroll the Mac

 

I hope that this is useful. As mentioned, it fixed a broken enrollment for me, but also allowed me to change the "removable" status as well.

 

Labels:
0 Kudos
1 Reply 1
Inderdeep
Kind of a big deal
‎May 26 2022 4:35 AM
‎May 26 2022 4:35 AM

@PaulF : awesome

Cisco Awarded Blogs 2020/2021 https://www.thenetworkdna.com/
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.