Skip to main content
Sign in

macOS Device Re-Enrollment

Tristan Rodeback
  • Updated

All D93-owned MacBooks are managed through Microsoft Intune via Automated Device Enrollment (ADE). These devices receive configuration profiles that control security settings, applications, certificates, and access to wireless resources.

In some cases, Intune enrollment profiles or device management settings may become out of sync or corrupted. When this occurs, the most reliable remediation step is to trigger a full MDM re-enrollment from the device using Terminal. This forces the Mac to refresh its Intune enrollment and re-download all assigned configuration profiles.

The device must remain powered on and connected to the internet during the process

You must run this as an administrator of this device. The Terminal password & the Microsoft login needs to be the primary user of the device.

You must complete this process all the way through. If this process is started but not completed (for example, the Microsoft sign-in or multi-factor authentication prompt is dismissed or not finished), the device will remain on its existing Intune enrollment state. Updated policies, certificates, or configuration changes will not be applied until enrollment is successfully completed.

How to Re-Enroll the Device

1. Open Terminal

You can open Terminal in either of the following ways:

Press Command (⌘) + Space, type Terminal, and press Enter
Or navigate to:
Applications → Utilities → Terminal

2. Run the enrollment renewal command

In Terminal, enter the following command:

sudo profiles renew -type enrollment

When prompted:

Enter the administrator password (note: no characters will appear as you type)
Press Enter to continue

3. Complete the enrollment prompt

A system prompt will appear requesting to update or re-establish device management. This will open the macOS System Settings.

4. Sign in with Microsoft credentials

A Microsoft sign-in window will appear:

Sign in with your organizational account
Complete multi-factor authentication (MFA) if prompted


After authentication:

The Mac will re-establish its Intune enrollment
All assigned configuration profiles will begin reinstalling automatically. This includes program re-installs, and network configurations. 

This process may take up to 15 minutes to fully complete after sign-in and authentication.

Important Notes
Some applications or profiles may require a logout or restart after re-enrollment
If profiles do not appear after 15–20 minutes, manually trigger a sync via Company Portal or restart the device

First-Time Sign In

If this is your first time opening Company Portal on this device:

  • Open the Company Portal app from your Applications folder.
  • Sign in using your full @d93.k12.id.us credentials.
  • Complete the Multi-Factor Authentication (MFA) prompt if requested.

After sign-in, you may have to choose a device category, in this case choose MacBook from the dropdown menu. 

Once signed in, select your device and click Check Status (or Sync) to pull the latest configurations from the cloud and apply them immediately.

 

 

Comments

0 comments

Article is closed for comments.