I have two MacBooks that I acquired through two different startups. Both companies no longer exist and I was basically given the laptops. (They have just been sitting in my closet for a few years collecting dust, and it seems like a waste.)

Unfortunately, now that I want to use the laptops as part of a local k8s cluster (or even dedicated music production hardware), I am locked out of wiping the things because they want to connect to MDM servers that no longer exist or have admin passwords that have long since been forgotten.

Since these laptops are essentially “bricked” I have no problems opening them up and attempting hardware hacks to get around this stuff.

Both laptops are in various states of reset or wipe due to previous attempts to reset. (Funny thing, actually. I was personally responsible for locking down one of these laptops at the time they were in corporate use…)

Trash or treasure? I dunno. I am apple-dumb.

  • schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    7
    ·
    23 days ago

    …maybe?

    It depends on Intel/Mx and what version of OS X was installed.

    If you google ‘mdm profile removal’ you’ll land on a LOT of options that may or may not work depending on how old these laptops are and what exactly was configured, how, and what options you have re. version of OS X installed.

    • remotelove@lemmy.caOP
      link
      fedilink
      arrow-up
      1
      ·
      23 days ago

      One is a model “A1989” and another is “A2159”, both of which are at least from 2018.

      I believe I got them to a state where the recovery OS was re-installed? I am charging them now to get more information.

      • schizo@forum.uncomfortable.business
        link
        fedilink
        English
        arrow-up
        8
        ·
        23 days ago

        Cool, cool. I know there’s some issues with Apple Silicon being somewhat uncooperative with removing MDM in a way that Intel ones aren’t, so you don’t need to deal with that at least?

        I’ve used https://github.com/assafdori/bypass-mdm before and it DID work, but it’s been a while.

        Might be worth trying since it’s stupidly straightforward and you’re wiping and reinstalling stuff anyways.

        • remotelove@lemmy.caOP
          link
          fedilink
          arrow-up
          3
          ·
          23 days ago

          Rock on, I’ll give it a shot. Thanks!

          From personal experience, these kinds of things are usually based on “security by obscurity” and is just a matter of pushing the right buttons in a specific order.

          Unless hardware fuses are physically blown, there is usually a chance. While possible, I don’t think any laptop manufacturer would implement that functionality without an expensive, special order contract.

          • schizo@forum.uncomfortable.business
            link
            fedilink
            English
            arrow-up
            4
            ·
            23 days ago

            Yeah, this feels more like keeping Debby from accounting from stealing her work laptop and thus making it useless for MOST people, while not making it a total unrecoverable brick, since they very much could if they wanted to.

            • remotelove@lemmy.caOP
              link
              fedilink
              arrow-up
              4
              arrow-down
              1
              ·
              22 days ago

              Eyyy! One mac down, one to go.

              It was just a shame to have this spare compute just sitting around and am glad it has avoided the recycling bin for at least another 4-5 years. (I don’t like throwing electronics away. I’ll even harvest components off of old stuff before it gets tossed, usually.)

  • Optional@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    23 days ago

    I mostly fool around with older macs but if they’re Intel, can’t you just boot from a USB and then turn off system integrity protection and wipe the drive?

    • fourish@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      22 days ago

      If they’re properly locked down the option to boot another from another device or even the recovery drive will be locked behind a password. It’s like it’s been bios locked on a PC but rather than being stored with a battery it’s saved into the physical chip which would need to be removed and either replaced or reflashed.

  • mmmmmsoup@lemmy.today
    link
    fedilink
    English
    arrow-up
    3
    ·
    21 days ago

    You need to contact whoever used to maintain the ABM and tell them they haven’t properly shut it down yet. Or if they can provide you the invoice for that serial number. Otherwise they are just bricks