Share via

Cannot remove MDM profile from iPhone after removal from Intune

Anon Account 31 Reputation points
2022-01-19T19:39:22.87+00:00

I have a corporate issued iPhone that's controlled by a MDM profile via Intune. The company agreed to remove the MDM profile to let me have the phone as a personal device. They said they removed the phone from Intune. However, the MDM profile is still there. There's no option to delete it. I've tried the following:

  • Remove all managed apps and rebooted: MDM still there
  • Erase iPhone and restore from backup: MDM still there
  • Erase iPhone and use as new device: No MDM!

How can I remove MDM but still keep my existing data? The company hasn't done this before so they may have hit the wrong button. What should they do in Intune?

Microsoft Security | Intune | Configuration
Microsoft Security | Intune | Enrollment
0 comments
Accepted answer
  1. Lu Dai-MSFT 28,506 Reputation points
    2022-01-21T02:55:44.747+00:00

    @Anon Account Thanks for your update. From the information you provided, the iPhone is an ADE enrollment device.

    For ADE enrollment device, if the IT configure the setting "Locked enrollment" to "Yes" in the Apple enrollment profile, we can't remove MDM management profile manually in the iPhone.
    https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-ios#create-an-apple-enrollment-profile

    If we want to we want to completely remove an ADE device from management by Intune, it is needed to unsigned the device in Apple Business Manager.
    https://learn.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe#retire-an-apple-ade-device-from-intune

    Hope it will help.

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lu Dai-MSFT 28,506 Reputation points
    2022-01-20T04:46:18.953+00:00

    @Anon Account Thanks for posting in our Q&A. From your description, did you mean that the iPhone is removed from intune, but the MDM management profile still exists in the device? If there is anything misunderstanding, please correct me.

    To clarify this issue, we appreciate your help to collect some information:

    1. Which method did you use to enroll the iPhone before?
    2. From your description, I know that it is said that they removed the iPhone from Intune. Please make sure the iPhone doesn't show in the intune portal.
    3. Could you please try to remove the MDM management profile in Settings > General > Device management > Mangement Profile? If the profile is removed, the device is not managed by intune.

    For removing MDM, we usually use retire or wipe action. The wipe action restores a device to its factory default settings and it doesn't keep data. The retire action removes managed app data, settings, and email profiles that were assigned by using Intune, but it will leave the user's personal data on the device.
    https://learn.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe

    If there is anything update, feel free to let us know.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    2 people found this answer helpful.
  2. Bella Gorden 0 Reputation points
    2024-04-16T03:24:53.9966667+00:00

    In the Settings of your iPhone, you can check whether your device is still restricted to the MDM. Erasing all data and content on your device can delete the MDM profile when there is no option to remove MDM profile. If you choose the Restore from iCloud option on the device setup screen, the MDM profile will come back to your device. If you don't want to lose any data on your device, you can use an MDM removal.

  3. Yvonne Xio 0 Reputation points
    2025-07-31T08:04:01.98+00:00

    The MDM profile can persist even after being removed from the Intune portal if the device is still enrolled in the MDM system, potentially due to "Locked enrollment" settings configured by the IT administrator.

    You can contact the IT administrator or the organization that enrolled the device in Intune. They need to verify that the device is fully removed from their system. Alternatively, you can choose to remove MDM, which is easier and will not cause data loss.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.