How to recover a device which has lost connection to the MDM server?

Description

Managed iOS devices might lose connection with the MDM server due to various reasons like

  • Restriction on wifi ssid that prevents the devices to connect to wifi that are not distributed by MDM
  • Global HTTP proxy restriction that routes the internet traffic on the devices through a single proxy
  • A device in lost mode loses connection to the internet
  • A device locked into kiosk mode loses internet connection. Follow the steps given here to remove device from kiosk mode.

When the device loses connection with the MDM server, no action performed on the server will reach the device which essentially makes the device unmanaged. Follow the steps given below to recover such unmanaged devices mannually

Steps

iOS Devices

To recover these device, we need to use Apple Configurator on the Mac machine that is already trusted by the mobile device

  1. Install Apple Configurator on a Mac machine.
  2. Connect iOS devices to the Mac machine using a USB cable.
  3. Open Apple Configurator on the machine.

The first step will be to try and restore connection with the MDM server by pushing a wifi profile to the device using Apple Configurator:

  1. Click on File and select New Profile .
  2. Enter the wi-fi details to which the device should connect to.
  3. Save and Add the profile to the blueprint.
  4. Apply the blueprint to the device.

If the device is still unable to connect to the MDM server, we can manually remove the device from management and re-enroll the device

  1. The connected device will be listed out. Control-click the device name and click Remove and select Profiles.
  2. Select MDM profile and delete it.

Once the profile is removed the device will be unmanaged, you can re-enroll the device for management.

In case you have applied profiles on the device that restrict the device from connecting to other devices, then the device will have to be reset by putting it in Recovery Mode.

Android Devices

To recover the device, Device Administrator must be revoked from the device, this can be done by following the steps given below:

  1. Click to open the MEMDM app on the device
  2. Tap 4 times on the top pane where the app name is displayed
  3. You will be prompted to enter the Revoke Administrator password available on the server
  4. This will revoke Device Administrator from the device

The device can be re-enrolled once the server connectivity issues have been fixed.