Forum Discussion

RauschNauti's avatar
RauschNauti
Copper Contributor
Nov 12, 2021

Remote Management on iOS can be leaved

Hi together, 

 

i set up Intune for our Company (iOS Devices).

I set up Push Certifikate, Token for Enrpllment Program and set up the Profile for Registering.

On our Macbook i send the Device from Apple Configurator 2 to Apple Business Manager and change the MDM-Server to our Intune.

On the Enrollment Program i set up the Profile and selected the option "Locked Environment = Yes".

 

 

After sync the Device from Apple Business Manager to Intune my device will be set up with all the selected Policies. 

When i intsall the phone, the Remote Management Info is coming an everything works.

But when i will be uner Settings->General-> VPN/Remotemanagement i can delete the Remote Management.

By Removing the phone will be deleted and the Device will be deleted from the Business Manager.

Someone know how the Phone can be delete himself the  Device from Apple Business Manager? And why the Phone can be deleted? Someone know something about the Issue?

 

Thanks & Best Regards,

 

Philip

  • Mr_Helaas's avatar
    Mr_Helaas
    Steel Contributor

    Hi RauschNauti

     

    As i understand your question correct, you want to achieve that an user cannot remove the Intune management profile of their managed iphone? 

     

    To block the unenrollment you can change the following setting in the Intune portal 

     

    Intune portal -> Tenant Administration -> Customization -> Edit settings 

     

    Change hide remove button on corporate iOS/iPadOS Devices. The end user cannot remove management within the company portal.

     

    Also you have to set the following setting in a device restriction profile 
    Intune portal -> Devices -> configuration profiles -> Device restriction iOS

     

    Add block configuration profile changes.

     

     

    Please let me know if this fix your problem and mark my answer as a solution.

    Kind regards,

    René

    • RauschNauti's avatar
      RauschNauti
      Copper Contributor
      Hi Mr_Helaas,

      i found the Issue a few Days ago.
      The problem is when your company is registering the iOS Devices new with Apple Business Manager. When you are joining your Devices by yourself, there is a 30 Day Period, where the Device can be removed. After these 30 Days the delete Button for the Profile will diappear.

      Thanks to you.

      Best Regards,

      Phil

Resources