Jun 14 2021 03:06 AM
Jun 14 2021 03:06 AM
We have setup a few tenants with VPP tokens and apple business manager integration with intune. Using ABM integration with intune is excellent to provision iphones - expecially when you purchase these iphones anywhere and using apple configurator to prepare.
We have had three calls in the last 1-2 weeks where users have woke up and they found that their apple iphone seems to have factory reset. They are prompted with Hello! either the user restored fromm backup or went through the process of setting up the iphones again. The three cases are as follows:
iphone 7, ios 14.X, provisioned via ABM/Intune, corporate apple id
iphone 12, ios 14.X, provisioned via ABM/Intune, corporate apple id
iphone 7, ios 14.X, enrolled via company portal app, non-corporate apple id
none of them entered the pin incorrectly to initiate the automatic reset
are there any log files we can review?
Jun 21 2021 01:55 AM
Jun 21 2021 02:01 AM
Jun 21 2021 02:02 AM
Jun 21 2021 02:07 AM
Jun 21 2021 02:45 AM
Jul 16 2021 04:28 PM
Having been working with Apple DEP (now ABM) for the last 3 years, I can tell you that I have not seen any instance of a user reporting a device wipe / factory reset after an iOS update, Self-installed or MDM console pushed.
I can tell you that after an auto-update install for iOS, the user can get to the Hello screen, and go through some of the setup screens, but it always gets them back to their device with their apps.
Did the user go through the same 'SetUp' screens you have configured in InTune for your ABM / InTune integration?
If you have configured 6 items to 'Don't Skip' for the InTune MDM Profile and the user did not receive all 6, the device was not fully wiped.
Or, even simpler, did they see the 'Remote Management' screen?
Yes: The device was wiped.
No: The device was not wiped.
A full device wipe will reset everything, and the phone will start fresh and check with Apple Servers to 'Activate' the device.
If only 3 users out of a large deployment are experiencing this, I generally find that the reporting users did something different, or are not reporting the issue correctly. It may seem to have been wiped, but it wasn't really wiped.
Answer to your questions about the logs:
Logs to review: for MDM console issued device wipe, you already mentioned that you checked. An Admin initiated wiped will show the admin username and the 'MDM Break' entry in the log on the day that the user reported it happened.
Also, does the Enrollment date in the console match the reported 'wipe' date?
Device logs: Given that you are using ABM and AC2, I assume these are company owned devices. If you can get physical access to the devices, you can install Xcode on your Mac.
Click on Window
Click on Device and Simulators
Allow the device to Trust the Mac (enter passcode on device)
Click on View Logs
If you see logs with a date prior to the date the user reported the wipe, then, the device was not wiped.
Hope this helps to first of all, determine if the devices were actually wiped.
Jul 20 2021 01:23 AM