How to remove a single iOS device from Mobile Device Management (MDM)


Article ID: 181204


Updated On:


Symantec Products




Enabling Mobile Device Management (MDM) will allow an administrator to perform specific remote functions to on-boarded iOS devices such as:

Remote data wipe
Device lock
Device password reset
Device password length and quality enforcement
In addition, administrators can create 'Device Policies' that will control access to applications and functions such as iTunes, Safari, Camera, Gaming and even Voice dialing.

The MDM Policy is enabled by Group association. In other words, if the account that is associated with the device you wish to remove MDM from is in a Group that has a device policy associated with it,  remove the user from that Group and add them to a Group that does not have a device policy association.

  If an administrator wishes to remove MDM from a single iOS device while retaining enterprise defined MDM settings to all other iOS devices, the following  steps must be taken:

From the Administrator Portal:

1) Access the iOS Device you wish to remove from the MDM Policy. (Click 'Devices' from the Admin Portal)   Note the name
 the Device policy that is enabled shown in the right pane. Also note
 username association with this device.

2) Access Users and then select "All Users" and select the user and
 the Groups that this user is a member of.

3) Access the Device Policy and click "Edit". You will see the Groups
 this Device policy is applied to.

4) Remove the user from the groups that this device policy is applied
 You can create a new group (one without an MDM policy apple) and move
 that user
 into this group.

5) Connect from device to App Center to force policy and configuration

6) The steps above will prevent a subsequent enablement of MDM
 on the device.

7) Lastly, from the device itself, manually remove the MDM App Center
 Profile. On iOS devices, this can be done by going to Settings > 
 General > 



Effects of removing MDM from an iOS device:

It is important to note that if you manually remove the MDM profile on an iOS device, any *MDM INSTALLED* apps  will be removed.
App Center can install native and webclip apps using the MDM protocol, when Device Management is enabled. Apps installed using this protocol will be removed when you remove an iOS MDM profile.
The App Center client (ADA) will not be affected.