Hi folks, hoping someone can help but think it’s a longshot. Our Workspace One UEM was originally set up by an external company we no longer deal with, a year ago now. They set up the initial certificate for Workspace One to talk to our devices (APN’s for MDM).
We only got the notification of our APNs for MDM expiring last Friday evening and were in a bit of a frantic rush to get it renewed so devices didn’t lose connectivity to our MDM portal the next day. We tried to renew it with details we had on hand but unfortunately couldn’t do it with the original cert, and in trying to do so we revoked the original. Not great.
We’re now in a state where we have a new cert but all our (approx. 80) Apple devices have lost their connection to our MDM server. From reading it seems there’s nothing short of wiping the devices and re-enrolling from scratch to get them as managed devices again, which is less than ideal seeing as they’re deployed all around the country.
I’m wondering if you’ve ever come across a similar situation with DEP devices, and whether there are any options, e.g. trying to renew the expired certificate, or anything else?
I've tried doing a manual (Safari browser based) re-enrolment to see if it overwrites the old cert info with the new, but this fails.
Appreciate any help or wisdom anyone has.
Kinda out of luck, sadly. Since the MDM profile is locked into place and can't be removed manually. Only the registered MDM associated to the profile could remove it, but since you can't talk to it anymore, it's stuck. Wiping the device is your only real, safe recourse.