Remove Mobile Device Management with NinjaOne

Mobile Device Management (MDM) solutions are critical for businesses to secure, monitor, and manage mobile devices such as smartphones and tablets. However, there may be times when device management needs to be removed, often referred to as deprovisioning devices. This can happen when an employee leaves the company, a device is retired, lost, stolen, or as part of troubleshooting device issues.

Deprovisioning Options

Remove mobile device management can be accomplished through three primary methods: DisownErase, and Delete. Each method has different implications for the device and its data, so it’s important to choose the appropriate option based on your specific needs.

Disown:

  • Applies to: Apple devices enrolled through Apple Business Manager (ABM) only.
  • Effect: Removes all device information from the NinjaOne database, deletes the enrollment profile from the device, and removes the device from the ABM portal. This is a complete removal of the device from your management.

Disowning a Device

The “Disown” action is available exclusively for company-owned Apple devices enrolled via Apple Business Manager (ABM). Disowning a device removes it from your NinjaOne console and erases its data, but the device itself remains enrolled in ABM.

Erase:

  • Applies to: Both Apple and Android devices.
  • Effect: Deletes the enrollment profile from the device but retains device information in the NinjaOne database. This allows for re-enrollment without needing to re-enter device details.
  • Apple: Completely wipes the device and all its contents, requiring it to be set up again as a new device. This deletes all data, including apps, photos, and files, whether the device is personal or company-owned.
  • Android: Removes the work profile on personally owned devices or factory resets the device (removing all data) on company-owned devices.

Erasing a Device

To erase a mobile device from NinjaOne, follow these steps:

1. Access the Device Dashboard: Navigate to the device dashboard by going to “Dashboard” > “Organization” > “Device” and click the “Play” icon next to the target device’s name.

2. Initiate Erase Action: In the device management section, locate and click on “Security Actions” and then select “Erase Device.”

Initiate Erase Action

 

3. Configure Erase Options (if applicable): If you need to wipe the device’s external storage, select the “Wipe External Storage” option. This option may not be available for all devices.

Confirm Erasure

4. Confirm Erasure: To prevent accidental data loss, you will be prompted to confirm the erasure by entering your NinjaOne account email address.

Delete:

  • Applies to: Both Apple and Android devices.
  • Effect: Removes the device from NinjaOne and deletes the enrollment profile from the device. All information is removed from the NinjaOne database, but ABM devices will retain division and organization information in ABM.
  • Supervised Apple devices: Performs a device wipe.
  • Unsupervised Apple devices: Removes the MDM profile and configurations without wiping the device.
  • Android: Factory resets company-owned devices (removing all data) or removes the work profile on personally owned devices.

 Deleting a Device

NinjaOne administrators with the appropriate role and account permissions can delete devices from the NinjaOne console. This action removes the device and its associated information from your management system. Note that a device can be deleted whether or not it has been erased.

To delete a device, use one of the following methods:

Device Search Grid:

  1. Navigate to “Devices” in the NinjaOne console.
  2. Locate the target device in the search grid.
  3. Activate the checkbox to the left of the device name.
  4. Click “Delete” under the search filter.

Device Search Grid

Device Dashboard:

  1. Go to “Dashboard” > “Organization” > “Device“.
  2. Open the “Settings” tab.
  3. Click the trash can icon in the top right corner.

Device Dashboard

 

FAQ

Remove device management means to revoke MDM control over a device. This involves removing the MDM profile and any associated configurations, policies, or restrictions that were applied to the device through the MDM solution. It also revokes access to corporate applications, resources, and data, which is particularly significant for personally owned Android devices due to the typically lower level of control implemented on these devices.

Yes, MDM can be removed permanently. This is typically done by administrators using the MDM solution itself, which provides tools and procedures for removing devices from management. In most cases, a factory reset of the device may also be necessary to completely remove all MDM configurations.

It’s important to emphasize that unauthorized removal of MDM from corporate devices is usually prohibited and may violate company policies.

In most cases, a factory reset will remove MDM control. However, MDM is often deployed with an out-of-box provisioning solution such as Knox Mobile Enrollment, zero-touch, or ADE, which will automatically re-enroll the device into management after a reset. To ensure a device is fully and completely removed from MDM management, it must be removed from both the MDM system and the appropriate provisioning solution.

Next Steps

×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.