Time machine backup on mdm enrolled mac

[Jerome55b]

Hi Fellows,

My wife received a brand new MBP from her job (University).
Of course the device is mdm enrolled (didn't know this feature), tried to wipe it out by curiosity but everything get back in place as expected (enrollment request to servers during set up etc..).
Just to clear this out, i am totally ok with this as it's not our property, i also restored her personal Time machine backup on it and eveything runs smoothly.
My only question is if the next backups will also save some MDM files wich means that once i ll move to a new personal mac in few years and retsore this backup the new one will also embed this mdm set up.

I dont know if i made myself clear so don't hesitate dont ask me questions.

Thanks a lot

 

[Brian33]

I'm not an expert on MDM -- I have only read others' posts. But my understanding is that there's nothing stored in the filesystem that forces the MDM enrollment. This must be true because (as you have apparently found), completely wiping the internal storage of the Mac will not prevent the MDM enrollment.

Since Time Machine (to my knowledge) only backs up filesystem objects, it's hard to see how migrating from this machine's TM backup could force MDM enrollment on a future Mac. I don't think you have anything to worry about.

 

[Bigwaff]

i also restored her personal Time machine backup on it and eveything runs smoothly.

This is an unwise choice. You should reconsider installing personal files and software on a computer which is neither owned by you nor managed by you. In fact, the terms of use by your wife's employer may explicitly state this is not allowed, and using the device for personal use could be grounds for termination. Also, in my experience, MDM managed systems will eventually push a profile setting which disables Time Machine and/or connecting USB devices for data protection and security purposes.

 

[chrfr]

in my experience, MDM managed systems will eventually push a profile setting which disables Time Machine and/or connecting USB devices for data protection and security purposes.

There's nothing inherent in an MDM enrolled computer that'd eventually make this happen without the employer making a conscious decision to change that configuration. Of course, given that the computer is owned by the employer, they're free to set the policies on their own devices.

 

[Bigwaff]

There's nothing inherent in an MDM enrolled computer that'd eventually make this happen without the employer making a conscious decision to change that configuration. Of course, given that the computer is owned by the employer, they're free to set the policies on their own devices.

Yes, of course. I did not mean to imply otherwise. Thank you.

 

[Jerome55b]

This is an unwise choice. You should reconsider installing personal files and software on a computer which is neither owned by you nor managed by you. In fact, the terms of use by your wife's employer may explicitly state this is not allowed, and using the device for personal use could be grounds for termination. Also, in my experience, MDM managed systems will eventually push a profile setting which disables Time Machine and/or connecting USB devices for data protection and security purposes.

Thanks for your feedback, the files are mainly related to work and i am more concerned about privacy and safety but that's a good point. I ll try to make a bckup from the new Mac this weekend will see if it works or not.