Today I Learned

Remove a non-removable MDM profile from macOS without a complete wipe

Non-removable MDM profiles cannot officially removed without doing a full system wipe. This is a problem when you restore a system from Time Machine after you enrolled it into the MDM, as the MDM will break, leaving you unable to re-enroll the machine.

Here's how to remove a non-removable MDM profile

  1. Boot the Mac into Recovery Mode (hold down command+R during startup).
  2. Go to the Utilities menu and open Terminal and type: csrutil disable. This will disable SIP (System Integrity Protection).
  3. Reboot into the OS.
  4. Open the integrated terminal and type:
cd /var/db/ConfigurationProfiles
rm -rf *
mkdir Settings
touch Settings/.profilesAreInstalled
  1. Reboot.
  2. Boot the Mac into Recovery Mode (hold down command+R during startup).
  3. Go to the Utilities menu and open Terminal and type: csrutil enable. This will re-enable SIP.
  4. Reboot into the OS.

The profile will be now removed and you will be able to re-enroll the Mac to your MDM.

How to remove a VPN profile on a MDM enrolled macOS

Restoring from a Time Machine backup can create duplicate MDM VPN profiles.

To manually remove a profile on your macOS, follow these steps:

  • Go to System Preferences and select Profiles.
  • Delete the VPN profile, and enter the user password if requested.
  • Then, go to Network Connections.
  • If you see any connections which start with or include “VPN”, delete them.

Note

If the Button isn’t available,you have to use a terminal command to remove it. Open the integrated Terminal and type

networksetup -removenetworkservice "duplicateVPNProfile"

Prepare NuxtJS for static deployment

In order to deploy Nuxt as a static website you need to:

  1. Upgrade nuxt to 2.14.0
  2. Set target: 'static' in your nuxt.config.js
  3. Set fallback 404 page:generate: { fallback: '404.html' }
  4. Run nuxt generate

You then need to tell Nginx to properly handle slashes for subpages:


    location /.
    {
        # Remove trailing slash and redirect it
        rewrite ^(.+)/+$ $1 permanent;
        
        # Redirect index.html
        rewrite ^(.+)/index.html$ $1 permanent;
        
        # Serve folder path via index.html
        try_files $uri $uri/index.html =404;
        
        # Serve a custom static error page
        error_page 404 /404.html;
    }

Follow URL redirects from the Terminal

Sometimes you need to follow an url trough multiple redirects. I've created a simple script you can alias into your .bashrc or .zshrc file and then just use it as a regular shell command:

Add this line to .zshrc or .bashrc

# Follow URL
alias checkurl='_checkurl() { curl -v -L $1 2>&1 | egrep "^(> Host:|> GET|> Code|< HTTP|\* SSL)"}; _checkurl'

Then you can use it like so:

checkurl google.com

it will output this:

> GET / HTTP/1.1
> Host: google.com
< HTTP/1.1 301 Moved Permanently
> GET / HTTP/1.1
> Host: www.google.com
< HTTP/1.1 200 OK

Really useful when debugging URLs.