Remove a non-removable MDM profile from macOS without a complete wipe

Non-removable MDM profiles cannot officially removed without doing a full system wipe. This is a problem when you restore a system from Time Machine after you enrolled it into the MDM, as the MDM will break, leaving you unable to re-enroll the machine.

### Here's how to remove a non-removable MDM profile
1. Boot the Mac into Recovery Mode (hold down command+R during startup).
2. Go to the Utilities menu and open Terminal and type: `csrutil disable`. This will disable SIP (System Integrity Protection).
3. Reboot into the OS.
4. Open the integrated terminal and type:

```bash
cd /var/db/ConfigurationProfiles
rm -rf *
mkdir Settings
touch Settings/.profilesAreInstalled
```
5. Reboot. 
6. Boot the Mac into Recovery Mode (hold down command+R during startup).
7. Go to the Utilities menu and open Terminal and type: `csrutil enable`. This will re-enable SIP.
8. Reboot into the OS.

The profile will be now removed and you will be able to re-enroll the Mac to your MDM.

Zeno Popovici
26 May 2021